While India celebrates its 55th Year of Independence
under the constant threat from terrorists, it is also time for us to reflect
on the security of our Cyberspace and whether we are devoting sufficient
attention to the possible compromise of our national security to the western
world through hardware and software that we source from the west.
Dr Raj Mehta, a Cyber Security Activist discusses the
implications of the 1998 "Doorbell" agreement between American Computer
industry and the National Security Agency in an illuminating and thought
provoking article. According to this agreement, the industry agreed to provide
a "Security Doorbell" which can be activated any time by the security agency
to switch on a "Remote Access" for the security agency to any Information
resource of the user. Such devices are likely to have been implanted in
Routers, Processing Chips, Operating software etc and can capture information
on all computer activities and send it to the agency.
In the increased security concerns after the September 11,
2001 incident, it is expected that the "Doorbell" might have been strengthened
further and used widely. India which has to contend with an American ally,
Pakistan as its main security threat is exposed to the risk of espionage from
American intelligence agencies which may be detrimental to the national
interests whenever Government agencies use the hardware and software resources
from US manufacturers such as Microsoft, Intel, Cisco etc.
It is therefore necessary for all Government agencies
including the state Governments such as Karnataka and Andhra which are
depending too much on US based companies for all their E-Governance projects.
We need to immediately develop a "National Cyber Security Policy" which
minimises and eliminates the risk of external espionage on our information
assets.
According to the ITA-2000, the "Doorbell" agreement if
found in operation, comes within the definition of a "Computer Contaminant"
and if proved, any Indian can claim compensation upto Rs 1 crore from the
supplier of the hardware and software.
