Should India be worried about protecting its cyberspace consequent to the Doklam standoff with China? Multiple observers have warned that much more than the consequences of an escalated direct military confrontation, India is vulnerable to vicious cyberattacks by skilled state-backed Chinese hackers. As per evidence that is available, China is far ahead of India in cyber warfare capabilities, and the country could try to paralyze operations in banking, finance, telecom and other sectors, writes Siddharth Srivastava.
Officially, Beijing can deny having sanctioned such action. Over the recent years, India has been making definitive and successful efforts to guard against cyber-attacks, especially from hackers based in Pakistan. Thus, a recent UN cyber security index 2017 has placed India a healthy 23rd among 165 nations. India ranks one spot higher than Germany, while China is nine spots below India.
But, there is plenty of work to be done with many loopholes still. India has caught the attention of hackers and an increasing wave of cyberattacks could soon badly impact the country, experts from Russian cyber security firm Kaspersky Lab have recently warned. “India’s growing economy and digitalization are really a big concern as cyber attackers have now begun focusing on developing countries with big populations and average incomes,” Eugene Kaspersky, chairman and CEO of Kaspersky Lab, said at the sidelines of a conference in Singapore recently.
Chinese Hackers in the Spotlight
Indeed, India cannot take the matter of Chinese cyberattacks, often backed by the state, lightly. Such has been the threat of China-based hackers that western nations including the U.S., UK and Australia have been discussing the matter with Beijing at the highest levels. In September 2015, when President Barack Obama hosted Chinese President Xi Jinping, the two countries reached an agreement on cyber security setting aside years of skepticism and suspicion. In particular, both sides agreed for the first time that economic espionage, intellectual property and trade secret theft, is a category distinct from cyber spying for national security purposes.
A lot has changed since the Obama-Xi agreement, including the victory of Donald Trump. There, however, continues to be debate about the impact of the cyber deal between the two biggest global economies and whether there has actually been a dilution of Chinese-backed hacker activities. Some have dismissed the Obama-Xi deal as a diplomatic formality that needed to be adhered; others say it is a move in the right direction that needs sustained efforts through institutionalized dialog.
Assessing the Sino-U.S. cyber pact, FireEye, a security firm, said the number of attacks launched by Chinese hackers against Silicon Valley firms, U.S. military contractors and other commercial targets have dropped-off sharply between late-2015 and mid-2016. FireEye credited Jinping for implementing wide ranging reforms to curtail Chinese military, which is seen as one of the main sponsors of hacking attacks. In a recent report, FireEye has said that a Chinese hacker group known for targeting U.S. defense and aerospace firms has shifted its focus to critical infrastructure across Asia following the U.S.-China deal on electronic espionage.
Nations where attacks have been recorded include India, Indonesia, the Philippines and Vietnam, while organizations in Hong Kong and Macau have also been targeted, FireEye said. However, others continue to be skeptical about the Obama-Xi cyber agreement. In a report in June 2016, The New York Times quoting unnamed American intelligence officials said, while People’s Liberation Army is not pilfering as much on behalf of Chinese state-owned firms, much of the hacking activity has shifted to intelligence agencies, supposedly stealing national security secrets, not commercial information. “Often, the difference is blurry, especially when the target is, say, the design of a satellite or a ship,” the report said.
The above accounts clearly suggest that China’s hacker network and structure continues to be robust and can easily focus on India. An American-Israeli joint effort created a computer worm called Stuxnet that considerably crippled Iran’s nuclear program. There is every possibility that China might have developed an equivalent of the Stuxnet to deploy during conflict situations with India, while publicly denying having done so. India clearly must up its cyber preparedness and perhaps utilize its deepening strategic equations with the U.S. There is already recognition that America needs to engage with India on cyber security. Just recently, a powerful Senate Committee has asked Pentagon to work with New Delhi in the cyber domain. “Looking ahead to the future of the U.S. Major Defense Partnership with India, the committee encourages the Department to work closely with India in the cyber and space operating domains at appropriate strategic, operational, and tactical levels,” the Senate Armed Services Committee said in its report.
India is wary about China’s strategic investments in infrastructure projects in Pakistan, Sri Lanka and Nepal. Cyber space is a front that needs attention as well.