Arecent report by Malwarebytes Labs claims that their threat intelligence team was able to obtain insights into the operations of the Indian cyber group called Patchwork APT, due to the threat actor accidentally infecting itself with a novel variant of its own BADNEWS Remote Administration Trojan (RAT) malware. Patchwork APT is known to conduct cyberattacks against India’s strategic adversaries such as Pakistan and China. The episode brings to light a change in India’s modus operandi in cyberspace given that this seems to be the first time it has targeted molecular medicine and biological science faculty, but more importantly demonstrates the increasing salience of Indian private threat actors in conducting offensive cyber operations.
The increasing role of private groups in India’s cybersecurity architecture must be viewed in light of India’s attempts to counter China’s immense offensive cyber capabilities. India has been characterised as a third-tier cyber power in a country wise cyber capabilities assessment last year. However, the Indian government is attempting to bridge the capability gap with China rapidly by inter alia increasingly outsourcing offensive cybersecurity roles to private players. It comes as no coincidence, therefore, to hear Chinese state-run media crying foul over rising cyberattacks conducted by suspected Indian threat actors such as Sidewinder and You Xiang (‘baby elephant’ in English) over the last couple of years.
It is also noteworthy that the coronavirus pandemic-driven digital transformation of the Indian economy has spurred massive expansion of the country’s cybersecurity product industry, which has almost doubled its revenue from $5 billion in 2019 to nearly $10 billion in 2021. While this provides the correct foundation for India’s private sector to lead the development of India’s offensive cyber capabilities, a two-pronged approach is necessary for any meaningful capability enhancement.
First, Indian private players need to step up to the arena when it comes to focused pursuit of cyber offensive capabilities, reflected not only in statements of intent and MoUs, but in terms of significant investments. Sizeable allocations toward acquiring complex and advanced cyber weapons and tools are a must if India is to establish any meaningful level of deterrence vis-à-vis its adversaries in cyberspace.
Second, training in conducting offensive cyber operations must be offered by mainstream education institutes – both public and private – to create a capable pool of cyber warriors. An example of one such commendable venture is an online cyber university, led by BIT Sindri alumnus Professor Ramji Prasad, which aims to educate aspiring Indian technocrats on variegated aspects of cybersecurity and offensive cyber operations in particular.
The implications of India’s emergence as a cyber power, via secular diffusion of cyber capabilities across a vibrant private sector, would likely benefit the global power balance and catalyse international efforts at developing cyber regulations and enforcement mechanisms. This would contrast sharply with the destabilising nature of cyber offensive capability enhancements in the hands of authoritarian regimes such as the Chinese Communist Party.
India’s private sector has the potential to provide its adversaries ample food for thought even now, a case in point being the manner in which an Indian geolocation mobile application popular in Pakistan rattled the Pakistan government after it was accused of stealing user data. In the long run, however, India would need its private sector to spearhead its offensive cyber capabilities if it is to have any hope of catching up with adversaries like China.
- By Prof. Aditya Bhan, Faculty of Economics