IT Powerhouse India ‘Very Weak’ In Cyber Warfare Capabilities; Highly Susceptible To Chinese Virus Attacks- Experts
India’s CDS on April 7 warned that China was capable of launching cyber-attacks against India and was even superior in cyber technology.
“We know China is capable of launching cyber-attacks on us. And that it (China) can disrupt a large number of our systems,” Chief of Defence Staff (CDS) General Bipin Rawat said at an event, adding that the country was developing systems for the cyber defense to deal with such attacks.
He mentioned that the focus was on ensuring that “the downtime and the effect of a cyber-attack” did not last long.
In October 2020, India’s financial hub Mumbai had experienced a power outage, which according to a US-based internet security company, Recorded Future, was “meant as a message from Beijing about what might happen if India pushed its border claims too vigorously,” The New York Times claimed in its report.
The company on February 28 this year had claimed that Chinese malware was inserted into the control systems that manage electric supply across India last year.
“Since early 2020, Recorded Future’s Insikt Group observed a large increase in suspected targeted intrusion activity against Indian organizations from Chinese state-sponsored groups,” Recorded Group concluded in its findings.
The report claimed that 10 distinct Indian power sector organizations, including 4 of the 5 Regional Load Centres (RLDC) responsible for the operation of the power grid through balancing electricity supply and demand, have been identified as targets in a concerted campaign against India’s critical infrastructure.
Cyberattacks are emerging as the modern means of covert targeting of critical installations, which can be undertaken clandestinely and with immense impact on the adversary.
International Cyber Attacks
In the most recent instances of such an attack, Israel ‘did not deny’ that it was behind a cyberattack on Iran’s nuclear facility which the Islamic Republic’s nuclear energy chief characterized as an act of terrorism that required a response against its perpetrators.
Iran’s nuclear chief, Ali Akbar Salehi, urged International Atomic Energy Agency (IAEA) to take action against the perpetrators of the attack. He confirmed that a “terrorist attack” had damaged the electricity grid of the Natanz site.
This was not the first time the Iranian nuclear facility was targeted and prevented from starting operations. In 2010, a joint CIA and the Mossad cyberattack, involving a computer virus called Stuxnet, caused immense disruption and delayed the country’s nuclear program for several years.
India Needs To Beef-Up
The Indian security experts contend that India needs to boost its cyber capabilities and build a credible cyber army, which can protect the Indian sovereign interests. China considers its cybersecurity as its national security, and India needs to take this new and evolving domain of war more seriously.
Most Comprehensive Cyber Powers – NCPI 2020
- United States
- United Kingdom
- New Zealand
- Republic of Korea
- Saudi Arabia
It’s also important that India should discontinue allowing Chinese investments in the power and telecom sector, say the cyber experts. Our dependence on Chinese equipment used in the power and telecom sector is highly worrying, they add.
Pravin Sawhney, the India-based strategic affairs analyst, explains in his videowhy the establishment of a cyber command is critical for India.
Reacting to the Chief of Defence Staff Gen. Bipin Rawat’s who recently said the Chinese had acquired offensive cyberattack capabilities, Sawhney said such capability had existed as early as 2003 with the country.
He countered Gen. Rawat on another claim about the capability gap in the cyber domain being the biggest between the two countries, saying there were many other domains in which India lagged behind its neighbor.
“PLA (People’s Liberation Army) would have shared certain offensive counter-attack capabilities in cyber warfare with the Pakistan military, given that the two countries share a common mission,” he says.
“It was 2003 when the PLA publicly said that they were looking at six capabilities in cyber because the Chinese were very conscious of the fact that defensive capabilities in cyber are meaningless. You only need attack (offensive) capabilities,” he says.
The capabilities included the plantation of information mines, carry out information reconnaissance, change network data, release information and logic bombs, dump information garbage, disseminate propaganda, apply information deception, release clone information, organize information defense, and establish spy stations.
With their collaborative cyberattack in 2010, the USA and Israel used the Stuxnet virus against the Iranian nuclear plant to destroy its centrifuges. The entire Iranian nuclear program was bought back by a couple of years as a result.
“Stuxnet was the first cyber weapon the world had seen. It had the capability to go beyond cyberspace into the physical world and damage a nuclear facility, rendering it useless.”
Sawhney observes that the lesson from the Stuxnet incident was that if every major power had developed such humongous cyber offensive capabilities, they needed to be dovetailed into a cyberwar campaign. And that is what the major powers have been doing.
“During the Mumbai cyberattack, the Chinese were doing what’s called a ‘battle damage assessment.’ They were getting to understand how difficult certain strategic targets are and what sort of payloads and capabilities we will need against them. This is one thing that the battle damage assessment does.
He says the battle damage assessment also helped China assess the detection capabilities of India. “Now here, in certain areas, we have computer emergency teams which have done reasonably well. So, our detection capabilities are not so bad.”
He says the Defence Cyber Agency set up by the Indian government is merely doing a cyber defensive task.
“I am told the NTRO (National Technical Research Organisation) and RAW (Research and Analysis Wing) have a few offensive capabilities, but they are so insignificant that they are not even worth mentioning,” Sawhney adds.
“A cyber command is required today because there’s nothing called defensive capabilities. You need offensive capabilities. It is about ‘attack’ in cyber. And if you need offensive capabilities, only a cyber command can do that,” he says.
He believes India can build its own cyber army since it has a lot of talented people who can write complex algorithms.
“They have to be provided the wherewithal. Not only that, create offensive capabilities. It will go a step further in teaching how to manage the cyberspace, how to do the maneuver and attrition together in that cyberspace.”
Congress Demands Cyber Command
Indian Congress leader Rahul Gandhi had given the call for the establishment of a cyber command earlier, when he said, “It is about time India seriously considers a dedicated cyber command. It should be done ASAP.”
He explains how civil and military installations are vulnerable in various ways. “It comes in terms of hardware (computers, electronics, etc.) because we have picked up all these things from all over. We never really encouraged or did the handholding of our SMEs, the people who have the talent in this country.
The country’s hardware isn’t tested. We don’t know if it has spyware, we don’t know if it has backdoors, because we simply don’t have a national cybersecurity policy. The first one was written in 2013 which was very generic in nature and we were promised that in 2020 a second one will come. It has not come.”
He says it’s all the ministries – whether it is defense, power, electronics, information or home – that have their own small cyber things.
“So, nobody knows who’s testing what because there are no standards set. There are no labs which have been identifying whether the procedures are there for hardware at all,” he adds.
Talking about the supply chains which have become a cause of concern around the world, Sawhney says they represent the biggest vulnerability. It can come from anywhere, and Chinese as we know, are there in all the important supply chains of the world today, he adds.
We have a vulnerability in the software. And now, we have a vulnerability in the infoware, which is your data. We simply do not have a consolidated data policy in the country. So data is scattered all over, it cannot be analyzed. What do you do with the data if you can’t do data analytics? These are all vulnerabilities.
The proliferation of digitization has in the operations of the armed forces has also made them vulnerable. “In the air force, the vulnerabilities are there because of electronics and the infiltration of cyber in the physical space (mouses, keyboards, routers).
As far as aircraft are concerned, their cockpit controls, flight controls, the ATCs at the airport, the components of most of which have come from China,” Sawhney observes.
“Our telecommunication, power – all the strategic areas have Chinese components and we don’t know. In fact, we don’t know about any country. Chinese also bid at lower prices and easily get the contracts.”
“India needs the cyber command now, with a focus on offensive capability,” Sawhney maintains. He says the country needs a cybersecurity policy, which can take care of the hardware, software, infoware, and vulnerabilities in these areas.
The dangers of using China-based supply chains were demonstrated when PLA was found to have planted chips on the Supermicro motherboards to infiltrate and spy on more than 30 top US-based corporations and the Department of Defence, which a Bloomberg report unveiled.
The revelation had sent shockwaves through the US intelligence agencies. It also raised concerns about the reliability of the China-produced electronics equipment, forcing multiple nations to ramp up their cyber monitoring and security.