The first ever aerial bomb was dropped by the Austrians on Venice in 1849 using an unmanned hot air balloon, but most of us associate the advent of aerial bombing with the infamous Hiroshima incident from World War II which outright flattened the city and more than 80,000 of its population. With time, war tactics evolved to replace hot air balloons and hefty aircrafts with unmanned combat vehicles more popularly known as drones, which have been proving their lethal efficiency since the Gulf War.
The wars of the future, however, will not be fought with bombs and guns. The new over-the-air warfare will be lead by cyberwar and India as a nation is one of the most ill-prepared countries to handle the threat, especially from states like China. At the recently concluded National Conference on Self Reliance in Defence Manufacturing in Hyderabad, Army Chief, General Bipin Rawat impressed upon the need for the use of AI and Big Data in India’s defence operations. The apex officer said that our adversary on the northern border (China) is spending a lot of money on AI and cyber warfare and that India is not in a position to be left behind.
“Apart from guns and rifles, we will see lot of non contact warfare happening. Future wars are going to be fought in cyber domain,” he said.
Experts believe that cyber warfare is the most dangerous kind there is in this day and age because of its discreet and non-traceable nature. Deniability is also one of the key reasons countries like China, Russia and Iran have been able to upscale their cyber arsenal and implement attacks without having to own up to them.
As per data collated by Niti Ayog, some of the most common cyber attacks in India are carried out on financial, healthcare, and public sector entities. India was also ranked third in the list of countries affected by cybercrime, according to a recent report by online security firm Symantec Corp. One of the latest and most financially damaging cases of cyber theft also occured in India just a few days ago, when Chinese hackers made off with $18.6 million or 130 crores from the Indian arm of Italian firm Tecnimont SpA. In this particular incident, the hackers dug their way into the company’s email system and meticulously impersonated the CEO of the firm to email the head of the Indian subsidiary, in a style that matched that of the head honcho. They also created a bank account using fake documents and got the Indian head of the company to transfer the funds to the account in the garb of a “highly confidential” acquisition which would otherwise be stalled if the funds were not transferred.
While this is a shocking case of a private firm getting defrauded of millions, India’s public and governmental infrastructure is also not safe from the existing and impending threat of the north. Back in 2015, China struck gold in their cyber espionage efforts when they managed to steal millions of confidential personnel records belonging to some of the most powerful and covert people employed in America from the US Office of Personnel Management. Using AI and Big Data, it would have been extremely easy for China to track these people and their movements, including that of CIA officials.
In India, China has been held responsible for 35% of all cyber attacks carried out on official Indian websites from April-June 2018. In its report, the Indian Computer Emergency Response Team (CERT) noted that China invades India’s cyberspace significantly. US, Russia, Pakistan, Canada and Germany were also pulled up in CERT’s report for carrying out cyber attacks on Indian sites. What is most worrying is that these attacks targeted some of the most important organisations and data repositories in the country like Indian Railways, Oil and Natural Gas Corporation (ONGC), National Informatics Centre (NIC), Centre for Railway Information Systems (CRIS) and Punjab National Bank, Oriental Bank of Commerce, State Bank of India and state data centres in Maharashtra, Madhya Pradesh and Karnataka. Spear phishing and malware were recognised as the two main methods used in these breaches, which just goes to show that India’s security infrastructure is easily penetrable and that if the country’s most important institutions cannot survive phishing attacks, they can be severely fractured in more sophisticated breaches.
In the wake of these large-scale and frequent attacks, the Indian cyber defence force is unarmed and untrained. In fact, back in 2014, high ranking officials of the Defence Research and Development Organisation (DRDO) were responsible for unintentionally compromising information which resulted in 50 defence computers getting hacked. The suspect, again, was China. While DRDO officials have gone on record as recently as 2018 to claim their readiness to defend and offend in a cyber war situation, the Army Chief himself expressed his doubts at the recently held event in Hyderabad, saying that the DRDO cannot solely carry out all the R&D needed for defence services. He stressed upon the need to adopt newer technologies to combat cyber attacks sponsored by other states.
At a time when the govt is harping on about digitisation, cloud infrastructure and newer network technologies like 5G, little is being done to defend the country’s invisible cyber borders. Unless some stringent steps are taken to protect our cyberspace, this lack of preparedness could cost the nation dearly in time to come. That time, is fast approaching.