India faces a major cyber security challenge from imported Defence products which can come laden with snooping virus or malwares and should thus get involved with the production of weapon systems from their nascent stage, chief of Defence Research and Development Organisation Avinash Chander said on Friday.
Addressing the media at Defexpo 2014 here, Mr. Chander, who is also the Scientific Adviser to the Defence Minister, said cyber security can be enhanced by getting involved with the software of the projects from the time they are developed so that “cocoons” could be built around them.
“For real security, the answer lies being involved with it from the design stage," he said, adding that similar control cannot be possessed over a system that is procured from outside.
Responding to a question on India’s ability to check for malware or snooping devices in advanced systems like the C-17 and C-130J Super Hercules aircraft procured from the United States, Mr. Chander said “when an equipment is bought from outside, you have no control.”
Stressing the need to protect the country’s military equipment from hacking, he said there was a need to ensure that hackers are not able to target the “critical or core systems”.
Noting that a major reason for the threat posed by malwares or snooping virus was that it was difficult to assess them in an “integrated system”, Mr. Chander said the problem was compounded by the fact that most foreign countries do not provide the source code for the equipment sold by them.
The DRDO chief said the problem behind unsecured procurements also had its genesis in the fact that many agencies took their own decisions concerning foreign purchases of equipment. He called for having guidelines to protect systems against subversion. "Cyber security is our biggest security challenge and requires a new paradigm in purchase processes. When we buy, we must buy with security in mind," he said.
The Scientific Adviser to the Defence Minister said DRDO has also undertaken in a big way the development of cyber technology tools. It has also taken to installation of controlled networks and securing the local are networks.
Besides, it was working on its own security mobile systems, development of Avdhani processors, and developing its own routers, operating systems and analysis systems.”