Expert Speak Digital Frontiers
Published on Sep 26, 2022 Updated 2 Days ago
Indian needs to adopt a more proactive approach and foresee the potential of cyber technologies in an active war scenario.
India: Crucial cyberwarfare capabilities need to be upgraded Much like any innovation, the onset of global networked computing also invited the beginning of malicious use of the technology. The storing of wealth in the form of data and digitised state secrets was the commencement of cyberspace becoming a military matter. However, even until a decade earlier, some scholars were sceptical of the possibility of cyber war being strategically consequential. They argued that the absence of physical violence in earlier cyberattacks (such as Stuxnet or Sandworm) did not meet the criteria of war (being violent, instrumental, and political) but were tools to initiate war, sophisticated versions of subversion, espionage, and sabotage.

Cyber-attacks outside of armed war

The world has seen many cases of cyber-attacks in espionage and sabotage. Many significant cyberattacks in the military and civil spaces have occurred in recent months. APT41, a Chinese state-sponsored hacking group, allegedly hacked into six US state governments between May 2021 to February 2022. Another Distributed Denial of Service (DDoS) attack in the preceding month was the cyber-attack on Israeli government websites. While the government has said this was the cyber-attack Israel has faced, investigations are yet to determine the source of the attack. Similarly, a targeted cyber-attack campaign on Russian research institutes was discovered in June 2021. The target was research institutes under the Rostec Corporation, whose primary expertise is the research and development of highly technological defence solutions. In India, researchers detected a new ransomware that made its victims donate money to the needy. However, this ransomware, called Goodwill, also acts maliciously by causing temporary or even permanent loss of company data and the possible closure of a company’s operations and finances. In the last two decades, cyber warfare has remained true to being a form of espionage, avoiding participation in catastrophic attacks and armed coercion. Most adversary state-sponsored cyber activity occurs outside armed conflict and has not been primarily coercive in the application. Instead, military organisations use cyber operations to erode an opponent’s capabilities through supply-chain manipulation; weakening domestic political cohesion; undermining confidence in government institutions; stealing databases; and eroding international alliances through disinformation and information manipulation.

In the last two decades, cyber warfare has remained true to being a form of espionage, avoiding participation in catastrophic attacks and armed coercion.

Of 426 publicly known state-sponsored cyber-attacks, none have qualified as the level of armed conflict. Overall, cyber-attacks were considered significant if they caused a loss of over US$1 million (representing a large discrepancy in what is regarded as the cost of war vs the cost of significant cyber-attacks). This has also informed many countries' cyber strategies and policies, which do not consider, so far, in any meaningful manner, the use of cyber technologies in a capacity equivalent to armed conflict integrated with the domains of war (land, sea, air, and outer space).

Re-imagining war with Cyber-enablement

In an alternate view, many scholars have refuted cyberwar’s lack of significance as a domain of armed war. While cyber-attacks have ‘lacked significance,’ cyber-based capabilities have aided war. An example is the contribution of tech companies supporting Ukraine amidst Russia’s invasion of Ukraine by providing Artificial Intelligence (AI) facial recognition capabilities to help identify Russian soldiers and Ukrainians who have been lost to the war on the battlefield. Some companies have also responded to the Ukraine-Russia War by offering free cybersecurity tools supplying threat detection services. Using these cyber tools in the context of an ongoing war is both a novelty and, thus, a novel complication that may change the outlook of war and armed conflict.

India’s sophistication: Reality and requirement

India is positioned amongst third-tier countries on a spectrum of cyber warfare capabilities. This position has been allocated based on the strength of the country’s digital economies and the maturity of its intelligence and security functions to how well cyber facilities were integrated with military operations. In this same ranking, the US is the only top-tiered country, with  China and Russia hot on its heels. Despite the latter two being lower on the scale than the US, they were capable enough to warrant the G7 foreign ministers’ meeting in 2021 to bring their cyber activities into line with international norms. Notwithstanding its high ranking, the US was criticised for having loose cyberwar regulations until, in March 2022, the senate signed its Cybersecurity Legislation to protect against attacks in civil and war capacities by enhancing communication between the private sector and the government. While the G7 did use its platform to comment on cyber-attacks for espionage by the countries mentioned above, most countries only discuss cyber security under a civil lens in the context of financial resilience and protection. India, thus, needs to foresee the potential of cyber technologies in active war and needs to formulate a cyber warfare strategy independently.

The US was criticised for having loose cyberwar regulations until, in March 2022, the senate signed its Cybersecurity Legislation to protect against attacks in civil and war capacities by enhancing communication between the private sector and the government.

Unlike the other countries mentioned, India still lacks a comprehensive, modern, and updated cyber warfare strategy. India is in the final stages of clearing a National Cybersecurity Strategy, 2020 and has a National Cybersecurity Policy, 2013. These, however, do not discuss armed conflict or active espionage. In May 2021, India set up its Defence Cyber Agency (DCA). The DCA works closely with National Technological Research Organisation, India’s Research and Analysis Wing, National Security Council, and the Defence Research and Development Organisation. These organisations have often been the target of cyber-attacks and are now protected to a greater capacity with the inclusion of the DCA. The DCA aims to thwart any attacks on their authorities to access critical military infrastructure. In these capacities, India only addresses cybersecurity attacks and not cyber warfare. That is, the concern currently is over the importance of civil and military data rather than the use of technology in actual warfare. India needs to adjust the current view of cybersecurity from a form of espionage to one that can be used to actively harm in case of war. The current cybersecurity regulations in India avoid questioning the importance of cyber warfare; the necessity of cyber weapons; India’s stance on peace-time state-sponsored hacking; the use of cyber weapons on military targets and defining military use/targets. India needs to employ a strategy that discusses two philosophies of thought: A cyber strategy for offence and defence. India should combine the two in a strategy focusing on deterrence. To allow for this, policies aimed at improving a nation’s cyber security would need to increase the amount of information-sharing and real-time threat detection among governments, industry, and academia. Similar to the cybersecurity legislation signed by the US Senate, as mentioned above, even the private sector and the public would be involved in reporting cyber-attacks, making significant changes in the current classification policy for cyber vulnerabilities and attacks. Governments, industry, and academia would need to share information about the latest attacks, malware signatures, and vulnerabilities aside from an offensive strategy that would focus on intimidation and expansion of peace-time cyber capabilities.

Policies aimed at improving a nation’s cyber security would need to increase the amount of information-sharing and real-time threat detection among governments, industry, and academia.

After creating a landscape of information sharing and protecting even civil users, whose privacy/ access can be exploited, from cyber-attacks, India can relegate cyber weapons to the role of a deterrent. India, in this capacity, would be capable of impairing adversary states with little funding, providing an elevated level of deniability, and eliminating the problem of geographical distance, equalising the field against countries with higher nuclear, weaponry or funding capabilities. Using an offensive cyber strategy will also assist in stabilising India over other developing countries that are vulnerable to cyberattacks. India’s current approach adopts a reactionary “whack-a-mole” approach rather than creating deterrence. In addition to such a deterrent strategy, India must harden its targets and aim primarily at state-sponsored attacks (through cyberwarfare strategies, while cybersecurity strategies will continue to focus on non-state data breaches). A segment of cyber deterrence can be classified under ‘cyber persistence’, which includes cyber operations, activities, and actions to generate through persistent operational contact, and continuous tactical, operational, and strategic advantage in cyberspace. Cyber persistence and cyber deterrence do not discuss avoiding conflict or contact,  they rather discuss creating in-house strategic benefits that enhance freedom to operate and manoeuvre in cyberspace, tactical friction, and warfare. An effective cyber warfare strategy would discuss developing and employing strategic capability to work in cyberspace, integrated, and coordinated with the other operational domains. It will have to lay down a specific action plan to respond primarily to state-sponsored attacks that threaten national security. While we develop a national cybersecurity strategy, enhancing cyber warfare capabilities is equally imperative. Those enhancements would be technological, organisational, and human, employed for cyber offence, cyber defence, cyber deterrence, or combinations of these.
The views expressed above belong to the author(s). ORF research and analyses now available on Telegram! Click here to access our curated content — blogs, longforms and interviews.

Author

Shravishtha Ajaykumar

Shravishtha Ajaykumar

Shravishtha Ajaykumar is Associate Fellow at the Centre for Security, Strategy and Technology. Her fields of research include geospatial technology, data privacy, cybersecurity, and strategic ...

Read More +