Cyber vulnerabilities must be viewed in context

(Representational Image: iStock)


Last week’s sacking of Gavin Williamson as the Defence Secretary of UK has generated a far bigger controversy than expected.

The security implications are obvious and even may be of some importance for us. Prime Minister Theresa May at a meeting of the National Security Council on April 23 took a decision to conditionally allow China’s Huawei to develop UK’s 5G network. It is reported that this decision to allow Chinese entry into a core area of communications, vulnerable to cyber attacks and espionage, was bitterly disputed and subsequently also got leaked to the media.

Though the investigating agencies have come to the conclusion that the leak did not constitute a criminal offence under the Official Secrets Act, the issue is likely to remain alive for quite some time, since next only to USA, the most influential member of NATO happens to be UK. Even though the days of the cold war have been relegated to history, NATO has remained intact, albeit with its role somewhat diluted.

Simultaneously, the protocols on intelligencesharing and certain other common strategic objectives have also survived. While UK may have its own reasons for taking such a decision, it is in the given background that it becomes debatable. It is understood that Huawei has its roots in the Chinese People’s Liberation Army (PLA) and continues to have firm links with them even now. Strong suspicions have appeared in the print and electronic media about its possible backdoor conduct, facilitating surveillance and such like activities through its manufactured hardware.

Reportedly, New Zealand and Australia have also denied a foothold to this Chinese company, while at the same time it is also facing proceedings in a federal court of law at New York. It would be of interest to know what type of pre-conditions have been imposed on Huawei by UK to safeguard its interests, particularly in the realm of security, and also to the satisfaction of its allies. In India this electronics communications conglomerate had been trying to make inroads for over a decade but had been denied permission because of security-related concerns. In fact, it is understood that at one time an adverse advisory had also been issued. But later, after a few years, imports of cheap computer hardware from Huawei was permitted.

When this company had applied for a manufacturing facility in 2013, it was denied. However, later under the changed circumstances in 2015 permission had been granted. Being an indigenous manufacturing unit, its products are bound to be competitive and in due course may flood our markets. From the security point of view while granting permission some conditions were imposed, including that the chief security officer of the company would be an Indian national.

Whether these would be sufficient and what other safeguards would be necessary remains to be seen. The reason is that India having witnessed more than 50,000 cyberattacks in 2017 remains vulnerable. According to official figures, a significant proportion amongst these originated from China followed by Pakistan. India was the third worst affected country during the WannaCry ransomware attacks in May 2017.

In June that year, operations at one of the three terminals in India’s largest port, JNPT near Mumbai were disrupted due to the Petya cyberattack. Also, in October that year, Seqrite Intelligence labs discovered an advertisement announcing secret access to the servers and data bases of over 6,000 Indian organisations exposing the serious vulnerabilities of our cyber space.

In the circumstances, considering our cyber vulnerabilities, the current state of affairs has to be viewed in the context of the Sino-Indian geo political situation and its impact on security, which is quite different from UK’s interests in China and vice versa.

(The writer is a former Governor of Uttarakhand and Meghalaya and a former Commissioner of Police, Delhi)