India sets a new framework against cyber threats that could prove to change the landscape of cybercrimes in the country

The long awaited decision about India and it’s cyber policies have received a consensus. India announced on Wednesday its first and biggest framework to protect itself from cyber attacks, data theft and other virtual vulnerabilities threatening its national security.

The Union cabinet has approved the ‘National Security Directive on Telecom Sector’ in view of the alarming magnitude of cyber threats to India, official sources said.

The IANS, in an exclusive report, had recently exposed India’s vulnerabilities in the cyber space. India is amongst the top three countries in the world with highest number of cyber-attacks. In 2019, India faced around four lakh cyber attacks as monitored by the Indian Computer Emergency Response Team (CERT-In).

Government entities and businesses have faced around seven lakh cyber attacks facing a totalled loss of Rs.1.24 lakh crore to cyber crimes. The crimes range from Data and identity thefts to National security. This was reported by the Ministry of Electronics and Information Technology (MeitY) to the Parliament.

The most vulnerabilities are due to interconnected networks and devices. Compromised hardware and software components of telecom networks are also key reasons.

According to the office of National Security Advisor Ajit Doval, with the increasing use of Internet of Things (IoT) devices, the risk will continue to increase manifold and the advent of 5G technology will further increase the security concerns resulting from telecom networks. Maintaining the integrity of the supply chain, including electronic components, is also necessary for ensuring security against malware infections.

Telecom is also the critical underlying infrastructure for all other sectoral information infrastructure of the country such as power, banking and finance, transport, governance and the strategic sector. Security breaches resulting in compromise of confidentiality and integrity of information or in disruption of the infrastructure can have disastrous consequences.

Sources said that in view of these issues, the NSA office had recommended a framework — ‘National Security Directive on Telecom Sector’, which will address 5G and supply chain concerns.

Under the clauses of this new initiative, in a bid to maintain the integrity of the supply chain security, the Government will declare a list of “Trusted Sources/Trusted Products” that will be of use to the Telecom Service Providers (TSPs). The designated authority for the same will make an official list headed by the Deputy NSA. Relevant industry members will be employed in the committee to share their expertise on the matter.

The policy will be put in place after 180 days from the date of approval.