Even though India showcases its world-class information technology and knowledge skills and its civilian space assets, it lags far behind China’s cyberspace capabilities. Worse, it has developed no effective means to shield its rapidly expanding cyber infrastructure from the pervasive attacks that are now being carried out both in search of competitive intelligence and to unnerve the Indian establishment.
In peacetime, China is intimidating India through intermittent cyber warfare, even as it steps up military pressure along the Himalayan frontier. In a conflict, China could cripple major Indian systems through a wave of cyber attacks. With cyber intrusions against the Indian government, defence and commercial targets ramping up since 2007, the protection of sensitive computer networks must become a national security priority.
The cyber threat is at two levels. The first is national, as manifest from the attacks already carried out against India’s National Informatics Centre (NIC) systems, the office of the national security adviser and the ministry of external affairs. By scanning and mapping some of India’s major official computer systems, China has demonstrated a capacity to steal secrets and gain an asymmetrical advantage. Cyber intrusion in peacetime allows China to understand the relative importance of different Indian networks so that it knows what to disable in a war situation.
The second level of cyber threat is against chosen individuals. Such targets in India range from functionaries of the Tibetan government-in-exile and Tibetan activists to Indian writers and others critical of China. The most common type of intrusion is an attempt to hack into email accounts. The targets also can face “Trojan horse” attacks by email that are intended to breach their computers and allow the infiltrators to remotely corrupt or transfer files.
To be sure, it is not easy to identify the country from where a particular cyber attack originated if it is camouflaged. Through the use of so-called false flag espionage and other methods, attacks can be routed through the computers of a third country. Just as some Chinese pharmaceutical firms have exported to Africa spurious medicines with a “Made in India” label—a fact admitted by Beijing—some Chinese hackers are known to have rerouted their cyber intrusion through computers in Russia, Iran, Cuba and other countries. But like their comrades in the pharmaceutical industry, such hackers tend to leave telltale signs that allow investigators in the victim countries to trace the origin of the disguised attacks to China. Then there are many cases where the attacks have directly originated in China.
So the reasonable supposition at the highest levels of the Indian government is that most cyber attacks have been carried out from China. That is also the conclusion Google reached when it reported “a highly sophisticated and targeted attack on our corporate infrastructure originating from China” and threatened to end “our business operations in China” last week. Let’s be clear: If China can carry out sophisticated cyber attacks on at least 34 US companies, including Google, as part of a concerted effort to pilfer valuable intellectual property, it certainly has the capability to outwit the elementary safeguards found in most Indian computer systems. Google today is crying foul, but it was instrumental is aiding online censorship controls in a country that is most fearful of the free flow of information. It custom-built for China a search engine that expurgates the search results of references and websites that Beijing considers inappropriate. Now Google itself has become a victim of China’s growing cyber prowess, in the way the appeasement of Hitler had recoiled on France and Britain.
Hackers in China have been carefully studying different software programmes to exploit their flaws. For example, hackers have found openings that allow them to infect victims’ computers through booby-trapped documents stored in the Acrobat Reader format. Opening such a document allows the hackers to automatically scan and transfer computer-stored files to a digital storage facility in China as part of a vast surveillance system dubbed “Ghostnet” by Canadian researchers. This is what happened when computers of the Tibetan government-in-exile in Dharamsala were attacked last year. Officials in Germany, Britain and the US have acknowledged that their governments and military networks have also been broken into by Chinese hackers.
It seems unlikely that the hackers, especially those engaged in systematic cyber espionage and intimidation, are private individuals with no links to the Chinese government. It is more likely that the hackers are tied to the People’s Liberation Army (PLA). In war, this irregular contingent of hackers would become the vanguard behind which the regular PLA divisions take on the enemy.
India already is on the frontlines of one mode of asymmetrical warfare: terrorism. That type of warfare has traumatized and bled India for long, with the country exposing itself as a soft state through the absence of an effective response. Now a new frontier of asymmetrical warfare is being opened against India, not by state-sponsored non-state actors but by state actors. It cannot fight two asymmetrical wars simultaneously, one against terrorists and extremists and the other against a state flouting international norms and wedded to cybercrime. The two asymmetrical wars indeed are a reminder that unconventional threats cannot be defeated through conventional forces alone. That is why India should treat the growing cyber attacks as a wake-up call to plug its vulnerabilities by developing appropriate countermeasures on a priority basis.
Brahma Chellaney is professor of strategic studies at the Centre for Policy Research in New Delhi. Comments are welcome at email@example.com