How India must deal with cyberwar

A scenario-based mapping of a national strategy to deal with the emerging knowledge- and information-driven war-form

Jan 15, 2020, 1000 hours
The mellow rays of the winter sun glinted off the drum major’s baton as the colourfully attired brass band marched past the Chief of the Army Staff to the stirring strains of Deshon ka Sartaj Bharat at the end of the Army Day parade. In the speech that followed, the Chief exhorted the Army to be vigilant and be prepared to face the challenges being posed by rivals and enemy nations. The speech was telecast live to the nation and to half a million men deployed along the border and waiting in a state of full readiness in strike corps concentration areas, following a major terrorist strike that led to the breakdown of diplomatic relations.

As the Chief walked across to join foreign diplomats and other guests for tea, his military attache (MA) received a message on his secure cellular phone that the Command Information and Decision Support System had gone on the blink since 0945 hours and that the systems engineers were working furiously to get it operational again. The MA decided to keep the news to himself for the time being and posted an aide-de-camp to keep in touch with the Military Operations Directorate at the Army Headquarters.

1030 to 1115 hours
A series of seemingly unrelated and unprecedented events shook the nation’s security, information, financial, trade, communications and transportation infrastructure. At 1030 hours, the finance minister and RBI governor were informed that the master control network that facilitates inter-bank operations including the use of ATMs had collapsed and no business could be transacted. The computers were automatically crediting and debiting millions of rupees from one account to another. At 1040 hours, the RBI governor gave permission to shut down the banking network and go into manual mode.

At 1045 hours, screen-based online trading systems at the NSE and BSE malfunctioned; circuit breakers automatically halted further trading till the fault could be rectified. The engineers suspected that a ‘logic bomb’ that had been set to activate at a predetermined time had ‘exploded’. Chaotic scenes were witnessed inside and outside the two exchanges.

At 1050 hours, the national network linking all air traffic controls began generating false tracks and had to be shut down. Controllers at Palam airport switched to manual control to assist flights circling overhead to land; take-offs and other operations were suspended.

At 1100 hours, the telecom minister was informed that the computers controlling the telephone networks were behaving erratically and that all telephone and videophone calls, fax and email messages and telegrams were being corrupted and directed to wrong destinations; software engineers were analysing the problem. At 1115 hours, his permission was sought to shut down the nation’s telecom networks and to implement the contingency scheme to provide limited emergency services on standby circuits so that the computer virus suspected to have zapped the automatic electronic switching stations could be isolated and purged from the system.

1130 hours
At 1130 hours, the National Security Adviser (NSA) told the Prime Minister of the large-scale cyber crisis that was spreading across the country. At the same time, the Cabinet Secretary authorised the activation of the national emergency communications system and convened a meeting of the National Crisis Management Committee (NCMC). Members of the committee, mostly secretaries to the government of India, who could be reached, were asked to rush to the South Block.

Suddenly, without warning, the Railways telecom and traffic control networks stopped responding to commands and electronic routers went on the blink, throwing into jeopardy the fate of thousands of passenger trains and goods trains hurtling over the rails. About five years before, a certain Left-leaning railway minister had prevailed on the empowered GoM to permit the installation of Chinese routers and switches; some of these were among the first to malfunction. The chairman of the Railway Board reluctantly ordered all trains to be manually stopped at the next station. The order, however, could not be conveyed to many of the smaller stations.

Soon, the Defence Communications Network, named Trishul, the armed forces command and control and communications network began spewing meaningless gibberish on all control console screens despite the best encryption system having been incorporated. The link between the Joint Operations Planning Centre of the Chief of Defence Staff and missile control and launch centres for the Agni I, II and III missile brigades broke down. Contingency communications plans based on the newly-laid OFC automatically began to operate.

Simultaneously, the National Power Grid began to trip and the lights went out one by one in all the north Indian states. The defence minister, who was formulating strategy for the next round of elections at his party headquarters in Secunderabad, could be reached only by VSAT satellite phone, courtesy an MNC providing commercial service over the Iridium satellite network. He was informed about the seamless crisis enveloping the nation and the armed forces. Around this time, the Master Control Facility at the Bhopal satellite centre reported that a massive cyber-attack had been launched on its computer network, but the firewall held. But links to the Gagan series of indigenous satellites that provided GPS navigation were disrupted.

At 1145 hours, from inside his cosy jail cell in his home country, the enemy commander starts tweeting about the attack. The tweets begin trending across the world and on Facebook, Tumblr, Google+, Pinterest and other social networking sites within seconds. It was soon being widely reported by CNN, BBC and other international news channels.

1200 hours
The PM called for an emergency meeting of the Cabinet Committee on Security (CCS). The members of the CCS moved as per SOP by helicopter from the Air Force Station, Palam, to the underground National Command Post outside Delhi. Due to the communications breakdown, only half the members could be reached initially. The NCMC launched a damage limitation exercise in accordance with contingency plans, except that the complete breakdown of normal communications considerably slowed down the execution of approved responses.

Even as the NSA stood up to commence his briefing to the CCS regarding the origin and the magnitude of the ongoing crisis, the extent of damage, the effect on national vital interests, the immediate vulnerabilities, the political, diplomatic and military options to deal with the emerging situation and his tentative recommendations, news came in that the newly-installed, ultra-modern Air Defence Ground Environment

System of the IAF crashed, rendering the nation’s air defences prone to a virtually undetectable air offensive by the adversary. Air Defence fighter aircraft of the IAF were scrambled immediately and the forward airfields went into ‘runway alert’ mode.

It was in a sombre mood that the top brass of the nation’s security planning apparatus, including the Chief of Defence Staff, the three Services Chiefs and their Directors General of Operations heard a visibly embarrassed NSA, also India’s Cyber Tsar, outline the contours of the unprecedented pre-emptive cyber-offensive launched by a wily and ruthless adversary. Clearly, the nation had been caught off guard as the adversary exhibited an unanticipated ability to wage war without a shot being fired. The cyber offensive launched against India was the electronic equivalent of the Pearl Harbour attack.

Besides conflict at land, sea, in the air and in space, one of the primary dimensions of future wars will be the cyberspace medium linking computers and information networks. Such wars in the fourth dimension have come to be known as ‘cyberwars’. In the coming decades, the ability to wage war in cyberspace is likely to acquire a deterrent value that rates between the threat of a conventional military attack and a nuclear strike. The strategic landscape has changed forever, somewhat like when nuclear weapons first appeared on the scene in 1945.

Regardless of what term is used to describe this new war-form of the future, it is clear that an information and knowledge driven new type of war-form has emerged and its manifold nuances and far-reaching implications need to be studied and analysed in detail so as to formulate a viable national-level strategy to defend against it as well as wage it successfully.

While much will change in the mega-media age, cyberwars will not be “remote, bloodless, sterile or risk-free.” There will be a marked reliance on knowledge and information. The aim will be to dislocate, paralyse and incapacitate the opposing commanders’ minds to force the adversary to capitulate without fighting. The results which are likely to be achieved will be decisive and out of all proportion to the effort applied.

However, fundamental military revolutions, particularly evolutionary ones, require detailed analysis, thorough study and meticulous experimentation before they can be absorbed into the doctrinal lexicon and implemented at the functional level. If India is to avoid the frightening hypothetical scenario outlined here, the time to begin the odyssey on the road to cyberwars is now.

By Gurmeet Kanwal
The author is former director, Centre for Land Warfare Studies, New Delhi

Get live Share Market updates and latest India News and business news on Financial Express. Download Financial Express App for latest business news.

Most Read In Opinion