Share this Article

The technological advancements that have taken place in various fields such as in business activities or even in defence have increased the risks in cyber security. This article aims to discuss the rising trend of cyber threats in India and the adverse impact on organizations, especially the SMEs and defence sector. Cyber-attack incidents have increased for SMEs by 508% and it directly affects their business financially and reputationally because of their inability to let loose substantial resources. The Defence sector also has faced severe breaks involving matters of communication networks along with military data. Such threats are responded to by India through the formation of agencies such as the Defence Cyber Agency (DCyA) and measures that include Bharat NCX. Moreover, the article also focuses on the roles of collaboration and technology, including quantum cryptography and artificial intelligence, in enhancing cybersecurity and digital defence. By analysing the outcomes of several cases of cyber-attacks and presenting them in the context of this work, the paper highlights the need for credible and integrated cyberspace security models for the preservation of national interests and the prevention of potential cyber threats.

Introduction

The process of digitization is going on all over the world. However, the constant and fast development of digitalization has disclosed the different sectors right from business to defence industries to cyber security issues. In this case, therefore, there should be a new approach towards cyber-security capabilities whereby different sectors would consider the operations around espionage, surveillance, information control and technology competition and develop measures for detecting and defending against cyber threats using acceptable norms and standards.

The article explains in great detail how cyber-attacks have adversely affected businesses as well as the recent conflicts in the defence sector with implications for India. Recently, however, India’s critical infrastructure facilities have been affected by cyber-attacks. India, according to Harvard National Cyber Power Index 2022 continues to be one of the key targets for cyber-attack operations.

Here are the key highlights of the report:

  • Increased attacks on small-scale businesses in cyberspace have led to widespread financial losses leading to loss of reputation by companies.
  • Small-scale businesses’ low profit margins prevent them from taking appropriate measures to protect themselves against such threats in India.
  • The utilization of cyberspace by state and non-state actors is aimed at brainwashing people through indoctrination and targeting public vital domains with Distributed Denial of Service (DDoS) attacks.
  • Additionally, cyber-attack operations include defence in many countries including India. This involved communication networks, weapon systems as well as sensitive data from the Indian military which was involved in such cyber-attacks. The essence of the report is to examine dangers that are experienced by the country’s armed forces and how they have responded to them in terms of enhancing their cybersecurity capabilities.

Research Questions

  • How does India navigate and strengthen its cybersecurity landscape?
  • How do cyberattacks affect small-scale companies in India, and what measures can SMEs take to mitigate these risks?
  • How is cyber-based unconventional warfare reshaping conflicts, and what strategies counter it?
  • How can India strengthen its defence cyber security against evolving threats?
  • How can India enhance its cybersecurity strategies and global partnerships?

Cyber-attacks and Small Businesses

In the present context of the Indian economy, the need for small businesses such as SMEs and MSMEs has been increasing remarkably. This growth has placed them in a strategic position within the ongoing and increasingly fast-growing digital economy, constantly searching for new market opportunities through digitization. But, that has subjected them to more risks of cyber-attacks and data breaches mostly due to this expansion. A lot of small firms are unable to bounce back from complex cyber assaults as they become increasingly common.  

  • Cyber-Attacks and Company Size 

It was also revealed that SMEs are under more pressure with more than 508% of cyber-attacks as compared to previous years. This rise is not only restricted to small businesses alone but MSMEs and start-ups are included in it. This is so because an unstable cybersecurity environment is detrimental to the operations of firms with few employees. According to NordLocker’s study in 2022, 100 businesses out of 140 were SMEs, with MSIEs with up to 500 employees being the most commonly attacked during 2020-2022. 

  • Publicly Traded SMEs as Targets 

Small-scale businesses which are publicly traded are commonly attacked by hackers, particularly those that have not put measures in place to counter such incidents. About 21% of the public CSOs in India have reported having suffered attacks putting their data into the public domain. It is argued that there should be better-defined guidelines for data logging for these firms. Besides, with the new cost-based storage especially for publicly traded SMEs, there is the need to validate this, take time, and have certain guidelines.

  • Damage to Reputation and Revenues 

SMEs are strategic to the Indian economy and its development. A survey conducted by Capterra India is the ‘Digitalisation of Indian SMEs Survey’ which explains how technology has penetrated Indian SMEs, 82 percent of whom affirmed that digitalisation was important. However, ransomware attacks have been quite common and aggressive against Indian SMEs leading to service delivery interruption, reputation loss, and revenue impacts. India has also been exploited by ransomware attackers, businesses with values of above INR 80 billion have been affected. These attacks undermine the credibility of a business in a competitive environment because of weak recovery mechanisms. 

  • Impact on Profit Margins 

SMEs have long-term improvement and enhancement as their core value, which makes them overlook cybersecurity policies. Another layer added by cyberattacks is that their profit margins, which are typically not wide at the best of times, make it almost impossible to support long disruptions. SMEs are not in a position to afford even one day’s loss and as a result, incidents like long business interruption, high financial loss, and penalties through lawsuits occur for data breaches. Therefore, New cyber threats due to the integration of the digital revolution have forced insurance firms to adopt simple precautionary measures such as cyber insurance plans. These plans provide crucial protections against the negative impact of cyberattacks, including costs for lawyers, notifications to clients, and recovery of lost records. The Digital Personal Data Protection Act, 2023 also outlines penalties of up to INR 250 crore for any violation concerning personal data, which may lead to the shutdown of small businesses. Cyber insurance can help develop guidelines and set up incident response teams via experts, which in turn will have little to no disruptions to the SME and its overall image. It is also noticeable that all these plans are flexible according to SMEs’ requirements and financial capabilities but provide confidence in the digital world.

Cyber Warfare and Unconventional Warfare

Warfare has not only moved to new territories but also transcended the terrestrial categories of land, water, and air in the 21st century. New forms of warfare, including cognitive and informational warfare, have become increasingly familiar on the contemporary battlefield.

The definitions of warfare also differ from one country to another but it can be grouped into conventional warfare, irregular warfare and unconventional warfare. Conventional warfare is characterised by a staggeringly large number of troops using conventional weapons and methods to vanquish the enemy in terms of physical force. Whereas irregular warfare, based on the US doctrine, is ‘ an organised armed conflict between state and non-state actors for influence over the population’. Unconventional warfare therefore is a synthesis of several types of modern warfare namely Psychological warfare and Informational. The UW tactics used are focused on the psychological and information aspects of the conflict to gain control over the population’s perception. Thus, the goal is always to build the idea of a ‘good’ side and a ‘bad’ side with the actors involved in the warfare procedure.

Thus, even though cyber warfare and cyber security are not a form of unconventional warfare, cyber warfare helps shape the story. The above idea may best be understood by using the current Russia and Ukraine conflict. Although all these countries influence this perception, the Ukrainian side has done it better than Russia, Europe, and America. It stems from the complicated doctrine the Western powers apply, media usage such as social media, news, individuals, etc. Ukraine’s allies, specifically, the USA, have a great influence over several social media platforms, think tanks, journalists, and other related resources, making it a strong suit of Ukraine. In Ukraine, the government has ensured broad Internet accessibility so that people can participate in the war by regulating the information seen. The Ukrainian people and the media are endowing videos and images of Russia having war crimes and acting human rights abuses against Ukrainians. The people also reported cases when Ukraine, despite the absence of a military, could have defeated Russian troops.

Another factor which characterises UW is the propaganda, which may be translated as indoctrination or mobilisation of the population. Using the websites and media after the introduction of the internet the task of identifying gender differences has become rather easy. Normally, one tends to think that cyber warfare is about infiltrating some complex discreet governmental systems or obtaining specific classified encrypted information. Nevertheless, hacking is just a part of its overall functionality that includes managing ‘perception’ with the help of social networks, ‘mapping’ of communication networks with the view of their subsequent manipulation, and ‘identification’ and subsequent ‘deployment’ of ‘resistance movements’. It is in the cyber domain that these activities are best carried out given that the barriers to entry to this environment are relatively low, the cycle of information dissemination is relatively swift, these environments are accessible to the masses and lastly, they are relatively free from government regulation.

Case Studies

  • Al-Suri and The Islamic State

Abu Musab Al-Suri, who was once a member of Al Qaeda and the Islamic State, which is an offshoot of Al Qaeda organization, were responsible for cyber operations in the domain that saw the loss of lives and injuries to many. In 2005, he released ‘Global Islamic Resistance Call’ where he called for a global terrorism campaign against the West through a dispersed non-hierarchical network. Also known as “the Architect of Global Jihad”, Al-Suri championed individual jihad and urged jihadis to wage unconventional war in public spaces such as news, politics and education.

Al-Suri made people partake in the digital domain to be recruits or trainees. Social media including Dabiq magazine were used by the Islamic State for social mobilizations. On YouTube, Facebook, Twitter and WhatsApp Islamic State established its presence by indoctrinating individuals with precisely selected content.

  • Russia Georgian Conflict

The use of cyber warfare as a form of unconventional warfare in another case study can be exemplified by the Russian-Georgian conflict where Russia tried to capture the South Ossetia region which had a majority of Russians. The country employed its military doctrines in cyber and unconventional warfare such as Spetspropaganda (Special Propaganda) to destabilize and take over Georgian territories. Russia’s decision to offer citizenship to everyone who lived on the territory of the former USSR was a slap in Georgia’s face.

Russian hackers conducted massive cyber-attacks on servers operated by Georgians multiple times before deploying military forces and infiltrating through the Georgian border. Through distributed denial of service (DDoS) attacks, hackers have hacked news and government sites. Apart from DDoS attacks, they also took over some government websites for propagating propaganda including an instance where they compared Mikheil Saakashvili, the former President of Georgia, to Hitler.

The cyber warfare domain is now being heavily relied upon by both non-state actors and state actors in an increasingly digital world. Unconventional war utilized a high-speed information flow through cyberspace allowing any force to strike even before commencing actual battle.

Cybersecurity in Indian Defence

Information technology security plays an important yet complex role in Indian defence as the country has to safeguard several strategic assets and infrastructures from many cyber threats. Modern society is gradually becoming more dependent on digital technologies, communication channels, weapons, and other confidential defence information, which pose a threat to India’s security system. In response, India has been particularly proactive in developing its cyber security measures to protect local interests.

Thus, although India actively imports military equipment, the importance of domestic defence innovation is also understood. AI advancement, quantum computing, and cybersecurity are some major areas that can enable India’s defence to match some of the latest technological advances.

Due to advancements in technology and the increasing threat posed by India’s neighbours, particularly China, competition in the cyber dimension has increased. Hence, the information-driven approach has brought the Indian army close to net-centricity, stressing envelope communication for future gain.

 The Indian arm planned to operationalise the Command Cyber Operations and Support Wings (CCOSWs) during the Army Commander’s Conference (ACC) in April 2023 to improve cybersecurity, strengthen networks and prepare to counterattack in cyberspace. This decision corresponds with the general trends in India that have set an objective of bolstering its cyber defences and combating new forms of cyber threats that are prominent in modern warfare.

India organized the second edition of Bharat NCX in 2023, which is a flagship event aimed at enhancing the knowledge and efficiency of the participants from the field of cybersecurity in the government, public, and private sectors. The exercise fosters teamwork and sharing of best practices by the participants, and the training involves teaching the participants, case scenarios simulation cyber-attacks the k, the Chief Information Security Officer meeting, and a cyber solutions fair. It undermines India’s commitment to cybersecurity readiness and cooperation.

The partnership between India and the USA establishes a Defence Artificial Intelligence Dialogue and intensifies combined cyber training and exercises. As India navigates the complex cyber landscape, these initiatives mark significant strides in fortifying national security and critical infrastructure.

India’s Cybersecurity Infrastructure

The Indian Defence Cyber Infrastructure is the term used to describe the various elements comprising different systems and components that are required for cyber security as well as the defence of the Indian Armed Forces and India. According to several sources, here are some of the main components of the Indian Defence Cyber Infrastructure:

  • Defence Cyber Agency (DCyA): A coordinated tri-services organization responsible for dealing with cyber warfare threats and operations. In 2017, India recognized cyberspace along with other domains of modern warfare when it outlined a joint doctrine and called for the creation of an Offensive and Defensive Capability in Cyberspace under the aegis of a Defence Cyber Organization. Established in September 2018, and operationalized by 2021, this agency provides a robust posture against cyber-attacks to India. It consists mainly of members from all three branches of services – Army, Navy and Air Force headed by two-star officers.
  • Cyber Emergency Response Teams (CERT): These teams are specialized in detecting, preventing and responding to cyber-attacks on military networks and systems. Each wing of the Indian armed forces has its own CERT that works alongside DCyA and other agencies
  • Defence Information Assurance and Research Agency (DIARA): A defence agency that was upgraded into the DCyA. It offers cyber security solutions and services to the defence sector including encryption, authentication, firewalls, antivirus etc. DIARA also conducts research and development in cyber security domains. Moreover, DIARA works closely with national agencies such as the Computer Emergency Response Team- “India (Cert-In) and the National Training Research Organization (NTRO) to handle cybersecurity-related issues.
  • Defence Communication Network (DCN): It is a dedicated and secure communication network which connects the headquarters, command centres, and units of the Armed Forces across the country. Military users can exchange voice, data and video through this network; it is based on optical fibre cable technology and satellite technology.
  • Critical Information Infrastructure (CII): This refers to information systems and networks which are vital for the functioning of the defence sector as well as national security. These include weapon systems, command and control systems, and radar satellites among others. Indian Defence Cyber Infrastructure considers CII protection as its priority

India’s Cyber Security Countermeasures

The evolving and increasingly sophisticated threats in cyberspace necessitate prioritisation on the part of Indian armed forces in fortifying their systems against these attacks. As a result, the Government of India has issued important policy statements and enacted relevant measures.

  • Defence Cyber Agency 

As cyber threats become more frequent, the Indian military focuses on strengthening its defences. The Government of India has responded with key policies and actions mainly the formation of the Defence Cyber Agency (DCyA), Headquartered in New Delhi, this commanding body executes cyber warfare and coordination between the army, navy and air force, which is crucial to make quick decisions during a conflict.

  • Quantum Cryptography

The coming of quantum computing poses a problem to traditional cryptography and its solutions hence the need for quantum cryptography systems. To overcome this, India has initiated the NM-QTA under respective budget allocations of Rs. 8 crore for five years starting from the 2020-21 financial year. The underlying objective of this scheme is to bolster national security through quantum cyber protection by the development of cryptographic skills. Reference to the Indian Army, industries, as well as academic institutions is vital in this regard. Further, a quantum computing lab also has been set up at the Military Engineering Institute, Mhow, Madhya Pradesh. The use of quantum sensing, imaging as well as navigation will enhance surveillance and positioning. The deployment of quantum sensing and imaging holds the potential to bolster surveillance capabilities, while quantum navigation systems offer precise positioning information independent of satellite-based systems.

  • Signal Corps 

Ever since its establishment, the unit has been strategic in delivering and strategizing information services to the Army, focusing majorly on command-and-control issues. The Signal Corps in the 21st century sees that it can achieve and maintain information dominance by creating an information structure that supports Network-centric Warfare. India’s sovereignty is under threat from two fronts; China and Pakistan as adversaries. These two countries being neighbours is an opportunity for cooperation in cyberspace. Indeed, this partnership has come to light via some cyber attacks that India was exposed to recently. The Signal Corps must reestablish itself as a foremost agency and nerve centre for telecommunications and cyber-security Command.

  • Cyber Operation and Support Wings 

In the grey zone, the CCOSWs will provide crucial help as a separate branch of the Indian Army against those who are hostile to them. This strategy move will enhance the focus on network-centricity and more reliance on advanced communication systems. Moreover, it will include adding different niche technologically enabled tools into the Indian army’s gear including Swarm Drones, Loitering weapons systems and anti-drone equipment.

India’s Cyber Security- Doctrine, Policies and Agreements

India has been planning to lay down a coordinated series of doctrines, policies and regulations to protect the domestic cyber environment and data from foreign threats while at the same time cooperating internationally to counter cyber threats. India has multiple organisations tasked with cybersecurity operations, which include the National Technical Research Organisation, National Intelligence Grid and Information Board.

The primary legislation for cybersecurity, data protection, and cybercrime is the Information Technology Act 2008. This Act regulates a couple of aspects of cybersecurity through a couple of rules and regulations. Key provisions include:

  • CIOs and insurance firms are required to notify the Insurance Regulatory and Development Authority in the event of a cyber-attack.
  • Any telecom licensee arresting a person for a cybercrime must establish centres for monitoring intrusions, attacks and frauds; or inform DoT. 

The IT Act deals with modern-day crimes such as hacking, tampering, uploading and publishing of pornographic content as well as any prohibited violation of rights of privacy and confidentiality. It also set up the Indian Computer Emergency Response Team (CERT-In) as the national focal point for computer security incidents.

Other enactments containing cybersecurity provisions include the India Penal Code 1860 and the Companies (Management and Administration) Rules 2014 which mandates that companies ensure that their information is safe. Furthermore, the Intermediary Rules apply to intermediaries, such as social media companies, to curb the sharing of fake news, hate speech, and other negative influences.

 However, cybersecurity regulation in India can be quite vague, due to which there is slow progress and implementation of the same. This comes as these laws and regulations are often ambiguous and, therefore, such organisations have a hard time gaining principles and recommendations that can be of assistance to them. Therefore, India must adopt new and elaborate cybersecurity laws that contain specific measures and guidelines on cybersecurity.

Cyber security laws in India also include data protection and privacy. The Personal Data Protection Bill 2019 on the one hand intended to check the processing of personal data by government and private entities, on the other hand, it sought to empower individuals with the rights of data control and protection measures with their data. This bill has been enacted as the Digital Data Protection Act 2023 as there is the absence of legal provisions for privacy, cybersecurity, and data protection.

India is a signatory to various international treaties inside the realm of cybersecurity. India and 27 other countries agreed at the AI Safety Summit 2023 to reach an agreement on addressing risks associated with artificial intelligence. India hosted the Global Partnership on Artificial Intelligence in New Delhi in which more than 150 international thinkers on Artificial Intelligence and 29 countries were present. Some of the key outcomes were there included defining safe, secure, and trustworthy AI, launching international ethical AI principles, and acknowledging India as the tech talent capital and the hub of global AI innovation. The summit also focussed on the utilisation of AI Research Analytics and Knowledge Dissemination Platform, AIRAWAT and the National Programme on AI for developing the AI ecosystem of India. India has also entered into Six MoUs with the USA and Four with Russia, while two are regarding cyber-terrorism and One is about cybercrime. Other agreements with Vietnam, Australia and Bangladesh envisage the further development of cooperation in the sphere of cybersecurity.

 It can therefore be ascertained that India’s calculated involvement concerning international cooperation in the provision of cybersecurity is guided by strategic interests. Thus, there is gradual pressure on India to disclose its capabilities and formulate a governing doctrine to adequately combat threats. At present, there is no publicly available, comprehensive, strategic doctrine, policy or a single piece of legislation that defines and enunciates India’s calculus of interest, goals and limitations in cyberspace.

 India’s cybersecurity institutional structures and policies are fairly emergent as several institutions have been established in the past ten years and the policies initially launched are still in their developmental stages with the most recent being the National Cyber Security Strategy. India’s current capacity and approach can be deduced from current policy documents and statements made by officials regarding India’s cyber policies and activities.

Conclusion

Thus, these ever-emerging threats make cyber security a complex and ongoing process in the growing digitally oriented economy of India as well. The high rise of cyber threats on SMEs and even defence facilities proves that proper cybersecurity measures are required. Initiations like the formation of specialized agencies such as the Defence Cyber Agency and Bharat NCX show India moving in the right direction towards developing national cyber security. However, the studies show that there are still numerous shortcomings in the legislation that must be filled and more effective and consistent approaches have to be developed in the sphere of cyber security. It is important to adapt new techniques which are innovative in terms of quantum cryptography and artificial intelligence for modelling the menace of Cyber threats and Cyber security insurance coverage should be complete. Technological advancement also poses a great risk to complex infrastructure, and that is why India needs to create strategic initiatives that will be flexible to combat this rise of cyber warfare. There will be a need to incorporate effectiveness and global cooperation as the future trends in cyber threats are bound to scale in their complexity.

Title image courtesy: MoD, India

Disclaimer: The views and opinions expressed by the author do not necessarily reflect the views of the Government of India and Defence Research and Studies






Bibliography

Arjun Gargeyas, S. P. (2024, July 13). Securing India’s cyberspace from quantum techniques.

Retrieved from The Indian Express: https://indianexpress.com/article/opinion/columns/securing-indias-cyberspace-must- take-steps-to-tackle-newest-threat- 8212744/#:~:text=Currently%2C%20India%20has%20very%20

BASU, A. (2022). India’s International Cyber Operations: Tracing National Doctrine and Capabilities. Retrieved from UNIDIR: https://unidir.org/publication/indias- international-cyber-operations-tracing-national-doctrine-and-capabilities/

Chawla, B. G. (2019, October 04). India’s new Defence Cyber Agency—II: Balancing Constitutional Constraints and Covert Ops? Retrieved from Medianama: https://www.medianama.com/2019/10/223india-defence-cyber-agency-part-2-2/

Gill, P. (2021, April 09). The Chinese cyber threat is real — and India’s best defence right now is to keep its outage time limited. Retrieved from Buisness Insider India: https://www.businessinsider.in/defense/news/the-chinese-cyber-threat-is-real-and- indias-best-defence-right-now-is-to-keep-its-outage-time- limited/articleshow/81981886.cms

Goren, T. H. (2017). International Cybersecurity Information Sharing Agreements. U. Maryland.: Center for International & Security Studies.

Mishra, D. (2022, April 15). Cognitive Warfare in the Ukraine War (Part 1). Retrieved from The Indiaqn Military Review: https://imrmedia.in/cognitive-warfare-in-the-ukraine- war-part-1/

Poornima, B. (2023). Cyber Preparedness of the Indian Armed Forces. Journal of Asian security and International affairs, 301-324.

Pradhan, S. D. (2022, May 08). Role of cognitive warfare in Russia-Ukraine conflict: Potential for achieving strategic victory bypassing traditional battlefield. Retrieved from The Economic Times: https://timesofindia.indiatimes.com/blogs/ChanakyaCode/role-of-cognitive-warfare- in-russia-ukraine-conflict-potential-for-achieving-strategic-victory-bypassing- traditional-battlefield/

Roy, A. (2023, November 06). State-sponsored cyberattacks against India up 278% in three years. Retrieved from The Economic Times: https://economictimes.indiatimes.com/tech/technology/india-most-targeted-country- by-cyber-attackers-report/articleshow/104989856.cms?from=mdr

Ryan S. Gladding, S. P. (2015, December). CYBER-ENABLED UNCONVENTIONAL

WARFARE: . Retrieved from https://apps.dtic.mil/sti/pdfs/ADA632272.pdf

Sean W. Pascoli, M. G. (N.d). Technology Adoption in Unconventional Warfare. Retrieved from https://cyberdefensereview.army.mil/Portals/6/Documents/2021_summer_cdr/04_Pas coli_Grzegorzewski_CDR_V6N3_2021.pdf?ver=6qlw1l02DXt1A_1n5KrL4g%3D% 3D

Subramaniam. (2023). In a nutshell: data protection, privacy and cybersecurity in India.

Retrieved from Lexology: https://www.lexology.com/library/detail.aspx?g=174412a6-fa19-4055-90f9- dec6bb229ac1

Upadhyaya, A. (2022, September 28). Indian small businesses are at the highest risk of cyber attacks: Report. Retrieved from https://www.financialexpress.com/business/sme- msme-tech-indian-small-businesses-are-at-the-highest-risk-of-cyber-attacks-report- 2694417/: https://www.financialexpress.com/business/sme-msme-tech-indian-small- businesses-are-at-the-highest-risk-of-cyber-attacks-report-2694417/

By Drishti Gupta

Drishti is pursuing her Post Graduation in International Relations at Amity Institute of International Studies in Noida