NTISB Warns Govt Departments to not Use Indian/Israeli IT Products – Why?

With the advancement in technology, the issues related to cyber security have also reached new heights. Governments around the world have been taking steps to boost their cyber security and stay aware of the malicious threats growing each day. In this regard, the National Telecommunication and Information Technology Security Board (NTISB) has warned government departments against using Indian/Israeli IT-related Products and Services.

In its latest advisory, NTISB mentioned that a few government organizations which include Critical Information Infrastructure (CII) are currently utilizing Indian/Israeli-origin IT products and services. They are using the products likely on the basis of being a low-cost option in contrast with other market options.

However, the probability of the existence of backdoors or hidden malware in these IT solutions cannot be overlooked. The board said that in the recent past, a number of incidents of similar nature in the public sector indicated the involvement of Indian-based threat actors. It hasn’t only led to the discontinuity of IT services but also became a basis of reputational damage for the organizations.

Furthermore, in its advisory, NTISB urged all Federal departments to properly protect businesses and critical data. It advises against procuring IT hardware solutions from countries banned by the Commerce Division (as per SRO 927(1)/2019).

Additionally, some other IT security solutions that should not be procured from these countries include:

Intrusion Detection System/ Intrusion Prevention Systems, Security Information and Event Management, Extended Detection and Response, Mobile Device Management, and DDOS Mitigation Solutions.

Furthermore, NTISB also encouraged organizations to discontinue the use of online software solutions from the listed countries and shift to alternate options. Offline solutions can be used with associated risks, such as not applying updates/patches or connecting to the internet.