India Moves Toward Limiting What Telecom Tech Can Be Used
Cyberwarfare / Nation-State Attacks
,
Fraud Management & Cybercrime
,
Governance & Risk Management
As ‘Trusted Telecom Portal’ Launched, Chinese Vendors May Be Excluded From Market
In a key move toward ensuring telecom companies only use technologies from trustworthy sources, the government of India has launched a Trusted Telecom Portal designed to evaluate and approve technologies and suppliers.
See Also: Live Webinar | The Role of Passwords in the Hybrid Workforce
The government has yet to designate any tech providers as “trusted” or “untrusted,” but some observers predict Chinese firms, such as Huawei and ZTE, will not be included on the list of approved vendors that can supply equipment to telecom companies, including for 5G network development.
On Monday, the Indian government launched the Trusted Telecom Portal as part of its National Security Directive on Telecommunication Sector.
The government could use the portal to support restricting the use of technologies from Chinese vendors, such as Huawei and ZTE, whose tech is currently in widespread use in India. Other nations, including the United States and the U.K., have taken action to restrict the use of tech from the Chinese firms, citing security concerns, such as potential spying.
‘Trusted Products’
In India, under new technology regulations, telecom service providers will only be able to use “trusted products” from “trusted sources.”
Prior to buying new technology for their networks, telecom service providers must log into the Trusted Telecom Portal and register the telecom products and the vendor from whom they intend to procure the products.
The National Security Council will then assess vendors and the sources of their components to determine if they are trustworthy and inform telecom service providers if they can proceed with the tech acquisition.
India Changes Tack on China
Despite pressure from the U.S. not to use Chinese telecom equipment because of security concerns, India had viewed China as the most cost-effective supplier, particularly for 5G (see: Will Huawei Play a Key Role in 5G Network Development?).
Now, India is taking action to address those tech security concerns, and some observers say the nation could restrict the use of Chinese telecom tech as a result of ongoing tensions between China and India.
Chinese vendors, including Huawei and ZTE, that have been accused of providing backdoor access in their systems for the Chinese government deny the accusation. Huawei now offers a “no backdoor” assurance.
The Indian government says that the National Security Directive on Telecommunication Sector, which mandates that telecom companies vet their suppliers via the portal, does not require mandatory replacement of any equipment already in place.
“The directive will also not affect ongoing annual maintenance contracts or updates to existing equipment already inducted in the network as of the date of effect of the directive. Hence, no disruption to the existing networks will be created due to this directive,” the government notes in a statement.
Decision-Making Process
India’s national cybersecurity coordinator will have final say on whether a vendor or its products are “trusted.” The coordinator will create the methodology for this decision-making process.
The decision by the coordinator will be “based on approval of a committee called the National Security Committee on Telecom headed by the Deputy NSA. The committee consists of members from relevant departments/ministries and has two members from industry and an independent expert,” the government statement notes (see: India Telecoms Can Only Use ‘Certified’ Equipment).
Huawei’s Latest Moves
Earlier this month, Huawei opened the largest of its six privacy and transparency-focused cybersecurity centers in Dongguan, China.
Huawei also launched a “product security baseline,” collaborating with independent third-party testing organizations and standards organizations, that includes a framework to prevent backdoor access to its products and ensure stronger encryption and applications security. This can be reviewed by Huawei customers and government agencies.
“This is the first time we’ve shared our security baseline framework with the entire industry, not just core suppliers,” says Sean Yang, director of Huawei’s Global Cyber Security and Privacy Protection Office.
Huawei Scrutinized
Huawei continues to face intense scrutiny in the U.S and European countries over security concerns about the use of its technologies (see: Will UK Rip and Replace Huawei Sooner Rather Than Later?).
In 2019, the U.S. Federal Trade Commission designated Huawei and ZTE as threats to U.S. national security because their tech could potentially be used to spy on communications on behalf of the Chinese government.
As a result, smaller and rural U.S. telecom companies and wireless carriers can no longer tap into the FCC’s $8.3 billion Universal Service Fund to buy equipment from Huawei and ZTE. The commission is requiring certain telecom companies to remove and replace the Chinese equipment from their networks (see: FCC: Rip and Replace Huawei, ZTE Gear to Cost $1.8 Billion).
In 2019, the U.S. Commerce Department put both Huawei and ZTE on its “entity list,” which effectively blacklisted both companies from doing business in the U.S. The federal government has also restricted Huawei’s ability to gain access to U.S. chip technology (see: FCC Upholds Ruling That Huawei Poses National Security Threat).
In March, the Biden administration imposed further restrictions on companies selling equipment to Huawei. Last week, President Biden signed an executive order that imposed a ban on U.S. investment in 59 firms, including Huawei, with ties to China’s military or surveillance industry.