Intelligence committee to meet on govt email hacking

Intelligence committee to meet on govt email hacking

New Delhi: India’s joint intelligence committee (JIC) will hold a meeting on Tuesday to resolve issues between two important wings of the Union government over the alleged compromise of hundreds of email accounts, including those of the home secretary, Indian embassies, members of the armed forces and top bureaucrats.

NTRO, which is the country’s elite technical intelligence agency, has prepared a list of hundreds of email accounts that have been “compromised" over the last one year. The agency was formed in 2004 with the mandate of developing technical capabilities in aviation, cyber security and strategic monitoring.

Among those email accounts that the agency says have been hacked are those of the home secretary, the tourism and culture secretary, the earth and sciences secretary, the naval attaché to Teheran, several Indian missions abroad, top investigators of the Central Bureau of Investigation and the armed forces. Mint has reviewed the list of email accounts said to be compromised.

The agency, which now wants to further investigate the source of the hacking, has sought information from NIC.

A high-ranking NTRO official, who did not want to be identified, confirmed that information has been sought from NIC for further investigation and a meeting is to be held on Tuesday on the subject.

The row blew up after NIC refused to cooperate as it feared that the move would breach the privacy of the officials concerned. NIC provides email accounts to all government organizations and officials. The Times of Indianewspaper had first reported the row between the agencies.

“Their list runs up to 10,000. We cannot provide such large content to them. It violates the basic principle of privacy and sparks fear among officials," said a high-ranking official, who also spoke on condition of anonymity. “We are not even sure whether they have the mandate to seek content. It requires permission from the Union home secretary under the Information Technology Act. The fear is more as NTRO has recently been in the news over illegal off-the-air interception."

The official said the matter has been jointly examined by NTRO and the Computer Emergency Response Team (CERT-In), which is under the department of electronics and information technology (DIETY). NIC is also a part of DIETY.

Those within and outside government are questioning whether NTRO has the mandate to seek content from NIC.

NTRO’s mandate is to provide systems to ensure cyber safety, said S.D. Pradhan, a former JIC chairman. “They have no mandate to go into what has been hacked. They have to develop systems so that there is no breach in future," he said.

“NTRO basically collects intelligence through technical means in that they are responsible for cyber security, both offensive and defensive. Certain amount of analysis is also attached with it. But they do not have to (investigate the) content of what has been hacked. This falls under the domain of CERT-In," Pradhan added.

An intelligence official, speaking on condition of anonymity, said NTRO is only supposed to provide logistics and raw inputs. “And is not actually supposed to look into and analyse. They don’t have the expertise or mandate," he said.

NTRO’s surveillance devices, contrary to norms, were deployed more often in the national capital than in border areas, Mint had reported on 18 May 2011. Under new standard operating procedures issued earlier this year, NTRO can only intercept signals at the international borders.

sahil.m@livemint.com

Close