India sets up panel to access Google, Skype data

by CXOtoday staff    Aug 03, 2011

India has set up a group to study interception of encrypted mails of providers such as Google, Blackberry, Nokia and Skype and find a way to read them due to increased concerns that terrorists may use these services to communicate with each other without being noticed.

The formation of the committee was needed after telecom service providers opined that they will provide the interception facility for encrypted services but decryption of the intercepted communications / services is not their responsibility. This was informed today by the Minister of State for Communication and Information Technology, Sachin Pilot, in a written reply to the Lok Sabha.

Security agencies desire that the intercepted communication be in a readable format as they fear that terrorists will use services like Gmail, Blackberry email, Nokia messaging, Skype etc. since they are heavily encrypted and security agencies cannot monitor them.

This comes at a time when in the last month, Government had asked Google, Facebook, Skype and other Internet and mobile-based communication services to open up their servers for scrutiny by the country’s security agencies.

Pilot said that Indian Computer Emergency Response Team (CERT-In) and other agencies regularly review India’s preparedness to fight/ward off various cyber security threats including security on a regular basis.

The committee has analyzed all the above issues to work out a focused and practical proposal which balance the requirements of security agencies and secure communication needs of trade, commerce and industry

Pilot also informed that a total of 117 Government websites were defaced during the period of January - June, 2011. All the affected organizations and departments were requested to provide web server logs of hacked websites for analysis and to identify nature and type of attack and vulnerabilities exploited by the hacker.

Based on the analysis, organizations were advised to take specific steps to strengthen the security of websites. Some of these initiatives include an audit of all new government websites and applications, upgrading the security infrastructure and issuing alerts on the latest cyber threats and counter measures.