Of Trojans And Dragons

- Of Trojans And Dragons




Raghav Priyadarshi 

India must take cognisance of the Chinese data theft. To overcome the challenge, it must develop an electronics manufacturing industry that can keep pace with the ever-growing demand for products

In a recent unprecedented move, six serving chiefs of the US intelligence agencies, including the Federal Bureau of Investigation (FBI), Central Intelligence Agency (CIA) and National Security Agency (NSA), sounded a warning bugle to the American public against buying certain Chinese telecom products. These warnings followed developments wherein a noted US telecom carrier succumbed to pressure from the US lawmakers to cut ties with Chinese phone manufacturers due to possible threats of cyber espionage.

Ostensibly, the argument posited was that such Chinese products are susceptible to malware intrusions due to intentional hardware infirmities, allowing unauthorised access to user data via pre-installed backdoor programmes. The US is especially cautious of these threats owing to the close relationships such firms have with the Chinese People’s Liberation Army. Further, companies headquartered in China are mandated to share data with the Chinese Government upon request.

In the wake of the ongoing scandal and investigation wherein Russia stands accused of tampering with US elections in collusion with persons close to US President Donald Trump, this recent warning by the US intelligence chiefs carries grave importance. Overt threats, as is the case in the Russian investigation, wherein persons and entities close to the Kremlin are suspected of devoting considerable resources to target US voters through social media, are insidious enough. But such threats are cognisable and can be investigated. Covert threats, emanating from insecure hardware manufactured by Chinese firms, thereby giving access to user data and personally identifiable information, such as banking details, social security accounts, health records and the like to foreign or enemy intelligence agencies as well as state-sponsored hackers, presents an unprecedented level of risk in societies that are ever-more connected and dependent on technology enabled by the information communications revolution. Further, it gives such pernicious actors the opportunity to control and disrupt critical communications services and utilities upon which digital economies rely.

Trade protectionism enabled by the prism of strategic security has been a hallmark of US policy. Congress’ veto of Broadcom’s takeover of Qualcomm is the latest in a series of protectionist measures undertaken by US legislators due to security concerns. Earlier, Congress had vetoed DP World’s takeover of six major US ports, ostensibly to safeguard US coastal security from foreign power interests. DP World is majority owned by the Government of Dubai.

While it is entirely plausible that protecting American commercial interests against the growing ambitions of Chinese electronics manufacturers, underlining the White House’s emphasis on ‘America First’, motivated the US intelligence chiefs to issue their warnings, India must take cognisance of the Chinese ‘trojan’ threat on two fronts.

First, India, like the US, runs a massive trade deficit against China. India’s trade deficit with China is likely to exceed $60 billion in the current fiscal-rising from around $51 billion in 2016-17. The total volume of electronic imports from China is likely to be just short of $50 billion — of this more than $25 billion will be spent on Chinese mobile phones alone. Besides mobile phones, China supplies a majority of communications hardware to India — greatly undermining the security of India’s communications networks, including its strategic communications facilities which also uses Chinese-built equipment.

Given that demand for electronic equipment is growing significantly faster than domestic supply, many research institutions have pointed out that electronic imports from China will exceed India’s oil import bill within the next five years. This despite best efforts such as the Government’s Phased Manufacturing Programme to enhance value add in local smartphone assembly. India’s economic and strategic vulnerability is, thus, set to pivot from the Middle East to China, once electronics take top spot in India’s import bill.

Second, for India, strategic security against a belligerent China trumps trade protection. While the US may view China’s growing economic and military might with caution and look to contain China’s rise through a multi-pronged strategy, India has no such option. Given that, unlike the US, India has fought a war with China; has unresolved border disputes and territorial claims; continuous low-key border skirmishes, most recently the Doklam stand-off; and strained diplomatic relations, courtesy India’s extension of asylum to the Dalai Lama and the Tibetan Government in exile. It must remain ever-vigilant of Chinese intrusion on its sovereignty and adopt all necessary measures to maintain strategic autonomy.

In light of the above, the Indian Air Force’s advisory to its personnel a few years back not to use a particular Chinese smartphone due to user data transfers to Chinese servers posing a security risk and more recently the warning issued by India’s Intelligence Bureau to Army personnel posted on India’s Line of Actual Control (LAC) with China to stop using as many as 41 Chinese apps due to data leak vulnerabilities, are steps in the right direction. And just this month, Whatsapp too has been identified as vulnerable to Chinese spyware by Indian intelligence agencies.

While it is most urgent that Indian security forces prevent spying on troop movements and strategic information through malware embedded in Chinese smartphones, the bigger questions on India’s overall data vulnerability require immediate redressal as well.

The Government’s ongoing efforts to enact a data protection framework are a welcome step which shall certainly limit the ability of foreign agents to exploit India’s data vulnerabilities. But the biggest challenge remains India’s failure to adequately develop an electronics manufacturing industry that can keep pace with the country’s ever-growing demand for electronic products. Given that ‘Digital India’ equals ‘Make in China’, the Government’s flagship ‘Make in India’ scheme needs a group rethink!

(The writer is Partner, Koan Advisory Group)

Courtesy: Pioneer:   09 April 2018