NEWS Since early 2020, there has been an observation of a large increase in suspected targeted intrusion activity against Indian organisations from Chinese state-sponsored groups’ concentrating on infrastructure targets, including the power sector and ports, then India needs to be on its guard.
- According to the revelations by the U.S.-based cyber security firm, Recorded Future, in the lead up to the India-China border clashes there was an increase in malware attacks targeting the Indian government, defence organisations and the public sector.
- Coinciding with Chinese incursions in Eastern Ladakh, certain Indian power facilities had been targets of a cyber attack.
- Also, there is evidence of ongoing intrusions, though the intensity of the activity appeared to have ceased by mid-February 2021.
BLACKOUT IN MUMBAI
- In the wake of these disclosures, a controversy has erupted- whether the October 2020 blackout in Mumbai was directly linked to this cyber attack.
- The State authorities in Maharashtra attributed the blackout to the attack by the Chinese cyber group, but the authorities in Delhi blamed it on human error.
WAKE UP CALL
- The reported events are a wake-up call for India, and it would be a grievous error if India were to underestimate the extent of the cyber threat posed to it by China.
- China’s intention evidently is to keep India in thrall, while outwardly demonstrating a conciliatory posture, such as vacating some of the areas in Eastern Ladakh that it had occupied post April 2020.
- The real concern is that key infrastructure facilities, such as the power sector, are now in the crosshairs of a hostile China, which appeared intent on deploying cyber weapons to target India.
- At least 10 Indian distinct power sector organisations are said to have been targeted, in addition to two Indian ports, employing the malware known as ShadowPad.
- ShadowPad is a network intrusion malware affiliated to both the Chinese Ministry of State Security and the People’s Liberation Army.
- ShadowPad is depicted as a back-door ‘Trojan’ malware which creates a secret path from a targeted system to a command and control server to extract information.
CHINESE CYBER ESPIONAGE SETS NO LIMITS
- Across the world, Beijing does appear to be engaged in a major cyber offensive, directed not only against countries like India but against many advanced nations as well.
- In attempting this, China is exploiting many vulnerabilities that software companies (essentially those in the West) have deliberately left open (for offensive purposes at an opportune time).
- Chinese cyber espionage sets no limitations on targets, including targeting of vaccine research, gaining future access to corporate networks, and seeking sensitive information relating to COVID-19 vaccine distribution.
- Very recently in 2021, several thousands of U.S. organisations were hacked by the Chinese group, Hafnium in an unusually aggressive espionage campaign. Till the breach was discovered, thousands of Microsoft servers were compromised.
CYBER WARFARE BY OTHERS
- Other than China, many other countries, including the U.S. and Russia, do engage in the same kind of cyber warfare.
- Though western countries are also engaged in cyber espionage but little is publicized.
- The U.S. has extensively published Russia’s cyber antics from time to time. Best known are-
- Russia’s cyber interference in the U.S. presidential elections in 2016.
- Russia is currently the prime suspect in one of the greatest data breaches concerning the U.S. Federal government, involving the Departments of Defence, Energy, State, Homeland Security, Treasury, etc.
- In present, we are witnessing only the tip of the iceberg at present and most nations are truly unaware of the extent to which breaches are taking place.
- This was well demonstrated way back in 2016, when a major attack on Ukraine’s power grid took place and set an ominous precedent in this respect. The attacks were carried out by skilled cyber security professionals, who had planned their assaults over many months, conducting a very sophisticated operation.
- The Ukraine example should be a wake-up call for India and the world, as in the intervening five years, the sophistication of cyber attacks and the kind of malware available have become more advanced.
- There are no readymade solutions to counter the cyber offensive emanating from different quarters. No nation can hope, or can claim, to be insulated from such attacks.
- Nations should beware and be warned about how cyber attacks can bring a nation to its knees.
- The U.S. seemed to fully wake up to the cyber threat only in 2017 when U.S. security tools were hacked, having preferred for long to indulge in a kind of ‘active defence’ by seeking to hack enemy networks.
- U.S. President Joe Biden is now understood to have included a sum of over $10 billion for cyber security in his COVID-19 Relief Bill, which is clearly intended to improve U.S. ‘readiness and resilience in cyber space’.
- Drawing up a comprehensive cyber strategy, one that fully acknowledges the extent of the cyber threat is an imperative and immediate necessity.
PART OF BEIJING’S WORLD VIEW
- From an Indian perspective, the Chinese cyber threat could prove to be truly daunting. The reasons for this are many.
- China’s analysis of the state of current relations between China and India is that they remain antagonistic towards India growing proximity to the U.S.
- China has forged a firm nexus between authoritarianism, global ambitions and technology, and is determined to transform the global order to advance its interests.
- ‘Cyber’ could well be one of China’s main threat vectors employed against countries that do not fall in line with China’s world view.
- China’s 2021 Defence Budget (amounting to $209 billion) gives special weightage to the Strategic Support Force (SSF), which embraces cyber warfare.
If indeed the future is digital, and if China has indeed embarked on an all-out offensive of this nature, India needs to adopt comprehensive measures to forestall a potential ‘Cyber Pearl Harbour’, as far as India is concerned.