The launch of the Cyber Swatchhta Kendraunder the Ministry of Electronics and Information Technology (MeitY) is a good initiative as they have partnered withQuick Heal an Indian Anti Virus company. In this Public Private Partnership (PPP) initiative both will benefit and I wish Quick Heal godspeed. I hope the partnership goes beyond an MOU and providing a link to a Quick Heal download page. MeitY and CERTin should closely interact and learn from seeing at close quarters the functioning of a World Class anti-virus company and its interactions with other CERTs globally. In the initial days of my journey into the field of InfoWar; Quick Heal and its Co founder CTO; Sanjay Katkar had played an invaluable path by allowing me a free run of their premises to study and understand the anti-virus industry and the global ecosystem that makes this industry function. We need more entrepreneurs like him. I remember sacrificing many afternoons and rushing to their Pune lab while doing a course under intense time pressure at one of the training establishments of the Army. In the initial days when they were struggling to establish themselves, Quick Heal got little help from our govt establishment. Now that it has become a 2000 crore success story, hopefully things will change and one of the jewels in the Indian Cyber Security space will be better utilised by our establishment.
As in all matters of the state, it is the correct strategy that will help this nation and its taxpayers. A closer examination of the Swatchhta Kendra site reveals that it provides various links to an awareness page maintained by CDAC Hyderabad; a society under MeitY. A tools section that caters for the Windows OS, a mobile security platform for Android OS and links to Mozilla Foundation and Google Chrome. The awareness page is again a summary of various advisories, best practices and omnibus advice for various strata of society like teachers, govt servants, police, system admins etc; all useful for the Aam Aadmi; I am sure. A closer examination reveals that there is a link to Windows XP hardening, starting off with the need to keep the OS upto date, someone seems to have forgotten that Windows XP support was stopped a few years back by Microsoft !!! There are also tutorials on setting up of various servers etc diligently copied from the websites of the OEM.
All these actions bespeak of the absence of a national strategy for the field of ICT. Think of it another way, aren’t all these Operating Systems made by private foreign companies that have been exposed as collaborating to build secret backdoors with the intelligence community of the parent nation. Why is the taxpayers money being spent in building tools to protect such platforms ? Can these tools really secure the user when the OEM is building backdoors ? Aren’t there hundreds of such products both paid and free available with a simple search ? If the American CERT promotes these company products, I can understand that they are promoting their own private sector and companies who are their partners in advancing their national cause. Do we need to spent our scarce resources in supporting such initiatives after the evidences that have come out till date and reams of publications and books that have highlighted all these issues. Is the MeitY aware that they are also spending money on supporting BOSS an indigenous OS. At least in the advisory for Govt officials, police etc shouldn’t they be highlighting the inherent dangers of using foreign OS’s and the need to promote indigenous alternatives. Shouldn’t they be giving out advisories and highlighting the need for data localisation and exhorting the citizenry to canvass for a privacy law. Where is your course correction post Snowden; MeitY ?
I was presented a book by a friend;@War by Shane Harris which reaffirms the truth of the Snowden revelations from various human sources and the rise of the Military-Internet Complex. The author brings out certain tactical aspects and applications of InfoWar in the American anti insurgency operations in the Middle East and Afghanistan which should be of immense interest to our military and intelligence community. The book also gives us a glimpse of the turf wars that dominate the American Intelligence Community in Cyber Space. It also brings out the hypocrisy of the American narrative in the ICT sphere in respect to China’s attempt to replicate the same laws; a bizarre situation of a free and open democracy having secret laws and criticising an authoritarian regime bringing in an open law for the same actions. A recommended read for all policy makers, military officers and people who work in the ICT space. (I hope the Honourable Minister for MeitY and Secretary reads it and carries out urgently required course corrections.)@War does not bring out the strategic aspects of the Snowden revelations and is totally silent on the Utah Data Centre, but the author is American and I don’t begrudge the American citizens looking after the national interests of their nation.
I admire the Americans and their deep wisdom and strategic vision that has ensured that inspite of being caught with their pants down (post Snowden) their follow up actions ensure their strategic deception continues, this I attribute to Mark Twain that great American author of classics like ‘The Adventures of Tom Sawyer’. One endearing episode that is seared in my mind is of Tom Sawyer getting trapped in a wearisome chore of having to white wash the fence on a holiday while his friends plan for a picnic. By using his wile and wit Tom Sawyer pretends that white washing the fence is a great pastime any day better than going for a picnic, he cons his friends into fighting over helping him and grudgingly allows them to do it in exchange for an apple and other goodies. This particular episode was a cause of great pleasure and mirth in my childhood, both the book and the movie. There are a lot of ‘friends’ of Tom Sawyer in our Cyber Security establishment. I will humbly advise them to read the ‘Adventures of Tom Sawyer’ or if they lack in time due to their busy schedules please watch the movie.
To summarise; the Cyber Swachhta Kendra is a good start, but a long way to go.
A well researched and thought provoking article. I wish it has the desired impact on the Indian security establishments and those charged with securing the nation from cyber security threats.
Simple truths often get overlooked! Same is the case with Cyber Swachata Kendras- another tick- we feel – great action by the Govt-but who will do the real tightening of nuts & bolts. Rightly pointed by author – country needs less of lip service & more of Gita’s “Karma Yoga”.
Time to wake up to the subversion of the Indian nation at various levels. We have concentrated only on threats of external aggression and of cross border terrorism. But, as being pointed out, there are numerous other means of subversion.
Timely article giving an insight to other kind of threats to our nation.
India needs a comparison of such kind. Thank you Sir, for evaluating the critical nature of the MoU. (y)
Very true Pavi. It is now that GoI seems to have started realising perhaps what US strategies decades ago.
That is a great look at our cyber hygiene. The problem is that it is very easy for us Indians to call trap to the ease enhancing options produced by software companies like Microsoft. Addiction to utility softwares is so easy to develop. And this is what our strategy has to focus on. Catch them young and get them used to the harder right instead of the easier wrong.