Russian cybersecurity firm Kaspersky’s latest ‘Cyberthreats to Financial Organizations in 2022’ report mentions that India is one of the top five targets for cyber-attacks in the Asia Pacific region, particularly the APT (Advanced Persistent Threats) cyber-attacks which exploit gaps in cyber defences, and remain undetected for a long time. According to Kaspersky, the APT attacks are expected to increase in the coming years. Kaspersky’s findings reflect the growing expansion of India’s cyber threat canvas, primarily dominated by penetrating attacks from Pakistan and China.
There is good reason to suspect China-Pak collaboration in cyberspace. In recent years, Beijing and Islamabad have deepened their co-operation in the information technology domain. Digital and cyber co-operation are crucial elements of the ‘Long-Term Plan for China-Pakistan Economic Corridor (2017-2030)’. The plan emphasises ICT-enabled development and promotion of e-commerce in Pakistan.
But beyond this benign collaboration, China-Pakistan collusion has become a reality where Pakistan has emerged as a proxy for China’s malicious designs. This is particularly true with respect to anti-India propaganda on social media platforms.
During the ongoing border stand-off between India and China along the Line of Actual Control, Pakistan-based Twitter handles posing as Chinese nationals have peddled anti-India propaganda. These Twitter handles have regularly peddled misleading reports related to the violent clash at Galwan Valley in June 2020, as well as about India’s military preparedness. China and Pakistan are also potentially exploring establishing an international news media outlet that will significantly advance their propaganda efforts. Besides, in 2018, both had reportedly joined hands to honey trap Indian Army officers into revealing information regarding troop deployments along the borders with China and Pakistan.
The Chinese side has taken the lead by providing the technology and content, while Pakistan acts as the implementer and disseminator. This collaboration is symbiotic: China needs Pakistan because mainstream social media platforms such as Twitter and Facebook are banned in China, and command over the English and Hindi languages is very limited in most parts of China’s populace. Moreover, by not directly getting involved and making Pakistan the front end of the anti-India activity, China is able to skirt attribution. For Pakistan, collaborating with China strengthens its strategic partnership and lends the technical edge, which Islamabad’s cyber activities wouldn’t have been able to achieve otherwise.
This cyber collusion is also likely to extend to malicious cyber activities such as APT attacks, with the intention to collect valuable geopolitical, business, and military data. Indian cybersecurity researchers have suspected Chinese assistance to Pakistani cyber campaigns like APT36’s ‘Operation Sidecopy.’ The APT36 is a known threat actor that has used fake COVID-19 health advisory to launch phishing attacks against Indian defence networks to steal confidential information. The threat vector had been active since 2016, indicative of its long duration. Most recently, Pakistan-based hackers conducted a major cyber-attack targeting India’s power generation and transmission sector using the platform supplied by China Mobile Limited, which operates under the brand Zong 4G in Pakistan.
Evidence of Pakistan’s emergence as China’s proxy in cyberspace lies not only in China’s active role in enhancing Pakistan’s ICT infrastructure as part of the China-Pakistan Economic Corridor (CPEC), but more so in the modus operandi of cyber actors in both countries at the tactical level involving fake propaganda-based influence operations, and espionage using malware as well as honey traps.
With China-Pakistan cyber collusion becoming a reality, India must prepare for the spectre of a ‘two-front war’ in cyberspace. While their cyber-espionage operations cause loss of sensitive information, their disinformation campaigns — based on anonymity and deniability — pose the real danger of accentuating the existing political polarisation, and social divisions within India.
Moreover, these disinformation campaigns can yield a significant advantage to Pakistan and China by sowing the seeds of doubt among the citizens about their national institutions’ credibility. Therefore, India needs to effectively counter the menace of China-Pakistan cyber collaboration as it has not just national security implications, but indeed implications for India’s democracy as a whole.
In recent years, India has taken steps to plug its cyber vulnerabilities through several legal and institutional measures. Yet, Chinese and Pakistani hackers continue to capitalise on the lack of adequate cybersecurity awareness and poor cyber hygiene practices, such as not checking the veracity of ‘fake news’, clicking on unsolicited web links, among average Indian Internet users, to ensure that their propaganda efforts get the necessary traction, and their malwares breach sensitive computer networks.
Therefore, even as India strengthens its cyber defences by plugging its vulnerabilities, it must implement two steps. At the micro-level, India should increase the citizens’ resilience to emerging cyber threats, and expand cyber hygiene initiatives. At the macro-level, India must amplify its offensive cyber posture to clearly signal its intentions and deter its adversaries.
These steps are necessary for India to prepare for China-Pakistan’s ‘hybrid warfare’.