From across the border, a new cyber threat - Hindustan Times
close_game
close_game

From across the border, a new cyber threat

ByAditya Bhan and Sameer Patil
Nov 17, 2021 12:56 PM IST

Pakistan’s anti-India cyber activity must be viewed in the backdrop of its new Cyber Security Policy 2021, which seeks to position the country as an important participant in the global conversation on cyber security

Besides the older and persistent threat of cross-border terrorism, Pakistan now poses another serious threat to India’s security interests — there have been multiple cyberattacks from Pakistan-based hacker groups targeting India’s critical infrastructure and government servers.

In recent years, India has strengthened its cyber security capabilities by creating institutions such as the Defence Cyber Agency and putting in place policy frameworks like the National Cyber Security Policy of 2013. (Shutterstock) PREMIUM
In recent years, India has strengthened its cyber security capabilities by creating institutions such as the Defence Cyber Agency and putting in place policy frameworks like the National Cyber Security Policy of 2013. (Shutterstock)

These attacks eclipse the earlier “nuisance value” acts of vandalising Indian websites – a regular Pakistani habit. The new attacks demonstrate a step-up of Pakistan’s cyber capabilities and work concurrently with its persistent anti-India cyber disinformation campaigns such as those pertaining to Kashmir and Indian interests in Afghanistan.

In early August, the United States-based cyber security firm, Black Lotus Labs, reported that a Pakistan-origin malware, ReverseRat 2.0 targeted Indian government officials by sending a forged invite for a United Nations meeting on organised crime with a Microsoft Teams link. Its impact is still not known. ReverseRat 2.0 can breach the device of its intended victims, and the malware can remotely click photographs via its webcams, even retrieve files from USB devices plugged into the infected device. According to Black Lotus Labs, this is an advanced version of Pakistan’s earlier malware ReverseRat, detected just two months prior in June, targeting India’s power sector and government departments.

India has been on the radar of Pakistani hackers for some time. In 2020, security researchers from the Ireland-based Malwarebytes Labs cyber security firm noticed attempts from a hacking group, APT36, a Pakistani state-sponsored malicious actor, to infiltrate Indian government, diplomatic and military networks, and honey trap defence personnel for stealing sensitive data related to Pakistani military and diplomatic interests. Its modus operandi involved spear phishing emails with a malicious link, purportedly from the Indian government. The group has been active since 2016, indicating its long cyber espionage campaign.

Pakistan’s recent anti-India cyber activity must be viewed in the backdrop of its new Cyber Security Policy 2021, which seeks to position the country as an important participant in the global conversation on cyber security. While the new policy does not explicitly mention the pursuit of cyber offensive capabilities for pre-emptive use, it does display more teeth in its messaging to Pakistan’s potential adversaries than the earlier Prevention of Electronic Crimes Act, 2016.

Whereas the 2016 Act’s stated objective was to control the escalation of cyber offences in Pakistan and transgressions related to information systems, the most significant assertion in the recent law is that any cyberattack on a Pakistani establishment will hereafter be treated as an assault on Pakistan’s sovereignty and invite suitable retaliation. Unsurprisingly, the document has no clarity on the nature of retaliation, and whether it will be implemented using cyber offensive campaigns or more conventional methods. From India’s perspective, it is more likely that the actual objective of this vagueness is to grant Pakistan flexibility and unpredictability in its actions.

Although Pakistani hacking activities against India lack the sophistication of Chinese state-sponsored hacking groups, it is compensated for by the tenacity of the well-designed and catchy propaganda unleashed by the Inter-Services Public Relations of the Pakistani Army, such as in the aftermath of the August 2019 abrogation of Article 370 and bifurcation of India’s erstwhile state of Jammu and Kashmir. For this, it utilised fake profiles, cyber trolls, journalists, and Pakistani diplomats, focussing on themes such as alleged human rights violations by Indian security forces in the Kashmir Valley, the plight of ordinary Kashmiris and scaremongering on the possibility of an India-Pakistan nuclear war. This propaganda gained temporary traction with viral posts and trending Twitter hashtags, but it failed to cause any significant dent in India’s global image.

More critical for India is Pakistan’s status as China’s client state. Pakistan’s propaganda machinery has been busy concocting anti-India propaganda throughout the ongoing India-China border stand-off in eastern Ladakh to embarrass India and score brownie points with China. Although there is no material evidence to prove that these actions are carried out at China’s behest, there are suspicions of cooperation between Pakistani and Chinese state-backed hackers in cyberattacks directed against India after the abolition of Articles 370 and 35A. In fact, the Long-Term Plan for the China-Pakistan Economic Corridor identifies information and communications technology infrastructure development as a key area of bilateral cooperation, and while that sounds innocuous enough, don’t rule out collaboration between their deep States for the misuse of technology for geopolitical ends.

It is imperative, therefore, that India prepare to effectively counter the cyber threat from Pakistan. In recent years, India has strengthened its cyber security capabilities by creating institutions such as the Defence Cyber Agency and putting in place policy frameworks like the National Cyber Security Policy of 2013. This has acted as an umbrella policy document that traces a plan for holistic, cooperative and coordinated responses to address cyber security issues within the country. It is now being recast as the National Cyber Security Strategy to take a proactive approach to cyber issues. Universities like the National Forensic Sciences University in Gujarat offer cyber forensics courses. And the National Critical Information Infrastructure Protection Centre has begun working with the public and private sectors to secure critical infrastructure from cyber threats. India will need to be on its guard.

Aditya Bhan is assistant professor, FLAME University

Sameer Patil is a fellow for International Security Studies Programme, Gateway House

The article is written under the aegis of The Gateway House-FLAME Policy Lab at FLAME University, Pune.

The views expressed are personal

Unveiling 'Elections 2024: The Big Picture', a fresh segment in HT's talk show 'The Interview with Kumkum Chadha', where leaders across the political spectrum discuss the upcoming general elections. Watch Now!

Continue reading with HT Premium Subscription

Daily E Paper I Premium Articles I Brunch E Magazine I Daily Infographics
freemium
SHARE THIS ARTICLE ON
Share this article
SHARE
Story Saved
Live Score
OPEN APP
Saved Articles
Following
My Reads
Sign out
New Delhi 0C
Thursday, March 28, 2024
Start 14 Days Free Trial Subscribe Now
Follow Us On