India’s cyberspace odyssey
A barrage of cyberattacks by China against India has thrown open the debate for New Delhi to strengthen its defences and prepare for conflict in a new battlefield – cyberspace.
Despite its solid and well-recorded reputation as a leader in the field of information technology (IT), it is surprising and alarming in equal measure that Indian authorities have thus far paid little or no attention to the sphere of utilising cyber technology towards protecting the country’s diverse portals ranging from finance, defence, healthcare, technology among other areas from external actors who pose a threat to India’s foundations.
Over the next couple of years, confrontation between nations will graduate from the field of battle to jousting for superiority in cyber space. The potency of cyber as a weapon can no longer be underestimated by the Indian government as its confrontation with China seems to suggest.
China’s cyber warfare
As a case in point, last week, Chinese cyber attackers launched at least 40,000 suspected phishing attacks on Indian sites which related to information, infrastructure and banking over the course of four days. The coincidence is not lost – Chinese actors are definitely involved, along with states like Pakistan and North Korea, who are aligned with Beijing, or beholden to it.
It is a classic case of Chinese petulance on display as Xi Jinping continues to throw his toys out of the pram, as he faces global rebuke. The government of Australia also reported having been struck by cyber attacks forcing prime minister Scott Morrison to act proactively and allocate $930 million towards recruiting at least 500 cyber spies and bolster the continent’s abilities to take the fight to its attackers. Australia’s investment to prop up its cyber defences over the next decade is one of the largest investments made towards strengthening cyber weapons and defences.
The trail according to Morrison leads back to Beijing. The frequency, scale and sophistication of the cyberattacks synchronised perfectly with Australia’s rapid deterioration in ties with China.
The same script is concurrently playing itself out between India and China. “The epicentre of these attacks was in Chengdu, China,” according to Y. Yadav, IG Maharashtra Cyber Department. A June 18th report also claimed that China had indeed activated the cyber option by resorting to DDOS (distributed denial of service) attacks on Indian information websites and India’s financial payments system.
Countering the dragon
The government of India needs to be agile in order to meet this new threat posed by China. While the Indian authorities have banned at least 59 Chinese apps, it must make an effort towards negotiating past red tape and lethargy in relevant areas to set up an adequate response. Prime Minister Narendra Modi has reiterated that India would provide appropriate responses to Chinese provocation and aggression.
India’s Defence Cyber Agency (DCA) was finally activated last year with rear Admiral Mohit Gupta appointed as its head. The DCA had a two-fold purpose – to fight virtual wars in the cyber dimension and second, to formulate a cyber warfare doctrine. The goal has been to contribute towards a cybersecurity strategy policy which integrates cyber warfare with conventional military operations.
Ensuring that cyber systems are spread across the country’s three defence verticals – army, navy and airforce – is not an easy task given that each portal has their own philosophy and best practices often at the cost of resorting to economy of information sharing between each other. But the time has come for the three services to share operational intelligence and resources because this, in turn, will help to formulate a robust and holistic cyber defence infrastructure for the benefit of the country.
China is not just launching cyberattacks for the sake of achieving military goals alone. Hactivists guided by Beijing are snooping for intelligence across the web related to products and raw material procurement to fight the Covid-19 pandemic, learn about India’s FDI rules that curb inflows of products from neighbouring countries including China, or acquire information about changes in India’s manufacturing, import and other policies that can impact Chinese business interests.
A digital game of checkers
The blueprint for this clandestine operation was devised simultaneously with Prime Minister Modi’s announcement of the Atmanirbhar Bharat Abhiyan with China attempting to pilfer intel on Indian policies and plans drafted towards realizing the tenets of the self-reliant movement. According to a government spokesman the raison de etre behind China’s interest is simple economics, “If they know what India needs or wants to procure, Chinese entities and companies can align their supplies accordingly.”
Under Xi Jinping’s direction, Chinese actors had stepped up cyberattacks on a huge scale globally, after Covid-19 originated in China, targeting the manufacturing, media, healthcare and non-profit sector as part of a broad-based cyber espionage operation.
The government of India will need to be constantly vigilant against a rampaging Chinese state which is currently hell-bent on unleashing mayhem across the globe. Beijing is aware that under current global conditions its main threat is not the US but India. The need for New Delhi, therefore, to keep investing in cybersecurity, for defensive and offensive purposes, will be an ongoing process.
Maharashtra cyber department on Tuesday issued a warning about The advisory comes close on the heels of a similar warning issued by India’s official cybersecurity agency in the backdrop of recent India-China border clashes that have led to worsening of relations between the two countries.
“In last 4-5 days, resources on cyberspace of India especially related to information, infrastructure & banking have been under attack from China. At least 40,300 such cyber attacks were attempted.
The hacker’s hive
The attacks attempted to flood a network with artificially created internet traffic and targeted a variety of sites including government websites and the banking system including ATMs.
The report claimed most of these attacks were traced back to the central Chinese city of Chengdu—a city known as the hub of hackers and also the headquarters of the Chinese Army’s Unit 61398, which is PLA’s covert cyber warfare section.
These attacks were reported on Tuesday last and continued through Wednesday, however, they were unsuccessful.
It is said that several hackers in Chengdu work under the patronage of government agencies to camouflage their operation for official deniability.
Indian agencies had warned that Chinese cyber attackers could also carry out a massive phishing attack in the guise of a free Covid-19 test.
Australia, too, recently suspected a Chinese hand in a massive cyber attack on several of its strategic sites targeting administration, industries, essential services, critical infrastructure and political organisations among others.
Australian Prime Minister Scott Morrison had hinted at China’s role by describing the attacks as “malicious and sophisticated” and carried out by “state-based cyber actor.” He further added that “there are not a large number of state-based actors that can engage in this type of activity”.
Australian experts explicitly named China for the attacks. Australia has been vociferously supporting the demand for an international investigation into the origins of the Covid-19 pandemic and has also backed India’s calls for reforms of the World Health Organization in the aftermath of its initial handling of the crisis.
China had retaliated with tariffs on Australian exports, including barley and beef.
The recent warning is the latest in a series of such alerts issued including the one released last Friday which cited the threat of a cyber attack by North Korea-based cyber criminals.
As preventive measures, all the central security forces have been asked to direct their employees against opening or clicking on attachments in an unsolicited e-mail, SMS or messages through social media.