INDIA AND CHINA
BY – VATSAL LAKDAWALA
In recent times China is the most discussed in India . This is majorly due to two main reasons the corona virus outbreak and the raising tensions with China related to border issues . It is most searched in the recent time it is trending in 16 out of top 50 searches . China has become a problem to India in recent times . But in past also there have been such instances which led to creation of problems by means of cyber attacks .
HOW INDIA RESPONDED
It was reports that 35 percent of cyber attacks against the country were attributed to China. Such attacks have not generated a catastrophic impact in terms of damaged infrastructure, knocked power grids and any related casualties, China’s cyber policy against India could undermine the country’s conventional power in a future military conflict.
China’s main intention in targeting India was to gain access to sensitive information from the government and the private sector, followed by disruption of daily activities as was seen in 2010 when China’s use of stuxnet worm to compromise India’s communication satellite led to the loss of TV signal for many. Obstructing with the use of malicious software such as Trojans to enter the target’s network or software program has been the most common form of method in cyber attacks during this time period. Such intrusions are particularly dangerous. They can remain inactive for a long time only to emerge at a later date.
Yet even these preventive attempts have been slow to materialize. India still continues to import most of its hardware from China, making it more prone to attacks. A CEO of a private defense company said the “Make in India” push as “virtually a nonstarter.” The country, needs more time and money to improve defensive cyber capability and can’t even contemplate using cyber as an offensive weapon.
While attacks have been traced to hackers operating in China, the Chinese government has repeatedly denied responsibility for the actions. With the use of ordinary weapons that are the domain of the country’s military, a government can deny its connections to hackers.
Many of the institutions impacted by the malicious activities have been identified, and they have been advised to take appropriate preventive action. These include Oil and Natural Gas Corporation , National Informatics Centre , Indian Railway Catering and Tourism Corporation, Railways, and some banks like Punjab National Bank, Oriental Bank of Commerce, State Bank of India and state data centres, particularly in Maharashtra, Madhya Pradesh and Karnataka.
They are targeting by sending phishing emails with malware attachments. Phishing attacks are usually in the form of an email from a trusted source where they ask for personal details such as bank details, personal details, passwords . Department of Telecommunications had not included Huawei from 5G trials in India seemed consistent with these policies. DoT, Indian security agencies and other organisations had underlined the threat posed by Chinese telecom equipment in sensitive national networks .
The growing involvement of Chinese tech companies in the Indian market has been flagged as a major ‘national security’ concern by cybersecurity experts, who say India is the primary target of Chinese hackers working in the People’s Liberation Army . There is also the question of how to respond to a cyber attack when a country lacks credible offensive cyber capability that it could use as a deterrent. Should it turn to conventional weapons? Such a move comes with high costs. The enemy might perceive a conventional response as too escalatory in proportion to a cyber attack and escalate the conflict even more, edging dangerously close to an all out war. After all, China’s cyber attacks have not created any damage to India’s infrastructure or resulted in casualties to justify a more provocative conventional response.
The country would benefit from leading an effort to create a multination cyber colaboration , a common defense partnership for countries in Asia at the highest risk of cyber attacks from China. Such countries could most likely include China’s other enduring rivals such as Japan. The MNCC countries would harness their collective cyber capabilities and knowledge to better identify and respond to cyber attacks. Such an initiative could resemble NATO’s approach to cyber defense more so than the Association of Southeast Asian Nations’ new efforts to develop cyber norms and confidence building measures in Asia Pacific. While countries are still responsible for their own cyber defenses, NATO supports its members by sharing real-time intelligence on threats and best practices for handling such threats. Investments in education, training, and exercises are key aspects to strengthening capabilities. The MNCC could offer similar benefits to its members as well as the opportunity to receive assistance from rapid reaction defense teams that could respond to more severe threats.
Creating such an initiative would be equivalent to supporting countries’ deterrence by denial strategy simply by making it harder for China to achieve the key objectives behind its cyber attacks thanks to more strong defenses. The added benefit of the multinational approach is that it would discourage China from responding aggressively to any individual state that joins the initiative as embracing even more escalatory posture against all members could risk the kind of international crisis that might not be in China’s interest. Furthermore, the MNCC’s focus would be defensive in nature, leaving the development of offensive cyber capabilities for each state to pursue individually. This would improve deterrence by denial while reducing China’s likely negative reaction to what would be a defensive rather than an offensive initiative.