As India and China are engaged in prolonged border tensions, India is boosting its capability to deal with cyber-attacks given growing threats from China and the prospects of algorithmic warfare.
Although India’s cyber command under Rear Admiral Mohit Gupta became operational in November 2019, experts fear that the recent military stalemate along its borders with China may blow to non-contact or algorithmic warfare.
Speaking to Anadolu Agency, India’s former Director-General of Military Operations retired Lt. Gen. Vinod Bhatia apprehended that there may be a shift to non-contact warfare between the two countries.
“It is a stalemate on the ground. The domain, in this case, may shift to non-contact warfare without changing the stance on the ground. Thus, we will also have our defenses ready when it comes to non-contact warfare including cyberattacks,” he said.
According to a recent National Cyber Power Index report published by Harvard University’s Belfer Center, China ranks second, after the US, in cyber power. The report has identified seven national objectives that countries pursue using cyber means including surveillance, foreign intelligence collection, and cyber defenses.
“Countries with high levels of both intent and capability for a specific objective are among the highest-ranking countries in the NCPI. These countries both signal in strategies and previously attributed cyber-attacks that they intend to use cyber to achieve policy goals and have the capabilities to achieve them” stated the report.
About China’s growing cyber power, Bhatia counted it a viable threat to India and thus argued that cyber defense is integral and has now become a priority area.
A recent investigation by a national English language daily The Indian Express revealed that China is monitoring the online activities of at least 1,350 Indians, including key politicians and some high-profile individuals in the country. The list includes former presidents, prime ministers, key businessmen, and even Bollywood actors.
“In the Overseas Key Information Database (OKIDB) developed by the Shenzhen information technology firm with links to the Chinese government and the Communist Party, politicians account for the largest group of high-profile individuals being monitored through their online presence,” stated the newspaper.
Responding to these reports, External Affairs Minister Subrahmanyam Jaishankar said the government has constituted an expert committee under the National Cyber Security Coordinator to study these reports and evaluate their implications.
– China denies official hand
Chinese Foreign Office Spokesperson Wang Wenbin said the company allegedly monitoring prominent Indian personalities is a private company and instead of collecting data, it only mobilizes data that is open and available online.
“I would like to stress that as a staunch defender of cybersecurity, China opposes and fights all cybercrimes. We would like to enhance dialogue and cooperation with other countries to jointly build peaceful, secure, open and cooperative cyberspace, “he said.
A cybersecurity expert, Amit Dubey, told Anadolu Agency that China may use India’s cyber vulnerabilities with bad intentions.
“Most of these espionage activities and advanced persistent threats (APTs) groups are from China, at least 60-70% of them, and they are also state-sponsored. What is more concerning is how are they going to use this data?” said Dubey.
Pointing at the recent cyber-attack through, Maze ransomware, at the New Jersey headquartered Cognizant IT company, Dubey said these attacks had the potential to transfer all the data from the server.
“The company had to pay heavy ransom and penalty to avoid getting the data leaked to the public. The attack was also attributed to China to exploit the company. This is the latest example that tells us how strongly we need a cyber defense mechanism,” said the cyber expert.
After Indian and China forces clashed at the Galwan valley in the northern Himalayan region of Ladakh in May, New Delhi banned 244 Chinese mobile applications.
– Experts call for issuing guidelines
Speaking to Anadolu Agency, Khushhal Kaushik, a cyber expert and also the founder of cybersecurity company Lisianthus, said the government cannot do anything further without concrete cybersecurity guidelines.
“Issuing guidelines is particularly important as India has the world’s highest number of internet users who download millions of apps every year, with most apps being insecure due to security reasons. Once the government issue guidelines, the application owners will have to comply or pay penalty,” he said.
Kaushik highlighted that these mobile applications take user data and since the world is getting highly dependent on technology and cyberspace it is necessary to strengthen the country’s cyberspace.
“The government’s guidelines should include quality of encryption, data security and privacy, programming framework, and security frameworks. There is a reason why the TikTok app allowed the fact-checking features in the algorithm to be exceptionally simplified so that data leakage could be made easier,” he added.
As per the Internet Crime Report 2019, released by the Internet Crime Complaint Centre of the Federal Bureau of Investigation in the US, India ranks 3rd in the world among 20 countries that are victims of internet crimes.
– Come out of defensive mode
Dubey stressed that it is highly important for India now to come out of its defensive mode and become more aggressive.
“With the defensive approach, if there are 100 cyber-attack attempts, we can only detect the successful one. Thus, the defensive outlook is going to help very little in the long-run. We need to build a strong cyber power to be able to be offensive and counter-attack,” emphasized Dubey.
All the experts also urged to keep a watch on the supply-chain attacks from China, since India is one of the main importers of Chinese products.
Bhatia also said that it is highly important to take all precautions and bring in guidelines to monitor supplies since China has already infiltrated the Indian market.
“In military equipment, Chinese parts are avoided in critical systems. We have our codes to safeguard, but we also need to keep a strong eye on the supply-chain from China,” he said.