HindustanTimes Sat,20 Sep 2014

PRISM-Lite: India also uses US-type cyber monitoring

Pramit Pal Chaudhuri, Hindustan Times  New Delhi, June 13, 2013
First Published: 00:01 IST(13/6/2013) | Last Updated: 02:47 IST(13/6/2013)

A malware attack was launched against the closing ceremony of the Commonwealth Games in October 2010. Indian cyber security snoops traced it to a computer in an Ashoka Hotel VIP suite, and switched off the machine. “This was one of the 8,000 such attacks made against the Commonwealth Games infrastructure,” said informed sources.


India has largely finished rolling out a revamped cyber security structure for the country, covering not only surveillance but also duller aspects like laws and administration.

India’s cyber security programmes also use metadata-based systems like the recently exposed US National Security Agency’s PRISM system. “We are into metadata usage,” said a source. Such programmes do not snoop into the contents of electronic communication. They search for patterns in the manner emails, phone calls and SMSes are sent and delivered. “We don’t get into individual emails.”

India’s metadata system’s name and technical specifics are unknown.  But it is much simpler than the US one.

It does not store and analyse communications in anything as detailed a fashion as PRISM. It is run by the telecom department and the Computer Emergency Response Team, not the intelligence agencies.

“Our system does not collect specific data, not even names,” said a source. “If we go into individual emails, we have to seek legal permission.” The limits to such surveillance are laid out in the amended Information Technology Act.

The plan is to let the present cyber security framework function for 2-5 years, allowing the government to “learn lessons” on how to improve it. With 15 states and many government bodies having set up cyber security panels, much of the administrative backbone is in place. The main concern is the poor cyber security awareness in the broader population. There are hopeful signs: gets 100,000 hits a day.

“It is not possible to ensure 100% security,” say sources. “But no cyber intrusion has been able to compromise the country’s national security yet.”

“Other governments regularly check us out with cyber attacks, check out our systems, attempt intelligence acquisition…they test to see how good we are.” Why else attack the infrastructure of the Commonwealth Games, sources noted, something of no practical use.

Will India develop a cyber offensive capacity? Notably, the new structure does not include regulations limiting what India can do in the cyber realm outside its borders.

more from New Delhi

AAP accuses Jung of stopping them to send J-K aid

AAP on Friday accused LieutenantGovernor Najeeb Jung of preventing its MLAs from sending relief package to Jammu and Kashmir by "raising an objection" to the transfer of Rs 20 lakh from the funds of each of its 27 legislators to Jammu and Kashmir CM fund.

Most Popular
Copyright © 2014 HT Media Limited. All Rights Reserved