Warfare in Cyberspace, Challenges and Mitigation Strategies

Context: Chief of Defence Staff General Anil Chauhan released India’s first joint doctrine for cyberspace operations during a meeting of the Chiefs of Staff Committee.

About Cyberspace Warfare

• Cyberspace warfare: It involves cyber-attacks by state or non-state actors that pose a serious threat to national security or are conducted in response to perceived threats against national security.
• Cyber-attacks can:
  • Disable official websites and networks.
  • Disrupt or disable essential services.
  • Steal or alter classified data.
  • Cripple financial systems.
• The cyber warfare ecosystem includes:
  • Cyber terrorism.
  • Cyber fraud.
  • Cyber spying.
  • Cyber stalking.

Challenges Associated with Cyber Warfare

• Critical Infrastructure Vulnerability: India’s critical infrastructure, such as power grids, transportation systems, and communication networks, is highly susceptible to cyber attacks. Disruptions can endanger public safety and national security.
  • Example: The attempted cyber attack on the Kudankulam Nuclear Power Plant in October 2019 highlighted the potential threats to critical infrastructure​.
• Hypothetical Government Projects: Many government projects remain theoretical. The National Critical Information Infrastructure Protection Centre (NCIPC) and the National Cyber Coordination Centre (NCCC) have not been fully implemented despite being authorised.
  • The 2013 National Cyber Security Policy has not been effectively executed, leading to privacy infringements and human rights violations​
• Data Breaches and Privacy Concerns: India has experienced several high-profile data breaches affecting both personal and governmental data. These breaches undermine trust and pose significant risks to privacy and security.
  • Example: In 2023, a major breach exposed the personal information of over 800 million Indian citizens, including Aadhaar and passport details, which were put up for sale on the dark web​
    • Another incident involved a ransomware attack on the All India Institute of Medical Sciences (AIIMS) in 2023, disrupting hospital services and compromising sensitive patient data​ ​.
• Financial Sector Threats: Cyber attacks on financial institutions can cause severe economic damage, leading to financial losses and undermining trust in the financial system.
  • Example: In March 2020, a malware attack on the City Union Bank’s SWIFT system resulted in unauthorised transactions worth USD 2 million​ ​.
• Geopolitical Tensions: Geopolitical tensions, especially with neighbouring countries like Pakistan and China, exacerbate cybersecurity risks.
  • These countries have been involved in cyber espionage and attacks against Indian targets, further complicating India’s cybersecurity landscape
• Ransomware Attacks: Ransomware attacks have become increasingly common, targeting various sectors and causing significant operational disruptions and financial losses.
  • Example: The ransomware attack on the AIIMS disrupted digital hospital services, demonstrating the impact such attacks can have on critical services​ ​.
• Emerging Threats from AI and IoT: The rapid adoption of artificial intelligence (AI) and Internet of Things (IoT) technologies has introduced new vulnerabilities. Cybercriminals use AI to craft sophisticated phishing attacks and exploit IoT devices.
  • • Example: AI-generated deepfake media is being used for identity theft and phishing scams, posing a growing risk to cybersecurity​.
• Lack of Skilled Cybersecurity Professionals: Despite the growing cyber threat landscape, India faces a shortage of skilled cybersecurity professionals, which hampers the ability to effectively address and mitigate cyber threats.
  • Example: Only 24% of firms in India have the necessary resources to effectively manage cybersecurity issues, while over 30% are still in the initial stages of preparedness.

Initiatives Regarding Cyber Security in India

• National Cyber Security Policy, 2013: Aims to create a secure and resilient cyberspace for citizens, businesses, and the government.
  • Outlines objectives and strategies to protect cyberspace information and infrastructure.
  • Focuses on building capabilities to prevent and respond to cyber-attacks and minimise damages through coordinated efforts involving institutional structures, people, processes, and technology.
• Cyber Surakshit Bharat Initiative: Launched to raise awareness about cyber crimes.
  • Aims to create safety measures for Chief Information Security Officers (CISOs) and frontline IT staff across all government departments.
• Indian Cyber Crime Coordination Centre (I4C): Provides a comprehensive framework for law enforcement agencies to deal with cyber crimes.
  • Consists of seven components:
    • National Cyber Crime Threat Analytics Unit
    • National Cyber Crime Reporting Portal
    • National Cyber Crime Training Centre
    • Cyber Crime Ecosystem Management Unit
    • National Cyber Crime Research and Innovation Centre
    • National Cyber Crime Forensic Laboratory Ecosystem
    • Platform for Joint Cyber Crime Investigation Team
• Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre): Launched in 2017 to ensure a secure cyberspace by detecting botnet infections in India.
  • Notifies and assists in cleaning and securing systems of end users to prevent further infections.
• Computer Emergency Response Team – India (CERT-In): An organisation under the Ministry of Electronics and Information Technology (MeitY).
  • Collects, analyses, and disseminates information on cyber incidents.
  • Issues alerts on cybersecurity incidents.
• Critical Information Infrastructure (CII): Defined as a computer resource whose destruction would have a debilitating impact on national security, economy, public health, or safety.
  • The National Critical Information Infrastructure Protection Centre (NCIIPC) was established to protect CII in various sectors such as power, banking, telecom, transport, government, and strategic enterprises.
• Defence Cyber Agency (DCyA): A tri-service command of the Indian Armed Forces.
  • Handles cyber security threats with capabilities to conduct cyber operations, including hacking, surveillance, data recovery, encryption, and countermeasures against various cyber threat actors.

Mitigation Strategies

India needs to adopt comprehensive strategies to enhance its cybersecurity posture:

• Strengthening Infrastructure: Enhancing the security of critical infrastructure through robust cybersecurity measures and regular audits.
• Public-Private Partnerships: Collaborating with private sectors to bridge the gap in cybersecurity expertise and resources.
• Educational Initiatives: Investing in cybersecurity education and training to develop skilled professionals.
• International Collaboration: Engaging in international partnerships to share knowledge and resources, as seen in collaborations with the US, Japan, and Taiwan​.
• Policy and Regulation: Updating and enforcing cybersecurity policies and frameworks to keep pace with technological advancements.

Sharing is caring!