Advertisement

HindustanTimes Sat,20 Dec 2014

PRISM-Lite: India also uses US-type cyber monitoring

Pramit Pal Chaudhuri, Hindustan Times  New Delhi, June 13, 2013
First Published: 00:01 IST(13/6/2013) | Last Updated: 02:47 IST(13/6/2013)

A malware attack was launched against the closing ceremony of the Commonwealth Games in October 2010. Indian cyber security snoops traced it to a computer in an Ashoka Hotel VIP suite, and switched off the machine. “This was one of the 8,000 such attacks made against the Commonwealth Games infrastructure,” said informed sources.

Advertisement

India has largely finished rolling out a revamped cyber security structure for the country, covering not only surveillance but also duller aspects like laws and administration.

India’s cyber security programmes also use metadata-based systems like the recently exposed US National Security Agency’s PRISM system. “We are into metadata usage,” said a source. Such programmes do not snoop into the contents of electronic communication. They search for patterns in the manner emails, phone calls and SMSes are sent and delivered. “We don’t get into individual emails.”

India’s metadata system’s name and technical specifics are unknown.  But it is much simpler than the US one.

It does not store and analyse communications in anything as detailed a fashion as PRISM. It is run by the telecom department and the Computer Emergency Response Team, not the intelligence agencies.

“Our system does not collect specific data, not even names,” said a source. “If we go into individual emails, we have to seek legal permission.” The limits to such surveillance are laid out in the amended Information Technology Act.

The plan is to let the present cyber security framework function for 2-5 years, allowing the government to “learn lessons” on how to improve it. With 15 states and many government bodies having set up cyber security panels, much of the administrative backbone is in place. The main concern is the poor cyber security awareness in the broader population. There are hopeful signs: secureyourpc.in gets 100,000 hits a day.

“It is not possible to ensure 100% security,” say sources. “But no cyber intrusion has been able to compromise the country’s national security yet.”

“Other governments regularly check us out with cyber attacks, check out our systems, attempt intelligence acquisition…they test to see how good we are.” Why else attack the infrastructure of the Commonwealth Games, sources noted, something of no practical use.

Will India develop a cyber offensive capacity? Notably, the new structure does not include regulations limiting what India can do in the cyber realm outside its borders.


Advertisement
more from New Delhi

Delhi: Schools on alert after Peshawar

The terror attack that killed over 130 students in Pakistan’s Peshawar has jolted city schools into taking all possible measures to tighten security in and around their campus. Many schools reported a drop in attendance after the attack.
Advertisement
Most Popular
Advertisement
Advertisement
Copyright © 2014 HT Media Limited. All Rights Reserved