Context: With the growing digitization and increasing centrality of the internet, the recently held Army Commanders’ Conference has decided to operationalize the Command Cyber Operations and Support Wings (CCOSWs).
About the Command Cyber Operations and Support Wings (CCOSWs)
- Under this, the Indian Army will raise dedicated specialized agencies in each of its six operational or regional commands across the country to handle the cyberspace domain.
- The organisation will assist the formations to undertake mandated cyber security functions aimed at strengthening the cyber security posture of the Indian Army.
- The development comes in view of the requirements of the grey zone and the expos of cyber warfare capabilities of nations such as China.
What are Grey Zone Operations?
- Grey zone operations are a type of military strategy that fall between the traditional definitions of peace and war.
- The term “grey zone” refers to the area of ambiguity between peace and war, where aggressive actions can be taken without triggering a full-scale military response.
- Grey zone operations can take many forms, including cyberattacks, propaganda campaigns, economic coercion, political subversion, and support for proxy forces.
- They are often used by states and non-state actors to exert influence and achieve strategic goals without directly engaging in open conflict.
- One of the key challenges of grey zone operations is that they can be difficult to attribute to specific actors, making it harder to hold them accountable for their actions.
What is Cyber Warfare?
- Cyberwarfare is a type of network- or computer-based conflict in which one nation-state targets another nation-state with politically motivated attacks.
- Nation-state actors engage in these types of attacks in an effort to obstruct the operations of organisations or nation-states, particularly for tactical, military, or cyberespionage reasons.
- Examples of cyber warfare:
- According to The North Atlantic Treaty Organization (NATO), the Morris Worm was the first instance of cyberwarfare on a global level in 1988.
- In 2010, the nuclear enrichment facility of Iran at Natanz was targeted by Stuxnet, a digital weapon.
Various Forms of Cyber Warfare
- Cyber-attacks: These are the intrusions where immediate damage or disruption caused are the main concern.
- In 2019, it was reported that Chinese state-sponsored hackers had targeted the Kudankulam Nuclear Power Plant in India using the DTrack malware to steal data from computer systems.
- Cyber Espionage: Cyber espionage is an act of intrusion which can provide the confidential or sensitive information needed. Traditional espionage is not an act of war, nor is cyberespionage, and both are generally assumed to be ongoing between major powers. For example:
- Massive spying by the US on many countries, revealed by Edward Snowden.
- After the NSA’s spying on Germany’s Chancellor Angela Merkel was revealed, the Chancellor compared the NSA with the Stasi (the official state security service of the German Democratic Republic).
- Cyber sabotage: It is the deliberate use of digital technologies to disrupt, damage, or destroy computer systems, networks, or digital infrastructure. For example:
- WannaCry: This was a ransomware attack that infected hundreds of thousands of computers in over 150 countries in 2017
- NotPetya: This was a destructive malware attack that targeted Ukrainian financial, energy, and government sectors in 2017.
- Cyber Propaganda: It refers to the use of digital technologies and online platforms to spread false or misleading information for the purpose of influencing public opinion or behavior. For example:
- Cambridge Analytica Scandal: Russian operatives used social media platforms to spread false or misleading information to influence the outcome of the 2016 US presidential election.
Why India Needs to Secure Its Cyber Space?
- Increasing cybercrimes: As per the NCRB data from “Crime in India, 2020”, Cybercrimes have increased four times or 306 percent in the past four years and rate of cybercrime (incidents per lakh population) increased in 2020.
- India saw a 53 per cent increase in ransomware incidents in 2022 (year-over-year), according to the “India Ransomware Report 2022″ published by the CERT-In.
- Digital India: According to a report, the value of digital payments in India will grow close to 1 trillion dollars in FY26 from 300 billion dollars in FY21.
- Critical Infrastructure: India’s critical infrastructure, including power plants and power distribution, healthcare, railways and banking, have witnessed increasing cyberattacks, allegedly from Chinese state-sponsored groups.
- Cyber Defence: Presently, the nature of the war in Ukraine indicates that India needs to review its cyber-defence policies. India also needs to give equal attention to building a deterrent cyber-offensive capability.
- Offensive cybersecurity strategies preemptively identify vulnerabilities and security weaknesses before an attacker exploits them.
- Terrorism: As per a report by the International Institute for Counter Terrorism, hacktivism activities have increased in Southeast Asia, including website defacement, distributed denial-of-service (DDoS) attacks and information leaks. Such threats will increase in the coming times.
Current Cyber Security Architecture in India
- National Cyber Security Policy, 2013: It was the first comprehensive document brought out by government to create a secure and resilient cyberspace ecosystem and strengthen the regulatory framework.
- It aims to protect information infrastructure in cyberspace, reduce vulnerabilities, build capabilities to prevent and minimize damage from cyber incidents through a combination of institutional structures, people, processes, technology and cooperation.
- National Cyber Security Strategy 2020: It was conceptualized by the National Security Council Secretariat to ensure a safe, secure, trusted, resilient and vibrant cyberspace for Nation’s prosperity.
- Pillars of strategy are Secure (the National Cyberspace), Strengthen (Structures, People, Processes, Capabilities), and Synergise (Resources including Cooperation and Collaboration).
- Institutional Mechanism:
- Indian Cyber Crime Coordination Centre (I4C): It was rolled out by Ministry of Home Affairs for the period 2018-2020 to combat cybercrime in the country, in a coordinated and effective manner.
- Indian Computer Emergency Response Team (CERT-In): It serves as national agency for responding to cyber security incidents as per provisions of IT Act, 2000. It issues alerts and advisories regarding latest cyber threats/vulnerabilities and counter measures to protect computers and networks on regular basis.
- Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre): It has been launched for detection of malicious programs and provide free tools to remove the same. o National Cyber Crime Reporting Portal: It caters to complaints pertaining to cybercrimes only with special focus on cybercrimes against women and children.
- National Cyber Coordination Centre (NCCC): It is multi-stakeholder cybersecurity and e-surveillance agency, under CERT-In. It generates situational awareness of existing and potential cyber security threats and enable timely information sharing for proactive, preventive and protective actions by individual entities.
- National Critical Information Infrastructure Protection Centre (NCIIPC): It is created under IT Act, 2000 (amended 2008) and designated as National Nodal Agency to facilitate safe, secure and resilient information infrastructure for critical sectors of the Nation.
Challenges and concerns in India’s Preparedness of Cyber Warfare
- Lack of comprehensive strategy: Unlike the US, India still lacks a comprehensive, modern, and updated cyber warfare strategy. In the preset capacity, India can only address cybersecurity attacks and not cyber warfare.
- Lack of Strong Security Culture: India lacks a strong security culture which is quite imperative in the cyber security domain.
- Lack of Awareness: Women and children are increasingly becoming victims of cybercrimes such as pornography, stalking, cheating, and hacking.
- “Whack-a-mole” approach: India’s current approach adopts a reactionary “whack-a-mole” approach rather than creating deterrence.
- “Whack – a – Mole’ approach is a style of managing or leading others where a manager waits for something, he/ she believes to be wrong to happen, and “whacks” the behavior with words and/or actions.
- Shortage of Technical Staff for the Investigation of Cybercrime: There have been half-hearted efforts by the States to recruit technical staff for the investigation of cybercrime.
- A regular police officer may be unable to understand the nuances of the working of a computer or the Internet.
- It is only a technically qualified staff who could acquire and analyse digital evidence.
- National Cybersecurity Strategy: The Union Government is in the process of formulating a National Cyber Security Strategy which will holistically look at addressing the issue of security of national cyberspace.
- Increased Participation and Awareness: There needs to be enhanced private and public sector participation along with data protection efforts to prevent frequent cyberattacks.
- Technological Updation: India also needs to study the evolving tactics, techniques, and procedures (TTPs) of hackers and criminals to be able to prevent these attacks. The cyber forensic laboratories of States must be upgraded with the advent of new technologies.
- Data localisation: Most cybercrimes are trans-national in nature with extra-territorial jurisdiction. The collection of evidence from foreign territories is not only a difficult but also a tardy process.
- Therefore, ‘data localisation’ must feature in the proposed Personal Data Protection law so that enforcement agencies are able to get timely access to the data of suspected Indian citizens.
- Human Resource Development: There is a need to introduce new courses, curriculum and academic institutions in the field of cyber security, ethical hacking, cryptology etc. to boost human resource in the field of cyber warfare.
- Synergy and Coordination: There is a need for coordination, planning, understanding and synergy of efforts amongst all civil, military, intelligence, law enforcement and educational organisations responsible for cyber security, information assurance, cyber warfare and perception management.
- Budget Allocation: A Parliamentary Standing Committee has recently recommended that funds for cyber security may be increased on a year on basis to forestall any failures in this domain for sheer lack of funds.