Indian Cyber Capabilities

Chapter 1
Iffat Zaheer
201842
Introduction:
•  India is positioned among the third-tier countries on a spectrum of
cyber capabilities.
• Three approaches are used by threat actors to acquire cyber
capabilities:
1. They include creating an indigenous capability
2. buy a capability from external sources or use partnerships
3. purchase as a "bridge" to eventually developing custom capabilities.
• A key evolutionary driver of this diverse landscape is the ability for
actors and nation-states to purchase their capabilities.
• Experts identify two types of partnerships that can be drivers for proliferation
of capabilities:
1. Partnerships with other nation-states
2. Partnership with criminal or private organizations.
• Leadership buy-in can shape whether cyber emerges as a well-resourced
capability for military or intelligence organizations.
• Nation-states that choose to build their own defensive and offensive
capabilities are more likely to be categorized in a higher tier given the
sophistication and precision needed.
 India’s Cyber Space program from evolution to current day scenario

• The expanding centrality of the internet indicated by the International

Telecommunications union (ITu), that only in India the Internet users
have increased from 2005 to 2013 to more than two billion who are
using the internet for their own purpose and as a result electronic crimes
have also increased over the last two decades.
• Pakistan and India also are working to formulate a cybersecurity strategy.
• Nation-states view cyber espionage as a tool for countering internal
dissent or acquiring diplomatic or competitive advantage.
• To protect the critical infrastructure and electronic market India is
working since the last four decades to formulate a proper cyber strategy.
• NIC – 1975
• A recent dynamic is the diffusion of expertise as former government,
intelligence, or military cyber experts offer their expertise for hire to
nation-states seeking to jump-start cyber programs.
India’s National Cyber Space Policy:
• 2013 – First Policy
• In 2017, an approach was made by Indian’s armed forces in which they
publicly released a doctrine of including Cyber space as one of the main
strategic units in addition to land, sea and air. This doctrine ended in
establishment of Defense Cyber Agency in 2019.
• In late 2018, a doctrine was also released named as Land Warfare
Doctrine which depicts cyber capabilities.
• In the high-level government meeting held on January 2021, a security
strategy for the telecom sector was discussed.
 Governance Command and Control:
• 2003 - National Computer Emergency Response Teams (CERT-In)
• 2004 - National Technical Research Organization
• 2004 – National Information Board
• The government agencies get wide range of powers after the amendments in
Information Technology Act 2000, in 2008.
• In a security review of 2011-12, the cyber security was identified as a key area of
development with the recommendation of establishment of the centralized cyber
command and also civilian institutions under the power of government agencies
• 2013 - Improvement of cyber security and offense policy.
• 2014 - National Critical Information Infrastructure Protection Center (NCIIPC)
• 2019 - Defense Cyber Agency (DCA)
 Core Cyber Intelligence Capability:
• International Bureau (IB)
• Research and Analysis Wing (RAW)
• 2002 - Defense Intelligence Agency (DIA)
• Indian cyber teams targeting many Pakistani IP addresses with secessionist
movements within India itself since 2010
• Joint Intelligence Committee
• Multi Agency Center ( MAC)
 Cyber Empowerment and Dependence:
• It is estimated that by the end of 2025, the core digital sectors like ICT enabled
sectors and electronics manufacturing will contribute 10% of GDP.
• Foreign investments
• India was ranked third in a study in 2018 by the Boston Consulting Group in the
application of AI to industrial processes after US and China.
• The investment of 762 million US dollars was received by India in 2019 which is
an increase of 44% from the year 2018.
• Indian Space Research Organization (ISRO) is one of the six largest space
agencies with largest fleet of satellites used for military and civil purposes.
• Satellites for the navigation and surveillance purposes are also used by ISRO
using dual use surveillance satellites.
 Cyber security and resilience:
• India was positioned 47th out of 175 nations in the International Telecom Union's
2018 Global Cybersecurity Record, well behind its international adversary China
(27th).
• In cyber resilience policy and readiness for crises, India has a few establishments
set up, with the NCIIPC dynamic in advancing arrangements and methods all
through the country since it was made in 2014.
• Global Leadership in cyber space affairs:
• National Cyber Security Policy of 2013 - India's diplomatic objectives incorporated
the improvement of bilateral and multilateral network safety connections just as
worldwide participation between public law implementation organizations, security
administrations, legal frameworks and military.
• Joint Cyber Security Training Center
 Offensive Cyber Capability:
• India has grown moderately progressed offensive cyber abilities focused on
Pakistan.
• 2014- Prime Minister Modi's interest in making a 'Digital Armed Force‘.
• 2019 report commissioned by an influential Indian research organization with close
connects to the administering Bharatiya Janata Party encouraged the quick
development of offensive cyber capacities.
• It is noteworthy that the coronavirus pandemic-driven digital transformation of the
Indian economy has spurred massive expansion of the country’s cybersecurity
product industry, which has almost doubled its revenue from $5 billion in 2019 to
nearly $10 billion in 2021. While this provides the correct foundation for India’s
private sector to lead the development of India’s offensive cyber capabilities.
• Hostile computer programs might infiltrate a nuclear-powered defence system
and use design flaws and system failures to gain access.
• Digital spoofing and jamming are two types of cyber-attack concerns that can
cause problems with communication, data manipulation, and other activities.
• In contrast to kinetic weapons, the India has the ability to manage the
reversibility of the consequences of cyber capabilities in specific situations.
• In 2014, the government established the National Critical Information
Infrastructure Protection Centre (NCIIPC) to boost India's cyber-security
measures. It helped promote policies and procedures “to secure and resilient”
cyber infrastructure across areas including power and energy, banking, and
telecom, among others.
 MOUs with other states:
• The MOU was signed in New Delhi by Jane Holl Lute, Deputy Secretary for the
U.S. Department of Homeland Security (DHS) and R. Chandrashekhar,
Secretary, India Department of Information Technology. The agreement helps
fulfill the joint commitment of both nations to advancing global security and
countering terrorism, one of the pillars of the U.S.-India Strategic Dialogue
launched on July 20, 2009.
• MOU June 2011 meeting of the Information and Communications Technology
Dialogue by the Indo-U.S. Working Group in Washington, D.C.
Conclusion
 Chapter 2

INDIA’S OFFENSIVE CYBER

CAPABILITIES: A THREAT TO PAKISTAN’S
SATELLITE NETWORK
 Introduction
• Cyberspace activity may be significant in two ways: first, by contributing
to development and assisting in the onset of a war; and second, by
becoming a component of a "hybrid" kinetic and cyberspace conflict.
• India launched Operation Hangover against Pakistan, and Pakistan
responded by spearheading Operation Arachnophobia, a covert
intelligence gathering operation against Indian officials.
• According to International Institute of Strategic Studies (IISS) report, Indian
offensive cyber capabilities are “regionally focused, principally on Pakistan.”
This implies that Pakistan’s Information Communication Technology (ICT) and
satellite networks are vulnerable to India’s offensive cyber threats. India’s
ambitions to become a cyber-power are confirmed by her plans to build a
“Cyber Command” in near future. It has the ability to take offensive cyber
operations against Pakistan’s satellite networks to make them ineffective
during peace and war time.
 India’s Offensive Cyber Capabilities
• Hostile computer programs might infiltrate a nuclear-powered defence
system and use design flaws and system failures to gain access.
• Digital spoofing and jamming are two types of cyber-attack concerns that can
cause problems with communication, data manipulation, and other activities.
• In contrast to kinetic weapons, the India has the ability to manage the
reversibility of the consequences of cyber capabilities in specific situations.
• In 2014, the government established the National Critical Information
Infrastructure Protection Centre (NCIIPC) to boost India's cyber-security
measures. It helped promote policies and procedures “to secure and
resilient” cyber infrastructure across areas including power and energy,
banking, and telecom, among others.
• It is noteworthy that the coronavirus pandemic-driven digital transformation
of the Indian economy has spurred massive expansion of the country’s
cybersecurity product industry, which has almost doubled its revenue from $5
billion in 2019 to nearly $10 billion in 2021. While this provides the correct
foundation for India’s private sector to lead the development of India’s
offensive cyber capabilities.
 Neil Rowe provides the most in-depth
explanation of how reversibility might be
achieved, explaining four different
techniques:
i) Reversible cryptography
ii) System obfuscation
iii) Data retainment and restoration
iv) Compromise deception
• IISS "India is having significant cyber-intelligence and offensive cyber
capabilities, although they are geographically and primarily Pakistan-
focused. It is simply trying to accommodate for its weak points by building
additional capabilities with the support of key foreign partners, such as the
United States, the United Kingdom, and France, and by relying on
coordinated global action to establish norms of restriction.”
 India’s Offensive Cyber Technology
• In order to standardise its cybersecurity architecture, India inked 17
agreements of understanding in 2016-17 with a number of
countries, including the US, the UK, Israel, France and Australia. More
than 100,000 IT employees are annually produced in India, making it one
of the major software exporters in the world. It may be able to develop
offensive cyber technologies and wage cyber warfare against Pakistan
with this enormous financial and human resource advantage.
• With regards to cyber technology former Indian Navy Chief Admiral
Suresh Mehta remarked, "cyber technology is a well-known
advantage to India; utilising this power would be in our benefit.“
• The Indian Computer Association and the Hindustan Hackers Organization
are two examples of the country's many organised hacker organisations.
The use of this web vandalism and cyber espionage by India against
Pakistan is now under investigation by the FBI. The two governments India
and Israel have pledged to collaborate on cyberspace education and training
initiatives (HRD).
• An increasing number of Denial-of-Service (DoS) assaults have been
launched by Indians against the websites of Pakistani government and
security organisations since 1998.
• Indian hackers attacked 1600 Pakistani websites from 1999 to 2008. Increased
organisation and scalability have been hallmarks of India's Cyber Army
(ICA) since its founding in August 2010.
• According to the ICA, Pakistani hackers defaced 270 Indian websites in
retaliation for their 40 attacks on Pakistani satellite networks.
• India has completed a stationing quartet of satellites in space for border
protection. Currently, India has fifteen operations on Indian Remote Sensing
(IRS) satellites
• Presently, various Indian civilian satellites have resolutions to pass them off as
spy satellites. For instance, The Technology Experiment Satellite (TES),46
released by the Indian Space Research Organization in 2001 can differentiate
between details on Earth up to one square meter.
 Threat Scenarios
“Acquisition of modern technologies and sophisticated cyber tools by India
from its strategic partners or through the development of indigenous
capabilities will further complicate matters for Pakistan, which already
struggles with its cyber defence readiness”
• Pakistan's IT users and enterprises are subject to a variety of cyber-attacks
ranging from ordinary website defacement to high-profile
• Because of the India's increased collaboration with Israel in cyber security,
the possibility of Indian cyberattacks against Pakistan satellite grows graver.
• In 2009, India launched a huge cyber espionage campaign against the
public, private, and defence infrastructure of Pakistan. The situation was
never discovered until the Norwegian malware analysis firm "Norman
security" released a study titled "Going to unveil an Indian Cyber-attack" on
Operation Hangover.
• In the years following September 11, 2001, Pakistan endured the most
severe political and religious terrorism and extremism by India and other
nations.
• On 27 March 2019, India tested an anti-satellite weapon (ASAT) during
an operation code named Mission Shakti 
•  India’s ASAT test should be a matter of grave concern for the
international community not only in terms of generation of space debris
but also because of its ramifications for long term sustainability of
peaceful space activities.
Detection of Offensive Cyber Risk
• India recently outlined its Cyber Command/DCA within the Delhi-
based Tri-Services Command.
• Large-scale deployments of Indian Armed Forces on Pakistan’s
eastern border, combined with offensive cyber capacity, can pose
formidable cyber and electronic warfare (EW) problems for Pakistan’s
military equipment and gadgetry.
 The armed forces of India stockpile a huge amount of foreign equipment
(particularly information technology equipment), which enhances the likelihood
of hacking attacks. Several of the primary objectives would remain:

(1) Command, Control, Communication and Intelligence Systems.

(2) Surveillance and Early Warning Systems.
(3) Electronic Warfare Systems.
(4) Target Acquisition Systems.
(5) Missile Guidance and Fire Control Systems.
(6) Identification of Friend and Foe (IFF) Systems.
(7) Satellite data for GPS.
(8) Strategic communication systems.
Civil computer systems and satellite communications are just as susceptible
to threats as military targets. These investments are equally as important,
and any destruction to them could have a big impact on our country's
capacity to combat in the war. Possible targets are:

• Fixed telecommunication and cellular networks.

• Government records, websites and databases.
• Private Initiatives.
• Power hubs and national grid stations.
• Systems that keep track of air traffic.
• Banking and financial systems.
• Electronic and social media.
• Conveyance systems.
Conclusion
• Pakistan has yet to be the victim of a massive cyber-attack from
Indian offensive technologies like hacking attack, information
technology, Indian Space Surveillance, Command, Control,
Communication and Intelligence System and Electronic Warfare
Systems.
• There is a substantial amount of foreign equipment (particularly
information technology apparatus) in the catalogue of the armed
forces, which enhances the likelihood of hacking attacks and assaults
against Pakistan's satellite network.