India’s security interests have in recent times been under serious threat by multiple cyberattacks from Pakistan-based hacker groups targeting the country’s critical infrastructure and government servers.
These attacks eclipse the earlier ‘nuisance value’ acts of vandalising Indian websites and demonstrate a step-up of Pakistan’s cyber capabilities. They should be seen in conjunction with its persistent anti-India cyber disinformation campaigns such as those pertaining to Kashmir and Indian interests in Afghanistan. This stepped-up activity comes in the backdrop of Islamabad’s new cyber security policy and expanded digital cooperation with China, as Sameer Patil and Aditya Bhan have brought out in an article for Mumbai-based think-tank Gateway House.
In August this year, US-based cybersecurity firm Black Lotus Labs reported that a Pakistan-origin malware called ‘ReverseRat 2.0’ had targeted Indian government officials by sending a forged invite for a United Nations meeting on organised crime with a Microsoft Teams link. ReverseRat 2.0 can breach the device of its intended victims, and the malware can remotely click photographs via its webcams and retrieve files from USB devices plugged into the infected device. This is an advanced version of Pakistan’s earlier malware ‘ReverseRat’, detected in June, which targeted India’s power sector and government departments.
There is no point in complaining about Islamabad’s misplaced priorities given its efforts ought to be directed towards preventing the collapse of the Pakistani economy which is now dependent on bailouts from the IMF, Saudi Arabia and the like. As an ‘eternal adversary’ whose founding charter as a nation-state is premised on animosity for India, Pakistan will do whatever it can to undermine India’s security and integrity.
The digital threat from Pakistan is illustrated by attempts of the hacking group APT36, an Islamabad-sponsored player, to infiltrate Indian government, diplomatic and military networks, and honey-trap defence personnel. Pakistan’s Cyber Security Policy 2021, which seeks to position the country as an important participant in the global conversation on cybersecurity, does not spell out its offensive capabilities for pre-emptive use but it does signal to adversaries that its capabilities are robust and deployment-ready. The new policy iterates that any cyberattack on a Pakistani establishment will be considered an assault on Pakistan’s sovereignty and provoke retaliation.
So, what should India do to neutralise the Pakistani cyber threat before it assumes menacing proportions? Experts say that while Pakistani hacking activities lack the sophistication of Chinese-sponsored cyberattacks, they exhibit an unsurpassed tenacity in their ideological propaganda as seen in the aftermath of the abrogation of Article 370.
India strengthened its cybersecurity architecture by creating the Defence Cyber Agency and formalising the National Cyber Security Policy (2013) which is being upgraded to a National Cyber Security Strategy to enable a more proactive approach. The National Critical Information Infrastructure Protection Centre has also begun engaging with public and private sectors to secure critical infrastructure from cyber threats, write Patil and Bhan. But this is just the beginning of what is likely to be a long haul in countering Pakistan’s efforts to destabilise India.