The equities of telco cyber exploitation: 5G and the Huawei ban – Observer Research Foundation

My article for the Observer Research Foundation: https://www.orfonline.org/expert-speak/the-equities-of-telco-cyber-exploitation-5g-and-the-huawei-ban/

The Indian government has commenced the trials of 5G technology, but the Chinese company Huawei is notably absent from the list of approved vendors. The Indian strategic community is almost unanimously supportive of the decision, concerned about the emerging Chinese hegemony around 5G standards and architecture. Although think tanks and experts have delved into some of the technical intricacies of 5G, the commentary remains largely polemical and rooted in the complicated verbiage of Sino-Indian geopolitics.

It would be worthy to briefly deconstruct the nature of the threat posed by the telco networks, why they are deemed so critical when it comes to Indian national security imperatives, and the kind of exploits and vulnerabilities which cyber adversaries have used to subvert them. It may paint a slightly different picture and offer a more nuanced take on China’s forays into 5G.

Continue reading “The equities of telco cyber exploitation: 5G and the Huawei ban – Observer Research Foundation”

The SolarWinds hack pokes holes in Defend Forward – Observer Research Foundation

My article for the Observer Research Foundation: https://www.orfonline.org/expert-speak/the-solarwinds-hack-pokes-holes-in-defend-forward/

In December 2020, the cybersecurity company FireEye discovered a cyber espionage campaign, compromising dozens of government and private organisations in the US.

Orchestrated by subverting the supply-chain of the popular IT administration software-maker SolarWinds, the operation showcased remarkable ingenuity and precise tradecraft at every step of the “kill chain” to skirt around the phenomenal counterintelligence capabilities of the US. They had no plans to outmatch the strategic cyber offensive might of the US, so the spies tactically blended-in with the environment, exploited “transitive trust” of the computers, and used deception to look like routine processes.

Yet, beyond all the technical details, it was the palpable strategic calculus which strikes at the heart of US cyber policy. The SolarWinds hack could potentially upset many of the US’ cyber statecraft initiatives—bolstering national cyber defence in the aftermath of the 2016 electoral interference—which took years to mature.

Continue reading “The SolarWinds hack pokes holes in Defend Forward – Observer Research Foundation”

My opinion of the think tank ORF’s cyber policy work

So, a journalist emailed me asking for my opinion of the Observer Research Foundation’s (ORF) cyber policy work. It’s a Reliance-funded organisation and thought to be India’s most prominent think tank. It also hosts the annual Raisina Dialogue on foreign policy with the Indian government, and the CyFy conference on technology and cyber issues. My reply is pasted below:

Continue reading “My opinion of the think tank ORF’s cyber policy work”