Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

12/29/2020
10:00 AM
Mike Hamilton
Mike Hamilton
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
0%
100%

India: A Growing Cybersecurity Threat

Geopolitical tensions and a dramatic rise in offensive and defensive cyber capabilities lead India to join Iran, Russia, China, and North Korea as a top nation-state adversary.

With geopolitical tensions against the United States continuing to heat up, a new cyber superpower and formidable adversary is quickly emerging to join Iran, Russia, China, and North Korea as a top nation-state adversary: India.

Geopolitical Factors Boost India's Cyber-Threat Activity
India's cyber capabilities are growing, at least partially in reaction to activities across the border in China. The rise of China and its apparent expansionist activity is likely to motivate Indian actors with varying levels of state support to act. This provides fertile ground for the development of national offensive cyber capabilities and crime.

Related Content:

Navigating the Security Maze in a New Era of Cyberthreats

The Changing Face of Threat Intelligence

10 Ways Device Identifiers Can Spot a Cybercriminal

Diplomatic relations between India and China are at a low point, with troops fighting along the border in the western Himalayas in mid-2020. China is also considering a plan to construct dams on a section of the Brahmaputra river, which could cause downstream water shortages through Bangladesh.

At the same time, unemployment in India as a result of the COVID-19 pandemic has created a very large population of technically skilled people in need of income. Reports indicate that this has caused an uptick in cybercrime from India — presumably from the younger, tech-educated population.

India has also banned over 200 Chinese apps over security concerns, both to curtail surveillance activity and to make its digital sovereignty clear. This confluence of drivers has created patriotic and profit incentives, and the "bench" of technically adept actors is enormous. In addition, an emergent Indian initiative to provide technical education to 400,000 young people in poverty will assuredly have an amplifying effect.

What to Expect From India's Cyber Capabilities and Defenses
We should initially expect more domestic cybercrime in India as non-state actors build skills and tool sets. There has already been a noticeable uptick in cybercrime accompanying online shopping for Indian festivals, and it's likely that a growing fraction of that activity is domestic.

At the state level, we should expect that the Indian government will follow the lead of the United States and now the United Kingdom in the "defend forward" doctrine of acting in advance to disable threats that are supported by high-confidence intelligence. One indication of this was a recent revision to the Foreign Trade Act, which now includes a prohibition on exporting "software specially designed or modified for the conduct of military cyber operations."

Further, as the Indian and Chinese space programs gain ground, we should expect space to be much more contested in terms of satellite jamming, position spoofing, and potentially kinetic space operations. Beidou, China's competitor to the US GPS constellation, is already the preferred positioning system for 165 countries, and the exposure this creates has not gone unnoticed.

Finally, India will undoubtedly be developing defensive capabilities to counter the "new normal" of autonomous kinetic delivery vehicles — basically, drones with bombs. These are being increasingly used around the world, and without electronic or cyber countermeasures in place, there are few ways to mitigate the effects of robotic combat.

How India Compares With Other Adversaries
Today, India is regarded more as a victim than an aggressor of cybercrime and espionage. Compared with other developed nations, India's offensive cyber capabilities are nascent — but the motivating factor of an aggressive and expansionist adversary combined with a very large population educated in technology suggests it won't be long before the country catches up, potentially with key allies' help. Indeed, a recent report ranking China as the No. 2 country in terms of global cyber power has India's attention and likely provides an accelerant for developing offensive capabilities.

Ultimately, the rise of India's offensive cyber capabilities may be good for the global balance of power; it may become a catalyst for bringing countries to the table to develop norms and enforcement methods. In the short term, the last thing we need are more criminals. India would be wise to consider how intertwined these two outcomes are and plan accordingly.

One of CI Security's Founders, Mike Hamilton has worked in InfoSec for 30 years in every sector and in every imaginable role. Michael has 30 years of experience in information security as a practitioner, consultant, executive, and entrepreneur. As former Chief Information ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-20733
PUBLISHED: 2021-06-22
Improper authorization in handler for custom URL scheme vulnerability in ????????? (asken diet) for Android versions from v.3.0.0 to v.4.2.x allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App.
CVE-2021-20734
PUBLISHED: 2021-06-22
Cross-site scripting vulnerability in Welcart e-Commerce versions prior to 2.2.4 allows remote attackers to inject arbitrary script or HTML via unspecified vectors.
CVE-2021-20735
PUBLISHED: 2021-06-22
Cross-site scripting vulnerability in ETUNA EC-CUBE plugins (Delivery slip number plugin (3.0 series) 1.0.10 and earlier, Delivery slip number csv bulk registration plugin (3.0 series) 1.0.8 and earlier, and Delivery slip number mail plugin (3.0 series) 1.0.8 and earlier) allows remote attackers to ...
CVE-2021-20736
PUBLISHED: 2021-06-22
NoSQL injection vulnerability in GROWI versions prior to v4.2.20 allows a remote attacker to obtain and/or alter the information stored in the database via unspecified vectors.
CVE-2021-20737
PUBLISHED: 2021-06-22
Improper authentication vulnerability in GROWI versions prior to v4.2.20 allows a remote attacker to view the unauthorized pages without access privileges via unspecified vectors.