After Ladakh cyber attack, India needs to prepare for future threats. A cyber expert explains

Addressing a news conference on Tuesday, IAF Chief Air Marshal VR Chaudhary said it was imperative to rethink, reform, redesign and rebuild our traditional combat machinery amid a new paradigm emerging. “As the world becomes more interconnected, a cyber attack on our networks could cripple command and control systems,” he said.

The statement comes after China launched “investigative cyber attacks” on the electricity network in the strategically located Ladakh. The hacker group allegedly used the Trojan ShadowPad, believed to have been developed by contractors for the Chinese Ministry of State Security, leading to the conclusion that it was a state-sponsored hacker attempt.

Chaudhary said, “In the next war, the enemy may not be the state or the organization, we may never know the perpetrators. Future warfare will be hybrid – from computer viruses to ultrasonic missiles. Attacks can range from military conflict to obscuring information.

So how exactly can we quantify the cyber threats that India is facing? Nandakishore Harikumar, founder and CEO of Bengaluru-based cyber security start-up Technisanct, called for consolidated efforts to build multi-level strategies. Technisanct conducts digital risk tracking and risk positioning using AI, and specializes in deep and darkweb research. Technisanct has responsibly detected data breaches related to organizations such as Malindo Airways and Tamil Nadu public distribution systems.

“Such attacks [like what happened in Ladakh] they happen continuously, fully focused on supply chains, “he said.” Take an example. Air India recently reported a breakthrough, where Chinese hackers attacked a supplier [and pilfered data]. They [the hackers] they like to disrupt the supply chain by coordinating across multiple networks. It’s not just one vulnerability – Chinese hackers are known to be adept at exploiting the many zero-day vulnerabilities that keep popping up. “

So who are the people who actually carry out cyber attacks? “It is easy to recognize that they come from the Chinese network, but other details are not completely known. They work very secretly. They are known for continuous attacks on logistics infrastructure, and their way of working is highly targeted, industry-focused and sector-specific. That’s how they work. This pattern is very visible in the incident in Ladakh. “

How can India prevent such Chinese incursions? “It’s not just the Chinese. If you look at the progress in cyber warfare in the last two or three years, there is a huge industry that is developing in parallel. Look at what happened in Ukraine. Russian hackers attacked the basic infrastructure of Ukraine; the media industry is attacked, so We will see a huge shift — before countries transfer their weapons to the border. [for traditional warfare], cyber attacks will happen. They cannot be opposed by the UN, nor can they be included in the sanctions. Namely, when it comes to India, we don’t even have a data protection account. We know how our cybersecurity operations work [with organisations like NCIIPC and CERT]. There should be a consolidated effort to build strategies, and we need to make technological progress. ”

Harikumar emphasized that China is continuously targeting us with different vectors. “If you look at phishing campaigns targeting Indians, or loan applications that are in high traffic, you can always track down Chinese infrastructure like the Alibaba cloud. This is not just one aspect. “The Chinese are preparing with 360-degree counterattacks and full opportunities, and India must strengthen and be ready in a 360-degree manner,” he said.

What could the Chinese target with a hack in Ladakh? “It could have resulted in a major power outage, but it didn’t happen. Ransomware attacks could have happened. Infrastructure at the national level has been prepared at the front. Now imagine a situation in which local infrastructure is attacked. Therefore, the focus should be on local infrastructure such as metro railways or state power plants such as KSEB. “We are on the verge of a huge threat, but it is still not clear how ready the governments are,” he said.

Political reactions

Foreign Ministry spokesman Arindam Bagci said on Monday: “We have seen the reports. There is a mechanism to keep our critical infrastructure resilient in such cases. We have systems in place to protect critical infrastructure. “Responding to a reporter’s question, Bagchi, however, enigmatically added:” I have no information that we have raised the issue with China. “

Speaking on the sidelines of a clean energy ministerial meeting in the country’s capital, Energy Minister RK Singh acknowledged that China had made attempts, but added that India’s defense against such incursions was strong. “Our defense against cyber attacks is strong. These were test attacks in December, January and February. They failed. But we are aware,” he said. The Minister also said that measures were taken in 2018 against suspicious cyber attacks on the electricity supply system in the country. “We have set up protocols. Those protocols work and we are strengthening those protocols every day. So, our cyber defense against cyber attacks is strong. We are convinced of that,” Singh said.