The department of telecommunications (DoT) has proposed that telecom companies undertake network audits to address security risks from spyware and malware, minister of state for communications Sanjay Dhotre said.
In a written reply submitted to the Rajya Sabha, the minister said telecom equipment and network could have backdoor and trapdoor vulnerabilities, adding operators are responsible for the security of their networks.
The proposal for the telecom sector audit assumes importance amid the ongoing India-China border standoff.
Tensions between the two nations escalated in June when 20 soldiers of the Indian Army were killed in a clash with Chinese forces along the Line of Actual Control (LAC) in Ladakh.
Since then, the government has taken several steps to limit trade with the neighbour, including a ban on more than 200 Chinese mobile apps.
The minister said the government has not banned the purchase of equipment from Chinese vendors, adding, however, that an amendment in the General Financial Rules, 2017, allows the department of expenditure to impose restrictions on public buying from any country on the grounds of national security.
“This apprehension (of security threat) is further confirmed by the fact that other countries like the US, UK and Australia have also taken parallel recourse against Chinese vendors, citing their close allegiance with the People’s Liberation Army of China,” said Sameer Jain, founder and managing partner, PSL Advocates & Solicitors.
The UK has imposed a blanket ban on Huawei’s 5G equipment from the end of 2020, and plans to phase out all gear supplied by the Chinese firm by 2027, Jain added.
Last December, department of telecommunications had directed all telecom operators—Bharat Sanchar Nigam Ltd (BSNL), Mahanagar Telephone Nigam Ltd (MTNL), Reliance Jio Infocomm Ltd, Bharti Airtel Ltd and Vodafone Idea Ltd to undertake security audit of their networks by an external agency.
Under the “Unified License, each licensee has to undertake an audit of their networks or get their networks audited from a security point of view once in a financial year from a network audit and certification agency,” Union minister Dhotre said on Thursday.