In early December, the department of telecommunications (DoT) issued a directive to all mobile telecom operators instructing them to take government approval before purchasing any equipment. The operator has to apply to DoT, and must wait for 30 days before purchasing the equipment—within this time DoT will notify the operator of objections, if any. To give legal credence to the move, DoT has included this as a condition for the licence for the operators.
This move is primarily seen as a working step to control the rapid deployment of Chinese equipment in the telecom networks in the country, although it will have its impact on the existing Western suppliers also. Security agencies were toying with the idea of banning Chinese telecom equipment manufacturers such as Huawei and ZTE from offering their network equipment to Indian telecom operators—this move was opposed by the operators.
This fear around Chinese equipment has been growing in India for some time. A few other countries where Chinese equipment was replacing Western or local wares also echoed similar fears. Chinese equipment has been popular primarily because of massive price considerations—cheap Chinese goods can put everybody else out of business.
Telecom network expansion in India is still on a strong footing and it remains to be seen if this new governmental move will bring in any kind of hindrance. Prima facie, it seems not; although cost considerations definitely have an impact.
However, since telecom is a security-sensitive sector and since there are growing fears around Chinese equipment across security quarters, the move isn’t something really harsh. Given India’s geopolitical situation and the growing Chinese influence in the region, and also given the pace at which the Chinese are marching in the digital battlefield, this is something that should be done by DoT. Still, on a more proactive scale, the operators have to ensure, along with DoT, that the network topology and connectivity have all the security measures in place so that the servers can’t be remotely managed and, hence, compromised.
Equipment itself is not able to communicate unless it is set and identified in the network, and the network management and security tools are able to understand if the integrity and confidentiality of the system is intact. So it is important for the operators, DoT and the security agencies to not only understand the equipment but also have a check on network configuration and functioning. This can be done by regular audits. In fact, such functions should become a major arm of the critical infrastructure protection policy of the country.
Since 26/11 last year, email threats accompanying bomb blasts across the country, as well as regular attempts by various motivated groups from foreign networks to hijack Indian networks, have pointed to our vulnerabilities. Plugging the holes at every level is not just desirable but also necessary. Telecom networks are easily some of the biggest targets of these cyber attacks, since they can cripple the connectivity on which all other major functions depend.
As more networks expand and the spectrum is released for third-generation, or 3G, applications, more and more subscribers will enter the network—as will more applications. This will call for more equipment and network management. And the present target of reaching 40% rural teledensity by 2014 means a strong spurt in rural networks and subscribers. Likewise, broadband network is also expanding.
The government will have to think of such scenarios where multiple networks are able to function with efficiency, yet integrity. All this is much more than a simple issue for DoT, and calls for a wider government review.
Subimal Bhattacharjee is country head in India for General Dynamics. These are his personal views. Comment at firstname.lastname@example.org