With geopolitical tensions against the United States continuing to heat up, a new cyber superpower and formidable adversary is quickly emerging to join Iran, Russia, China, and North Korea as a top nation-state adversary: India.
Geopolitical Factors Boost India's Cyber-Threat Activity
India's cyber capabilities are growing, at least partially in reaction to activities across the border in China. The rise of China and its apparent expansionist activity is likely to motivate Indian actors with varying levels of state support to act. This provides fertile ground for the development of national offensive cyber capabilities and crime.
Diplomatic relations between India and China are at a low point, with troops fighting along the border in the western Himalayas in mid-2020. China is also considering a plan to construct dams on a section of the Brahmaputra river, which could cause downstream water shortages through Bangladesh.
At the same time, unemployment in India as a result of the COVID-19 pandemic has created a very large population of technically skilled people in need of income. Reports indicate that this has caused an uptick in cybercrime from India — presumably from the younger, tech-educated population.
India has also banned over 200 Chinese apps over security concerns, both to curtail surveillance activity and to make its digital sovereignty clear. This confluence of drivers has created patriotic and profit incentives, and the "bench" of technically adept actors is enormous. In addition, an emergent Indian initiative to provide technical education to 400,000 young people in poverty will assuredly have an amplifying effect.
What to Expect From India's Cyber Capabilities and Defenses
We should initially expect more domestic cybercrime in India as non-state actors build skills and tool sets. There has already been a noticeable uptick in cybercrime accompanying online shopping for Indian festivals, and it's likely that a growing fraction of that activity is domestic.
At the state level, we should expect that the Indian government will follow the lead of the United States and now the United Kingdom in the "defend forward" doctrine of acting in advance to disable threats that are supported by high-confidence intelligence. One indication of this was a recent revision to the Foreign Trade Act, which now includes a prohibition on exporting "software specially designed or modified for the conduct of military cyber operations."
Further, as the Indian and Chinese space programs gain ground, we should expect space to be much more contested in terms of satellite jamming, position spoofing, and potentially kinetic space operations. Beidou, China's competitor to the US GPS constellation, is already the preferred positioning system for 165 countries, and the exposure this creates has not gone unnoticed.
Finally, India will undoubtedly be developing defensive capabilities to counter the "new normal" of autonomous kinetic delivery vehicles — basically, drones with bombs. These are being increasingly used around the world, and without electronic or cyber countermeasures in place, there are few ways to mitigate the effects of robotic combat.
How India Compares With Other Adversaries
Today, India is regarded more as a victim than an aggressor of cybercrime and espionage. Compared with other developed nations, India's offensive cyber capabilities are nascent — but the motivating factor of an aggressive and expansionist adversary combined with a very large population educated in technology suggests it won't be long before the country catches up, potentially with key allies' help. Indeed, a recent report ranking China as the No. 2 country in terms of global cyber power has India's attention and likely provides an accelerant for developing offensive capabilities.
Ultimately, the rise of India's offensive cyber capabilities may be good for the global balance of power; it may become a catalyst for bringing countries to the table to develop norms and enforcement methods. In the short term, the last thing we need are more criminals. India would be wise to consider how intertwined these two outcomes are and plan accordingly.One of CI Security's Founders, Mike Hamilton has worked in InfoSec for 30 years in every sector and in every imaginable role. Michael has 30 years of experience in information security as a practitioner, consultant, executive, and entrepreneur. As former Chief Information ... View Full Bio