Line Of No Control: Not The Ladakh Border, India Remains Most Vulnerable To China In Cyber Domain

Analysis By: Ria Deval

India’s tensions with China extend far beyond the Line of Actual Control (LAC). One source of tension often overlooked exists inside the cyber domain.

As Taliban Seizes Power, China Poised To Make ‘Big Gains’ In Afghanistan

The Covid-19 pandemic has provided new platforms for cyber-attacks to impede India. The scale and frequency of these attacks are on the rise. 2020 saw an increase in attacks from China, likely as a result of the June 2020 Galwan Valley skirmishes between Indian and Chinese troops on Line of Actual Control, the de facto border shared by the two neighbors.

​​Most notably, among other high-profile cyber-attacks, Chinese state-sponsored cyber-criminals have seemed to launch attacks against Mumbai’s power grid system and Air India. Regarding the power grid attack, India’s Ministry of Power confirmed that it was aware of a Chinese cyber campaign to use malware to target India’s power network.

Indian Army and Chinese PLA disengage in eastern Ladakh, in February 2019. (Pic: Indian Army)

The power ministry was responding to a report released by a private cybersecurity firm, Recorded Future, which observed a large increase in suspected targeted intrusion activity against Indian organizations from Chinese state-sponsored groups. Regarding the Air India Incident, Group-IB’s Threat Intelligence team attributed the incident with moderate confidence to the Chinese nation-state threat actor known as APT41.

India’s Snail-Paced Response Mechanism

The Indian government has made no attempt to counter and has been slow at addressing overall cyber vulnerabilities. At the Munich Security Conference in 2012, the key takeaway was that India needs to get serious about strengthening its cyber systems. In 2013, the Ministry of Information and Communications Technology released the first National Cyber Security Policy.

This document highlighted one of India’s diplomatic goals: developing bilateral and multilateral cyber-security relationships. However, nothing new has been released since. Other than some inconsistent statements by government leaders, there have been no promising signs of these attempts materializing.

Image is for representational purposes only. (via

Not only is the Indian government failing in the cyber domain, but the country is suffering from a large amount of brain drain, making it difficult for them to develop a strong cadre of cyber actors domestically.

A report by Georgetown University evaluated India’s Artificial Intelligence capabilities, concluding that India produces almost twice as many master’s level engineering graduates as the United States, second only to China. However, India’s lack of post-university job opportunities results in students fleeing to work in other countries. New Delhi has done little to nothing to prevent this.

So, how can India enhance its cybersecurity? What India lacks in terms of resources and expertise currently can be partially offset through international partnerships.

Why India Needs To Rope In The US

To effectively counter this increase in activity against Indian networks, the Indian government can partner with Washington to support and facilitate programs to educate and train portions of India’s population and help enhance the cyber talent gap in the country.

While other cyber powers, such as Japan and France, also have the capabilities to assist India, the US can offer more. During the Reagan era, Indian-Americans working for defense contracting firms and the tech industry encouraged greater relations between India and the US. Since then, there are now 4.2 million people of Indian origin residing in the US.

In 2020 alone, India received 83 billion dollars in remittances from the US and this number has been dramatically rising in the last decade. These ties and the technological strengths of the US are a logical base upon which to build.

Although India’s government has been slow in addressing these cyber issues, India’s private sector has taken a much more active role. Non-profit organizations, such as the Data Security Council of India (DSCI), have undertaken capacity-building projects with a focus on training and certification, including for the government sector. The Indian government, with help from the US, can harness this private sector innovation to recruit young scholars and enhance the nation’s cyber domain.

QUAD Recognizes Cyber-Threats

For the past few years, India has maintained a strategic interest in using cyber as one key component of its bilateral security relationship with the US. Most recently, the March 12 QUAD Leaders’ Joint Statement highlighted cyberspace as a shared challenge between the member states. However, the last discussions of bilateral cybersecurity cooperation took shape during the Obama administration.

The countries built a list of shared principles and overarching ideas for cooperation to develop a strategic framework of the US-India cybersecurity relationship. While this framework is coherent and elaborate, the challenge remains the ability to follow through with their vision.

Image is for representational purposes only. (via

The framework simply comprises a series of documents that define the best practices to manage a plethora of cybersecurity risks; it does not include any substantive measures that could be taken to mitigate these risks. Consequently, to take the first steps, New Delhi should partner with Washington to establish a working group that can accelerate the process of countering India’s rise in cyberattacks.

India should install a fast-track mechanism to expedite the changes that it needs to make for cooperation with the US. While the Indian government’s bureaucracy often slows its advance in taking action, this concept is not new to them.

In September 2016, India ordered an emergency purchase of 36 Rafale jets from France in a deal worth Rs. 59,000 crores ($8.2 billion) as a response to increased Chinese attacks. France acted on a “special request” by the Indian Air Force. With the dramatic rise in cyberattacks in the past year, cybersecurity must receive the same immediate attention.

By providing incentives to tech companies, the Indian government, in accordance with the US can foster public-private cooperation while simultaneously setting India up for long-term success. One such public-private option is to stand up the long-discussed Track 1.5 Dialogue on Strategic and Commercial Interests of the Cyber Domain held in Washington, D.C. in 2015.

India’s cyber vulnerabilities present a serious national security risk for the future. Washington has the resources and tools necessary to help India stand alone in the region. India should recognize that it shares many of the same concerns and interests with the West, and thus embrace partnering with like-minded democracies to defend and retaliate against the rising cyberattacks.

— Written by Ria Deval

(The author is a student at George Washington University with a major in International Affairs. She is a current intern at the Near East South Asia (NESA) Center for Strategic Studies, a regional center for the United States Department of Defense, and a former intern with the Embassy of Jordan in Washington, DC.)