Let's Build a Responsible Cyber Society




The Threat of the Manchurian Micro Chip

Though the GOI has undertaken a good step in initiating action on the setting up of a telecom security certification agency and has reportedly asked Dr Balakrishnan, Director IISC to suggest a framework, given the past record of some of the politicians in India and the enormous commercial implications, it is not clear if the move to appoint the security certification agency is only to delay the implementation of the ban on import of Chinese equipments which is now in force.

It is possible that soon we may see an announcement that since as suitable security certification agency would take up the responsibility for clearance of security in due course, the order for banning may be kept in suspension.

Such a move if any need to be resisted.

In this connection, it is necessary to take a cue from the Australian Security Intelligence Agency and the actions taken by them.


Naavi.org has been frequently speaking about the security risk in allowing Chinese IT equipments into India. Now a detailed an informative article in Pioneer India highlights how the politicians and bureacrats have in the past ignored the security threats.

It is to be noted that the article indicates that Rs 20000/- crores of hard earned Indian money has been invested in the cheap Chinese mobiles which have now been blocked (hopefully) by the MSPs. In India there was a service running to provide official IMEI numbers for existing mobiles at a cost of around Rs 100. It is  not clear if this service is a backdoor move to lift blocking of the handsets. It is however not clear if this blocking has been overcome by people using duplicate IMEIs of genuine mobiles. While this may activate the otherwise blocked hand set, some time in future, this would surface as another security risk when innocent persons would find that their IMEI numbers are being used by several others also.

I would like the Government of India, DOT department to conduct a search of IMEI numbers and their association with SIM numbers across the country and identify if there are duplicate SIMs identified with same IMEI numbers. Some of these may be genuine use where the handset owner substitutes the SIM temporarily. However in such cases the usage cannot be concurrent except in dual SIM mobiles. DOT should release the findings of such as study to public so that we can understand if the order for Blocking of Chinese no-IMEI number phones have been implemented or not.

The pioneer report also indicates how DOT allowed use of Chinese telecom equipments outside border areas even after the risk of the "Manchurian  Micro Chip" was brought to their attention.

I would particularly draw the attention of the Indian public to some action  reported to have been taken up by the Australian Security Intelligence Organization (ASIO) who has officially ordered investigations into Chinese telecom equipments installed in the Australia. We in India need to do more than what ASIO has done because we are more vulnerable to Chinese aggression and our exposure to Manchurian Micro Chip is perhaps much more than Australia.

I therefore urge that not withstanding the appointment of Dr Balakrishnan to suggest a security certification framework, Government of India has to ensure that the present policy of "Ban on Import of Chinese Equipments" should not be suspended.

More appropriately, the Indian Government should undertake a security audit of all Chinese telecom equipments which are already in India and gradually phase them out.

Also the telecom companies should be warned that if they have installed any equipment with the consumers which has the capability of remotely operated to reduce the value of the service to the user, it becomes an offence under ITA 2008.



May 16, 2010

Related Article:

Articles on Manchurian Microchip

ANALYSIS - India security jitters rattle growing China ties .. Yahoofinance

China Bugs India.. Pioneer

Govt To Go for Telecom Security Regulator.. Indian Express

Internet Embargo Required on China ..Naavi.org

How Do We Respond to Chinese Cyber Aggression?..Naavi.org

Role of Corporate Sector in National Cyber Security..Naavi.org

Indian National Cyber Security challenges..Naavi.org

Comments are Welcome at naavi@vsnl.com