13 March 2021

As India’s Physical Borders Quiet Down, Its Virtual Ones Are Under Siege

BY SUMIT GANGULY, CAROL EVANS 

India has recently made news by agreeing to cease-fires at two of its disputed borders: one with China and one with Pakistan. But that doesn’t mean that tensions in the region have faded.

Late last month, the U.S. cybersecurity firm Recorded Future reported that it had alerted India’s Computer Emergency Response Team, the government body responsible for protecting the country’s critical digital infrastructure, that a Chinese state-sponsored organization had been trying to infiltrate vital computer networks in India.

It wasn’t the first time. Last October, the city of Mumbai, India’s financial capital, then in the throes of the pandemic and home to a population of some 20 million, abruptly went dark. Hospitals and other facilities fell back on generators to ensure the continuation of essential services. It now appears, according to the best possible intelligence and inference, that the blackout could possibly be traced back to malware placed in India’s electric grid by state-supported organizations in China. Coming after months of tensions at the India-China border, the power outage, if indeed the work of Chinese hackers, may well have been one more attempt to apply pressure on India and test its vulnerabilities.

It makes sense that China would look to all options for needling India. The recent growth in Indian economic and military capabilities makes New Delhi a potential rival to Chinese ambitions in Asia. Beijing has also been unhappy with India’s steadily improving ties with the United States and its decision to rebuff China’s Belt and Road Initiative. Meanwhile, India’s move in August 2019 to abrogate the special status of the disputed state of Jammu and Kashmir may have also irked its larger neighbor. The action significantly undermined Pakistan’s legal claim to the territory. Since Beijing views Islamabad as not merely an all-weather ally but as a strategic surrogate against New Delhi, India’s unilateral decision was not well received.

After that August, China started to slowly exert military pressure on India’s borders to express its displeasure. It resorted to a well-worn tactic: making small, reversible incursions along a poorly demarcated border to test Indian capabilities and resolve. But despite the recent mutual pullback from the Line of Actual Control, which divides India and China, China has also been keen on opening up a new frontier in its quest to keep India off balance. In its reported cyberattacks against India’s power generation and transmission nodes, Beijing may well be doing something similar to Russia’s hybrid warfare in Ukraine. There, Kremlin-linked groups have repeatedly launched cyberattacks against almost every sector of the country’s infrastructure since 2014.

After Mumbai’s blackout, Indian Prime Minister Narendra Modi avoided coming out and directly criticizing Beijing. But the Modi government should also seriously examine its dependence on Chinese supply chains in various critical infrastructures, especially 5G. India has dragged its feet over whether to allow Chinese-backed companies—such as Huawei and ZTE, leaders in 5G technology—into its communications infrastructure. But news of potential Chinese hacks of India’s electric grid should serve as a wake-up call for New Delhi. Chinese 5G networks and hardware could seriously compromise Indian intelligence and military command and control since many of these communications systems sit on top of the country’s commercial infrastructure (something the Trump administration conveyed to Modi back in 2020).

So what’s next in this tug of war between China and India? With the physical border pacified for now, China could take another leaf from Russia’s cyber- and information warfare playbook to exacerbate underlying political, religious, and ethnic tensions in India (as Russia did in its interference in U.S. elections). Another cybersecurity firm, Cyfirma, revealed to Reuters last week that China had launched cyber-espionage attacks on two of India’s vaccine-makers—the Serum Institute of India and Bharat Biotech—whose coronavirus shots are being used in the country’s immunization campaign. That could be a priming phase for later targeted attacks to disrupt India’s COVID-19 vaccine production and dissemination—or its broader economy.

To head off disaster, as U.S. President Joe Biden settles into office, he should take advantage of opportunities for increased U.S.-Indian cybersecurity cooperation, leveraging a bilateral framework agreement that was renewed in 2018, which, among many things, calls for cooperation in strengthening the security and resilience of critical information infrastructure.

To boost such cooperation, India’s policymakers need to overcome their lingering reticence about working with the United States in the realm of sensitive technologies. Having signed three key foundational agreements to facilitate cooperation on logistics, geospatial imaging, and more, India is now in a position to work more closely with the United States.

A failure to do so could have two potentially disastrous consequences. India’s critical infrastructure could be left severely vulnerable to Chinese penetration and disruption. Worse still, its military could face disruptive attacks, leaving the country subject to coercion in yet another sphere. Even if the rollback that has taken place along the Line of Actual Control holds, further Chinese cyberattacks designed to keep India on edge could well become the norm.

No comments: