New Delhi: The Army has faced 23 attempted cyberattacks so far this year, or around two every month, highly-placed sources in the security establishment have told ThePrint.
The number of attempts was substantially higher than witnessed last year, the sources said. The exact data for 2018 was not available.
The Army sources refused to divulge exactly how the force tackled the attempts, but said there was a dedicated team of highly-qualified professionals at work to foil cyberattacks.
The team, the sources said, is empowered with the latest hardware, software and technical support.
“These attempts follow trends through which we identify the modus operandi of these operatives and develop our strategies to fight them and also prepare advisories to keep our community aware and informed,” a senior Army officer said.
‘A challenge for everybody’
A senior officer in the security establishment said cyberattacks were a cause of global concern as the world is increasingly getting networked. Hardware and its sourcing, the officer added, can lend vulnerability to the network.
“It is a challenge for everybody and adequate firewalling needs to be done for all critical infrastructure,” the officer said.
Militaries all over the world build exclusive internal networks for operations — networks that are not connected to either an open wide area network or external network. Given this isolation, the military network is difficult to penetrate.
“But even though the critical infrastructure is difficult to penetrate, every office has internet,” the senior security officer said. “As for the hardware, we have labs where they are all tested before being incorporated.”
A ‘Defence Cyber Agency’ in the works
With the military going digital, cyber threats could see a rise, the second officer quoted above said.
“The fear is also with Artificial Intelligence coming into the military, your systems can get compromised and taken over by adversaries,” the officer added.
To counter such threats, India is in the process of setting up a tri-service ‘Defence Cyber Agency’, under the Integrated Defence Staff. As of now, cyber-security is not a full-fledged command.
The Cabinet Committee on Security cleared the formation of the agency last year, along with a ‘Defence Space Agency’ and ‘Special Operations Division’.
Last week, think tank Centre Knowledge Sovereignty India organised ‘Cybersecurity – Citizen 2030’, a roundtable conference in which representatives from defence, industry, academia and many other fields participated.
Lt Gen (Retd) D.B. Shekatkar, president of the think tank, told ThePrint that there would be more attempts of cyberattacks from India’s adversaries in the years to come, which could be “deadlier” than terrorist attacks.
“A deadly cyberattack could also affect a nuclear facility, or the air traffic control system, the power grid. Or even disable the war machinery during war. It’s high time that we woke up to such challenges, and remain 10 steps ahead of our adversaries — with close coordination with defence agencies,” he said.
Shekatkar had headed the Committee of Experts constituted by the Ministry of Defence to recommend measures to enhance combat capability and re-balance defence expenditure of the armed forces, which had submitted its report in December 2016.
In the report, the committee had extensively spoken about threats in the sphere of cyber and space.
Over 10,000 Indian websites hacked until May in 2019
According to the Quick Heal Annual Threat Report 2019, Indian Windows users faced 1,852 cyberattacks each minute in 2018, and Mumbai and Delhi were among the most affected cities.
Union Information Technology Minister Ravi Shankar Prasad said in a written reply to the Lok Sabha this July that over 10,000 Indian websites had been hacked until May.
Attempts have been made from time to time to launch attacks on Indian cyber space, and these attacks were seen to be originating from a number of countries, including China and Pakistan, he added.
Research by software company Subex revealed that a range of sophisticated malware is being deployed by hackers to target critical infrastructure projects and there has been a significant rise in reconnaissance attacks.