India faces a major cyber security challenge from imported defence products which can come laden with snooping virus or malwares and should thus get involved with the production of weapon systems from their nascent stage, chief of Defence Research and Development Organisation (DRDO) Avinash Chander said on Friday.
Addressing the media at Defexpo 2014 here, Mr. Chander, who is also the Scientific Adviser to the Defence Minister, said cyber security could be enhanced by getting involved with the software of the projects from the time they were developed so that “cocoons” could be built around them.
“For real security, the answer lies being involved with it from the design stage,” he said, adding that similar control could not be possessed over a system that is procured from outside.
Responding to a question on India’s ability to check for malware in advanced systems like the C-17 and C-130J Super Hercules aircraft procured from the United States, Mr. Chander said, “When an equipment is bought from outside, you have no control.”
Stressing the need to protect the country’s military equipment from hacking, he said there was a need to ensure that hackers were unable to target the “critical or core systems”.
Noting that a major reason for the threat posed by malwares was that it was difficult to assess them in an “integrated system”, Mr. Chander said the problem was compounded by the fact that most foreign countries do not provide the source code for the equipment sold by them.
He said the problem behind unsecured procurements also had its genesis in the fact that many agencies took their own decisions concerning foreign purchases of equipment. He called for having guidelines to protect systems against subversion.
“Cyber security is our biggest security challenge and requires a new paradigm in purchase processes. When we buy, we must buy with security in mind,” he said.