8 July 2020

China’s INEW and the Sleepy Elephant

Lt. Gen Prakash Katoch

Following the news of some 40,000 cyber attacks in a week by China, an interesting discussion on TV had a former additional secretary R&AW say that China became serious with cyber warfare when it unveiled its strategy of ‘Unrestricted Warfare’ in 1999. He said China has a dedicated 50,000-strong force for cyber warfare and another 50,000 in support.

All this has been known past years. Compare this with the manpower of Indian Computer Emergency Response Team (CERT) operational since 2004 and its activities in last three months mentioned on its website: April 6 – large number of DDoS attacks reported that are propagated via infected Grandstream UCM6200 and Daytek Vigor devices; May 15 – threat actors taking advantage of pandemic situation to trick users to give up sensitive information interests associated with COVID-19 activities, news and information, and; June 24 – reports that Google has dropped 106 extension of the Google Chrome browser from the Chrome Web Store which was found collecting user data.


The National Technical Research Organization (NTRO) along with the National Institute of Cryptology Research and Development was set up in 2004. NTRO functions directly under the National Security Advisor. The National Critical Infrastructure Protection Centre under NTRO monitors intercept and assess threats to crucial infrastructure and other vital installations from intelligence gathered using sensors and platforms which include satellites, underwater buoys, drones, VSAT-terminal locators and fiber-optic cable nodal tap points.

NTRO also has access to satellite data from our satellites like the Technical Experimental Satellite (TES), Cartosat-2A and Cartosat-2B in addition to our radar imaging satellites RISAT-1 and RISAT-2. The first Very Long Range Tracking Radar (VLRTR) became operational in 2017 following government approving induction of two new units of VLRTR under MoU between NTRO and IAF for realizing Missile Monitoring System to detect space-borne threats in aid of Ballistic Missile Defence (BMD).

Going by media, tasks of NTRO are to develops technology capabilities in aviation and remote sensing, data gathering and processing, cyber security, cryptology systems, strategic hardware and software development and strategic monitoring. It is unclear what all is covered under “Strategic monitoring” but the fact remains that the Chinese surprised us in Eastern Ladakh – same as happened during the Kargil intrusions in 1999 when there was no NTRO.

Why did this happen, who is responsible, will it be rectified or will the omissions be covered up through paid journalists saying satellite imagery shows own positions, not of PLA? Ironically, the debate invariably gets reduced to which political party was in power at that time. But the question remains how do we organize strategic intelligence in our country where the left hand is oblivious of what the right hand is doing, and keep the military constantly updated about the troop movement of our adversaries, development of their border infrastructure and other activities related to defence of the nation?

A national daily in its editorial titled ‘Change The Game’, referring to the intrusions in Eastern Ladakh and presence of sizeable number of PLA troops in the Depsang Bulge which indicates a long-haul, recommends discarding our reactive mindset and adopt non-linear tactics taking the enemy by surprise. Among the recommendations, it recommends taking a leaf out of China’s book and step up our cyber-warfare capabilities. In this context, periodic reports in our media indicate that our cyber-warfare activates are largely, if not totally, focused towards Pakistan; that too mainly on terrorist and terror-related activities.

There have been reports in the past of own hackers hacking Pakistani websites including of their military. But what cyber attack capability do we have against China, when will we get down to developing this in real earnest and will we continue to function in separate compartments of civil and military? Can we follow the US and Chinese model of the military leading the cyber-warfare program of the nation?

Would that be too much for egos and turfs or is it the fear of disclosure of deeds of politicians and the bureaucracy that made one government shut down the Army’s Technical Support Division (TSD) giving excellent trans-border intelligence, and subsequent governments couldn’t muster the guts to revive the TSD? After all lack of trans-border intelligence would only result in more army casualties – which can always be filled up with multitude of youth in the country!

Our tri-service Defence Cyber Agency (DCA) was established in 2019 and is tasked with handling cyber security threats. Going by media reports, DCA would have capability to hack networks, mount surveillance operations, lay honey-pots, recover deleted data from hard drives and cell phones, break into encrypted communication channels, and perform other complex operations in addition to framing a long-term policy for the security of military networks and preparing a CW doctrine. Would they have offensive tasks and assigned cyber attacks responsibility especially against China is doubtful, given our defensive mindset.

China recognizes complementarities between cyber warfare (CW) and electronic warfare (EW) and role that the electromagnetic spectrum (EMS) plays for both. As such both EW and CW support military operations and missions. Information warfare (IW) capabilities of China are an integration of CW and EW. According to PLA, EW and CW are not mutually exclusive; it is necessary to recognize their convergence and integration to dominate information operations; hence the term Integrated Network Electronic Warfare (INEW). Most immediately relevant to land operations are ground-based EW systems and aerial EW systems.

PLA military exercises incorporate network attacks, network defence, electronic countermeasures (ECM), deception and psychological operations, in conjunction ground, naval, air forces and strategic missile forces. PLA has Blue Force IW units which carry out information confrontation missions in exercises to create a complicated jamming and network attack environment.

Use of complex electromagnetic environment is practiced where blue force units target command and control networks via Computer Network Attack (CNA) or jamming critical communication nodes, thus preparing the units for realistic IW environment. PLA artillery units have reportedly developed soft kill capabilities integrated into their fire support missions; a model which incorporates EW and CNA capabilities integral to the unit rather than solely relying on dedicated external INEW units for support.

Achieving information dominance is one of the key goals for PLA at the strategic and campaign levels. Identifying and attacking enemy C4ISR and logistics system is highest priority for IW attacks. The aim is to combine paralyzing Computer Network Operations (CNO) strikes on the enemy’s command and control architecture combined with hard kill using missiles, airstrikes and/or Special Forces against critical installations or hardware.

Adoption of INEW strategy by the PLA as modified by information confrontation strategy indicates that PLA has developed specific roles for CNO during conflict and in peace time as well. PLA’s Strategic Support Force (PLASSF) integrates the functions of intelligence, technical reconnaissance, EW and CW. This synergy has tremendous advantage both during periods of war and non-war.

China’s about turn from overt bonhomie to the surprise aggression in Eastern Ladakh should serve as wake up call for us. Whether we preclude all out war and acknowledge possibility of border skirmishes, China’s INEW strategy poses potent threat which is all pervasive. Recall IAF’s Sukhoi-30 fighter jet that crashed close to the LAC on May 23, 2017 killing both pilots was due to Chinese cyber attack. So was a drone close to Doklam with the debris falling on the Tibet side. It is no more a case of defending our civilian and military networks and protecting our critical infrastructure. There can be no shortcut to developing matching capabilities, more offensive the better.

No comments: