Increasing cyber threat The Excelsior 10 Mar 2021 Maj Gen Harsha Kakar


Increasing cyber threat

Increasing cyber threat The Excelsior 10 Mar 2021

          The New York Times (NYT) in a recent article blamed a Chinese hacker group called ‘RedEcho’ for the failure in Mumbai’s power grid on 12 Oct last year which led to a power failure, stopped trains on tracks and hampered those working from home. The NYT claimed that this was possibly a warning from Beijing. The Times of India stated in an article of 05 Mar that 10 Indian power assets as also Mumbai and Tuticorin parts had been hacked.

Responding to the Mumbai power outrage, the power ministry stated, ‘There is no impact on any of the functionalities carried out by POSOCO (Power System Operation Corporation) due to the referred threat. No data breach/ data loss has been detected due to these incidents.’ Many within India questioned the government as to its intention in protecting the Chinese and denying their cyberattack.

          China refuted the accusations of the NYT. Its foreign office spokesperson Wang Wenbin stated, ‘As a staunch defender of cybersecurity, China opposes and cracks down on all forms of cyberattacks. Speculation and fabrication have no role to play on the issue of cyberattacks, as it is difficult to trace the origin of a cyberattack. It is highly irresponsible to accuse a particular party.’ No nation claims to support cyberattacks and always denies the existence of such groups on their soil, though the reality is different.

Cyberattacks fall in the realm of Grey Zone warfare and are being increasingly employed across the globe. This nature of warfare is below threshold of actual war and hence is ongoing during periods of peace as also war. During periods of conflict, cyberattacks can be employed with devastating consequences on the targeted nation. Major facilities could be hit impacting the nation’s warfighting capabilities.

Towards the end of last year, the concentration of global cyberattacks were on pharmaceutical companies involved in developing vaccines for COVID 19. The Economic Times stated on 24 Dec 2020 that attacks on, ‘leading pharmaceutical companies and vaccine researchers in Canada, France, India, South Korea and the US, came from Strontium, an actor originating from Russia, and two actors originating from North Korea called Zinc and Cerium.’ Recently there were reports of Chinese hacker group, APT10, attempting to infiltrate into the IT infrastructure and supply chain software of Bharat Biotech and Serum Institute of India, both involved with development of vaccines in India.  

A study published by the Harvard Kennedy School of the US stated that India was 21st amongst 30 countries whose cyber power capabilities were assessed. The report mentioned that there were 13 countries, including India, which ‘neither show intent nor build capabilities in the offence or destructive intents.’ The report added that India does not possess a National Cyber Strategy. China on the other hand is 2nd in the world in Cyber power. A report published by cybercrime lists Russia, China, Eastern Europe, Romania and Brazil as the top countries from where maximum cyberattacks originated in 2019.

As per The Print, a report released by Subex, a Bengaluru-based firm providing analytics to telecom and communication service providers, mentioned that India was amongst the most Cyber targeted nation in 2019. It added that most attacks on India originated from Slovenia, Ukraine, Czech Republic, China, and Mexico. The sectors targeted were critical infrastructure, banking, defence and manufacturing. In many cases, including the recent attacks, the aim was not to cause damage but to study security systems employed, pre-position destructive malware and gather strategic information. In case of hostilities, these would be targeted with vengeance.

On the cyberattack on power infrastructure, cyber security expert, Col KPM Das, states, ‘70% of the generation and distribution infrastructure in Indian power companies comes from China. The difference in prices is 30-40% and hence Request for Proposals (RFP) is bagged by them. Getting out of this stranglehold will take time.’ He adds, ‘The solution is to add layers to cyber perimeters. In addition, a policy change incorporating trusted source in the RFP must be included, adding objectivity in the process. Simultaneously, we must support our domestic industry to cut imports in critical products.’

In end 2019, the government created a Defence Cyber Agency to control and coordinate joint cyber operations of the armed forces. The agency incorporated existing capabilities of the forces to tackle threats in the cyber domain. It also includes elements of DRDO. Its roles would include fighting virtual wars in the cyber domain and formulating a doctrine for cyberwarfare. Nidhi Singh, writing on this agency states, ‘The creation of this new agency highlights the weaponization of cyberspace as a tool of modern warfare, and also the importance of data and information sharing between the three services in order to better protect the nation.’

India is a tech giant. It is the feeder to most global technology companies. There is no dearth of experts within and yet we remain far behind. The reason is hesitation in involving the private sector in enhancing security measures in critical infrastructure. Experts state that since India imports most of its hardware from China it will always be open to cyberattacks. Rahul Tyagi, a cyber expert states that India needs more time and money to improve defensive cyber capability and cannot even contemplate using cyber as an offensive weapon.

The government recently inducted SaaS giant Zoho’s founder Sridhar Vembu to the National Security Advisory Board (NSAB). He is likely to be tasked for developing cybersecurity measures. The NSAB provides inputs to the NSA, Ajit Doval, a single point contact for Prime Minister Narendra Modi on national security and issues of strategic interest. This appointment is an indicator that the government is now shifting focus onto Cybersecurity.

India’s growing enmity with China would imply that the nation’s crucial assets, including defence and other support infrastructure, would remain under threat. Unless long term measures are adopted, their being rendered inoperable during hostilities or at crucial junctures is a strong possibility. India, as a nation, is already behind most other economic giants in cyber power. It is time to open our eyes and concentrate on this crucial aspect of warfare.