Context: Highlighting the extent of cyber threat India and the world faces and the need for affirmative counter-measures.
Institutional system for cyber security in India
PMO/Cabinet Secretary:
National Security Council (NSC)
National Technical Research Organisation (NTRO)
National Critical Info Infrastructure Protection Centre (NCIIPC)
National Crisis Management Committee (NCMC)
Research & Analysis Wing (RAW)
National Information Board (NIB)
of Home Affairs
National Cyber Coordination Centre (NCCC)
Directorate of Forensic Science (DFS)
National Disaster Mgt Authority (NDMA)
Central Forensic Science Lab (CFSLs)
Intelligence Bureau (IB)
Ministry of Defence
Tri Service Cyber Command
Def Info Assurance & Research Agency (DIARA)
Defence Intelligence Agency (DIA)
Defence Research Dev Authority (DRDO)
Ministry of Electronics and Information and Technology
Indian Computer Emergency Response Team CERT- IN
Centre for Development of Advanced Computing C-DAC
Extent of cybersecurity threat:
State-sponsored cyber offensive: Recorded Future, a U.S.-based cybersecurity firm, found an increase in malware attacks from China targeting the Indian government, defence organisations and public sector.
Critical infrastructure targeting: At least 10 Indian distinct power sector organisations are said to have been targeted, in addition to two Indian ports.
Identification of the network infrastructure: , AXIOMATICA, SYMPTOTE, whose servers are known to be used by RedEcho, a Chinalinked activity group.
E.g. ShadowPad is depicted as a “back door ‘Trojan’ malware which creates a secret path from a targeted system to a command and control server to extract information”.
Ability to bring a nation to its knees: E.g. attack in 2016 on Ukraine power grid, coordinated by cybersecurity professionals, planned for months.
Cyber espionage: A global ‘spearphishing campaign’ targeting organisations responsible for vaccine storage/transportation was unleashed by China, seeking sensitive information about vaccine research.
Exploiting the weakness: The Chinese group, Hafnium, has been responsible for exploiting a series of flaws in the Microsoft software (enabling trackers to gain access to the system.)
Cyber interference: allegedly done by Russia in the S. Presidential elections in 2016.
China: Epicentre of cyber attacks
Spillover of antagonistic India-China relations: To keep India in thrall while outwardly demonstrating a conciliatory posture, like vacating from Eastern Ladakh.
Widening gap between India and China: As India grows closer to the U.S., Cyber as a threat vector will be employed against countries that do not fall in line with China’s world view.
Rising global ambition: China has forged a firm nexus between authoritarianism, global ambitions and technology, and is determined to transform the global order.
Way forward
Active Defence: E.g. Post 2017 attack on U.S. security tools, U.S. preferred to indulge in ‘active defence’ by seeking to hack enemy networks.
Adequate funding and capacity development: E.g. U.S. included a sum of over $10 billion for cybersecurity in COVID-19 Relief Bill, intended to improve its readiness and resilience in cyberspace
Comprehensive cyber strategy: That fully acknowledges the extent of cyber threat from China.
China’s 2021 Defence Budget (amounting to $209 billion) gives special weightage to the Strategic Support Force (SSF), which embraces cyber warfare).