Why I would not back up a cyber command seems a presumptuous title, as after all I am a mere citizen and retired soldier. Another retired officer from my alma mater NDA recently told me over beer, that we were child labour and our DNA cannot change having been in uniform from the teens. But then, we write in the hope that the powers that be will take note of our suggestions as we are all participants in the national effort.
The article down below is a predictable response to the recent breaches of smart phones by certain interests not only interested in kingdom building but also interested in milking the Indian cow further. Let me elaborate, while serving in the Army we have been at the receiving end of our public sector white elephants, wherein we were forced to scavenge for grenades and radio sets from killed terrorists in Kashmir while serving in CI operations. As our hand grenades of WW 2 vintage would more often be duds in close quarter combat and could prove fatal and the radio sets which were in vogue at that time were 1 kg bricks which were too heavy and cumbersome and could be heard from a mile away at night compared to the sleek Japanese ones which were carried by the terrorists.
Now that I have hung my boots and come out into civvy streets, I have had the opportunity to see things from the other side of the fence and realise the services are equally guilty for this sorry state of affairs. Cumbersome and prolonged procurement procedures and officers having no knowledge drafting GSQR’s is only part of the story. The other side is how the organisation presents a face to the world at large. Woe betide the citizen who approaches the gates without someone high enough and powerful enough to spare him the agonies of the procedures to get in even with prior appointment. Even as retired officers carrying identification the treatment is the same ! Lack of respect for the time of others is universal in the Indian system. Honourable exceptions to the above are always there.
The above mentioned aspects, in combination with systemic lethargy ensure that only the low-end trader is interested in engaging with the establishment. No self-respecting entrepreneur with a vision and innovation capability will interact with our establishment under these circumstances. Thus the de facto system is that all global majors interact with the procurement agencies via a system of channel partners and end reseller. For e.g.: Big Brand Multinational, sells to one of the major channel partners who in turn has an end reseller who interacts with the procurement agency. The end reseller over time develops a cosy relationship and we carry on. Although the MNC will send his technical expert for presentations etc the actual sale is via the small time reseller. Impossible terms like 7 years support for hardware ! are asked for. These ensure that shoot and scoot companies that are routinely blacklisted and sprout again with another name is what the system promotes.
Unless these issues are addressed, sanctioning of a cyber command will never secure national interests and concerns. The only fallout is going to be a nice exercise in kingdom building with MNC’s caught back-dooring their products laughing all the way to the bank, all at the expense of the national exchequer. What is needed is specialisation in procurement procedures with familiarisation in the ICT trade cycles. A modern responsive and entrepreneur friendly interface which encourages interaction and partnership. A system which advertises itself as where the industry can interact with respect, professionalism and earn profits !
At present the system is opaque, unfriendly and unprofessional. There is a reason why Unit 8200 a little known Israeli army unit at the heart of InfoWar efforts of Israel spawns more startups per capita than Stanford. Unless we change the organisational culture prevalent in the Armed forces, the Cyber Command will do little for national security.
New Indian Cyber Command Urged Following Recent Attacks
NEW DELHI — Amid media reports of a suspected cyberattack by a Pakistan-based group targeting the Indian government, some officials and analysts here are calling for progress on a proposed tri-service command on cybersecurity that is still pending approval by the Ministry of Defense.
The command would be led by the Indian army, air force and navy.
“India does not have adequate institutional and human resource capability to counter cyberattacks similar to the one by the Pakistan-based group,” defense analyst Surya Kiran Sharma said.
Evidence of “an advanced persistent threat (APT) against Indian diplomatic and military resources” was first reported on March 7 by US-based cybersecurity solutions company Proofpoint.
Indian MoD officials would neither confirm nor deny whether their officials were targeted from Pakistan.
“The matter has come before MoD and is now being examined,” spokesman Nitin Wakankar said.
Following Proofpoint’s March 7 report, another security firm, FireEye, reported that on May 18 a Pakistani group registered a fake news website and sent spear-phishing emails to Indian government officials.
The emails referenced the Indian government’s 7th Central Pay Commission, a topic of interest among officials.
A senior Indian Navy official, who spoke on condition of anonymity, noted that a proposal to set up a dedicated tri-service command for cybersecurity has been forwarded to the MoD after top officials with the Indian air force, army and navy approved the idea. But the plan has yet to be approved.
“A draft proposal for setting up a separate tri-command on cyberwarfare was prepared in consultations with the chiefs of the Indian air force, Indian army [and] Indian navy after Chinese hackers broke into the computer systems of the headquarters of the Eastern [Naval] Command in Visakhapatnam in 2012 where the homemade Arihant nuclear submarine was undergoing sea trials,” the Navy official said.
In 2013, computer systems of the Defence Research and Development Organization were breached by Chinese hackers.
According to Sharma, India is ill-prepared for a cyberwar.
“India released its National Cyber Policy in 2013, which had the ambitious aim of creating 500,000 cyber warriors,” the defense analyst said. “However, no significant work has been done on the provisions of the cyber policy. India is inadequately prepared to counter cyberwarfare, as is evident from the numerous attacks on national websites.”