U.S., India to Cooperate on Tech Security

Oct. 14, 2004
Because of web, tech security must be a global action with a unified front against hackers, viruses

India and the United States agreed Wednesday to develop new ways of securing data and to expand cooperation to protect networks from destructive viruses and computer hackers. The two countries reached the agreement at the end of a two-day conference Wednesday of the main information technology industry organizations of India and the United States.

"The United States is willing to begin cooperation with appropriate government entities, including in India," said Michele Markoff, the senior coordinator for international critical infrastructure protection in the U.S. State Department.

"Protection of networks and information structures is as essential to the safety of our citizens and economy as our buildings ... and airports," Markoff told the closing session of the conference.

Markoff said that only a few months ago, the United States set up a 24-hour, seven-day-a-week monitoring system to watch for hacking or destructive computer and software viruses.

But she said monitoring is more effective if done across the globe, with every nation setting up a system to protect its own data and networks and quickly sharing information on attacks. Markoff said most nations already have someone in government or the military on 24-hour alert who could also watch for a cyber attack.

Just how it would work will be discussed in November when the Information Technology Association of America hosts its Indian counterpart, the National Association of Software and Service Companies, or NASSCOM, the two groups that met in New Delhi this week.

While governments are concerned about protecting networks against attacks by terrorist hackers, industry leaders also want to tackle data theft by employees or commercial hackers, computer viruses and unwanted e-mail -- or "spam" -- that hurts productivity.

"We all talk about (the potential threat of) al-Qaeda, but nine out of 10 problems are employees, ex-employees, ex-partners, ex-partners of employees, buddies they gave a password to," said Jerry Rao, the NASSCOM chairman and founder of India's Infosys software giant.

He said NASSCOM will have "the kernel" of a voluntary employee registry in place by March -- to be handled by an outside agency -- that would confirm the background and identity of employees in India's information technology industry, while safeguarding their privacy.