India-China Cyber Asymmetry: Act Now

India-China Cyber Asymmetry: Act Now

This is a regular working day in Mumbai, India. The lines outside the ATMs and Bank tellers are getting serpentine, and people are losing their patience, the banking servers have crashed. In a short while stock market Servers crash, and airlines & train bookings are not accessible. Airliners in the air and trains on the tracks are running amuck without any controlling, without signals. Almost every online economic activity has ceased to exist, and slowly it starts spreading across the nation. In a short while, mobile services stop, emergency response systems crash, and water supply to the Mumbaikars stop. Then comes the worst news, the power grids have crashed. The financial capital of India is a dark patch on the mother earth, incommunicado; inaccessible, spiraling down the labyrinth. India is under attack, and the attackers are invisible.

The scenario is very scary and is not from any Sci-Fi movie. Some of it has already happened in the past. The rest of it could be very much possible in the near future, in any city, in any country, across the globe. Are we, knowingly or unknowingly inching towards a very different kind of war? ‘The Cyber War’ – are we ready for it?

Denial has not helped India

Now, this is a real scenario, which took place on 12 Oct 2020 at 10.10 a.m. in Mumbai. The 400 KV Padgha-Kalwa transmission lines that supplies power to Mumbai, tripped. Life in Mumbai came to a grinding halt. Later on National Critical Information Infrastructure Protection Centre (NCIIPC) informed that this was a cyberattack by the Chinese state-sponsored group, Red Echo. It used malware ‘Shadow Pad’ targeting the Indian Power sector’s Regional Load Dispatch Centres along with State Load Dispatch Centres. Similarly, on 30 October 2019, Tamilnadu-based Kudankulam Nuclear Power Plant’s IT network was hacked by supposedly North Korean hackers.

Both are worrying trends. Authorities immediately went into ‘denial mode’ initially and then followed by ‘the attack was ineffective’ mode. The Chinese PLA Unit 61398, APT41, APT22, and some other groups from North Korea are known to systematically target and sabotage Indian defence and offence mechanisms. It is also public knowledge who controls North Korea, externally.

Recent remarks by Chief of Defence Staff General Bipin Rawat on Chinese capabilities are the first admission by any high ranking government official,

“We have been a little slow on the start, therefore over the years, a capability differential has come in. Most important, where the biggest differential lies, is in the field of cyber. We know that China is capable of launching cyber attacks on us, and that can disrupt a large amount of our systems.”

India has not been slow; rather India has been in slumber. China started showing its hideous side from the beginning of the new millennium; however serious cyberattacks began in 2007. China mounted daily attacks on government and private networks in India. These attacks were far more sophisticated than normal hacking. There was a method in the madness. They were studying the Indian systems.

India has been doing piecemeal efforts to resolve a very complex issue. It created Defence Cyber Agency (DCA) in 2019. DCA is a dual-purpose agency. It is tasked to fight virtual wars in the cyber dimension as well as formulate a doctrine of cyber warfare. Towards the end of 2020, the Indian Army created Director General of Information Warfare under the Deputy Chief of Army Staff, Strategy. This curate’s egg with a plethora of other agencies was no answer to Chinese capabilities. Nostrum of half-hearted Indian efforts along with lack of one single central authority is outright insufficient and ineffective.

China’s Strategic Support Force: A Conjuring or Real Threat

China started paying serious attention to cyber warfare in the 90s when it was known in a more simplistic term the “information warfare”. China had closely studied the United States and how its military had benefited from the application of high technologies in the Gulf War, Kosovo, Afghanistan, and Iraq. China realized the importance of information technologies and the critical role it will play in future wars.

Beginning in 2013, there was a flurry of activities in China. These activities were centered on a well-thought-out strategy. China’s kairos moment came in 2015 with the advent of the People’s Liberation Army (PLA) Strategic Support Force (SSF). This force was called a “new-type combat force” which was designed to leverage space, electromagnetic, and network capabilities for joint operations across multiple domains of conflict threatening key nodes of enemy’s combat systems.

The main role of the SSF was jointmanship, providing an “information umbrella” to land, sea, air, and missile force operations, which is crucial to China’s expanding hard power as well as its commercial and strategic interests.

The widely known cyber unit of PLA is the Second Bureau of the Third Department, Unit 61398. This unit consists of the most experienced and competent IT specialists, electronic engineers, mathematicians, and linguists. Most of them are English speaking. Its main headquarters is in Shanghai. Unit 61398 is not just a typical conventional unit, rather it implements the decision undertaken by the Chinese Communist Party, who to attack and where to attack in cyberspace.

Where does India Stand

As per cyber security company FireEye Inc., India is the 5th most targeted country by China. Speaking to ‘India Today’ magazine this information was further explained by Antara Ghosal Singh, a China expert and a research associate at Delhi’s Policy Group. She said, “Cyberspace is an area where we need to beef up our preparation. China believes that the level of PLA’s electronic warfare is “world-class” and that it has an edge over India in this realm. Therefore, organizing cyber attacks to destroy the command network, air defence network or radar network, air command network, etc. of the Indian armed forces at all levels, are very much part of PLA’s action plan in case of a major conflict.”

Courtesy: insightful

National Cyber Power Index, is an annual list prepared by Belfer Center for Science and International Affairs. The 2020 list puts India in a very tight spot. In the list of 29 countries, India was lowly 21. Another list, the Cyber Capability Index, puts India at number 26.

India ranked 12th in Norms, 15th in intelligence, 19th in commercial parameters, 24th in the Defence category, 26th in surveillance, and 29th in Control. In addition to India, 12 more countries haven’t built offensive cyber capabilities. It was sad to note from the whole study that even the intent to build such capabilities is also missing.

Two Asian powerhouses, India and China, had similar GDP per capita in the early 80s and India was a rising IT power of the 90s. Today, China is in the top 5 for every single objective in the index prepared by the Belfer Center. In the last decade, China has invested heavily in the research and development of technologies. These results not only reflect China’s dominance in cyberspace but also highlight the significant gap in capability between China and India in most areas. It is also noteworthy that China was nowhere among the top ten, in the Cyber Power Index till 2011.

Courtesy: insightful

India spends just 0.65% of its GDP on R&D and innovation compared to other economies who spend 1.5-3.0% of GDP. This neglect over a period of time has left India far behind. Even countries like the United Arab Emirates, Vietnam, Malaysia, and Singapore have become more capable cyber powers compared to India. Today the top ten dominant cyber powers are the U.S., China, U.K., Russia, the Netherlands, France, Germany, Canada, Japan, and Australia.

Powerful offense may not be good defence

Force India magazine’s editor Pravin Sawhney in a recent YouTube program stated that in cyberspace only offensive posturing works and not defensive posturing. His line of thinking is incomplete. A cyber expert and Senior Colonel of PLA, Li Daguand, stated the principle that “the best defense is a good offense is not favorable in cyberspace.” He states, “after the first round of a cyberattack, the targeted side can respond with a precise counter-attack as long as it has a strong defense. The attacker will then suffer unfavorable outcomes if its defense is not good enough. From this perspective, it is wiser to make efforts in building up a strong defense, then only you can take offensive action.”

Poor defensive mechanisms have costed India dearly in the past. I have written about this, and I reiterate that,

“the crash of the Vikram lander while landing on the dark side of the moon was not a scientific failure. It could have been a ‘Logic Bomb’ inserted by our adversaries, which activated during the lander’s descent and force it to crash.”

China has voracious appetite for your data

In April 2020 Forbes magazine reported that some of the security experts have discovered that the Redmi Note 8 smart phone observes and transmits much of data to remote servers hosted by the Chinese tech giant, Alibaba. It records all the websites visited, search engine queries, folders opened and every item viewed on a news portal, etc. That tracking appeared to be happening even in “incognito” mode. India is one of the biggest markets for Chinese smartphones.

Top five smartphone companies in India: insightful

Another worrisome aspect is network and telecom equipment, as well as wifi routers. Most of these types of equipment are often made in China. Many backdoors have been found in Chinese telecom equipment (Huawei and ZTE), which give access to Chinese state-backed attackers. This data has immense use in commercial and defence-related activities.

Imagine not only Indian industries but defence organizations and every individual in India using Chinese equipment is at the mercy of the Chinese Communist Party. I am sure the Ministry of Defence is keeping this aspect in mind while procuring such equipments

What should India do

Keeping in mind India’s present status of cyber defence, it would be prudent to decouple critical defence and civilian infrastructure from the open network till the time right defensive and offensive cyber systems are in place. After all, even Pentagon was dissuaded from networking the nuclear weapon systems to the Columbia-class ballistic missile submarine and B-21 Raiders.

As a general rule, Indian armed forces should purchase the simplest possible tools to fulfil the intended tasks. If the forces can achieve a task without giving enemy cyber-warriors a point of entry, then they should persevere that option. High tech weapon systems must carry out a specific task better than the low-tech alternative, offset consequent cyber vulnerabilities and additional logistical burdens. The forces should reject any system that fails these tests.

Courtesy: insightful

India should work on the following:

• Establish a Central Cyber Command as soon as possible.
• Disband or merge all existing institutions with Central Cyber Command.
• Lay down clearcut military and civilian targets in China and other rogue nations.
• Countries like China implement domestic surveillance vigorously. China still uses HTTP since ‘Great Firewall’ and Hyper-Text Transfer Protocol, Secure (HTTPS) along with Transport Layer Security(TLS) do not go hand in hand. This leaves a back door open for exploitation. To name a few organizations using HTTP and available for exploitation:
  • People’s Liberation Army Navy
  • Chinese Central Government’s Network
  • Ministry of Foreign Affairs
  • United Front Work Department of the CCP’s Central Committee
  • Bank of Jilin
• Prepare for the offence on China’s economy and nuclear infrastructure but lay low till foursquare defence is in place.
• Spell out and disseminate threshold level, crossing which lethal offensive action against the perpetrators would be initiated.
• Without effective cyber systems in place, the proposed ‘Theatre Commands’ would remain on paper
• Last but not least, prepare to fight the next war without GPS.

ACT NOW

“A great deal of intelligence can be invested in ignorance when the need for illusion is deep.”– Saul Bellow

The former head of the Communications Department of Chinese General Staff General Xu Xiaoyan had openly adumbrated China’s great power ambitions in 2014. He stated, “China needs a network confrontation technology – intercepting, utilizing, corrupting and damaging the enemy’s information and using false information, viruses and other means to sabotage normal information systems functions through computer networks”.

Alas, we chose to ignore similar messaging from uppity Chinese President Xi Jinping. The urgency for India to up the ante in the cyber domain has never been so real. The last hacking of the Kudankulam Nuclear power plant was restricted to the ‘information technology’ (IT) side, but when it would cross the ‘air gap’ and move to the ‘operational technology’ (OT) side is just a matter of time.

Jeremy Fleming, director of the British spy agency GCHQ, cautions while speaking at Imperial College London, “The West must urgently act to ensure China does not dominate important emerging technologies and gain control of the global operating system”. There is an urgency in his lecture, where is our urgency?

References:

• insightful.co.in/2020/04/28/beware-the-war-is-getting-uglier
• medianama.com/2019/10/223-india-defence-cyber-agency-part-2/
• wired.com/insights/2015/01/is-cyber-terrorism-the-new-normal/
• brookings.edu/research/china-as-a-cyber-great-power-beijings-two-voices-in-telecommunications
• belfercenter.org/publication/national-cyber-power-index-2020/
• cloud.mil/JEDI-Cloud/
• c4isrnet.com/congress/2021/04/16/senators-push-quantum-computing-at-dod
• ndupress.ndu.edu/Portals/68/Documents/stratperspective/china/china-perspectives_13
• indianexpress.com/article/india/china-has-capability-to-launch-cyber-attacks-cds-general-bipin-rawat-7263541/
• carnegieendowment.org/2019/04/01/what-are-china-s-cyber-capabilities-and-intentions-pub-78734
• rand.org/content/dam/rand/pubs/monographs/2009/RAND_MG877
• inc42.com/features/the-anatomy-of-cyberwarfare-is-india-ready-to-take-on-china/
• drive.google.com/file/d/1ryMCIL_dZ30QyjFqFkkf10MxIXJGT4yv/view
• c4isrnet.com/show-reporter/c4isrnet-conference/2021/04/22/navy-to-test-potential-for-information-warfare-cells-at-maritime-operations-centers/
• worldscientific.com/doi/pdf/10.1142/S2630531319500021
• valentinweber.com/https.html
• forbes.com/sites/thomasbrewster/2020/04/30/exclusive-warning-over-chinese-mobile-giant-xiaomi-recording-millions-of-peoples-private-web-and-phone-use/?sh=78ce094f1b2a

Author

A veteran of the Indian Navy, Cdr Sandeep Dhawan served in the Navy from 1988 to 2009. He was a Maritime Reconnaissance Pilot and a Flying Instructor. He is a geopolitical analyst and writes for the various online websites and organizations.