Dispatches 24/05/2023
Abu Hurrairah Abbasi works as a Researcher with the Arms Control and Disarmament Center at the Institute of Strategic Studies Islamabad and is a graduate student of International Relations from the School of Politics and International Relations, Quaid-i-Azam University, Islamabad. His research interests include the Politics of South Asia, Emerging Technologies, and Non-Traditional Security threats. He can be reached at abuhurrairahah@gmail.com
Saher Liaqat works as a Researcher with China-Pakistan Study Centre at the Institute of Strategic Studies Islamabad and is a graduate student of International Relations from the School of Politics and International Relations, Quaid-i-Azam University, Islamabad. She is also working with China Study Centre at COMSATS University, Islamabad. Her areas of interest include the International Politics of China, the Politics of South Asia, and Non-Traditional Security threats. She can be reached at saherliaqat2000@gmail.com
The advent of modern technologies has revolutionized the conventional warfare and threat spectrum in the 21st century. It has presented the digital frontier as a new domain of national security trepidations. Until present, cyber warfare has generally been observed and examined in the context of state-on-state disputes, whereby one state employs digital technology to intentionally disrupt, modify, diminish, or annihilate the technology, information, and communication systems (ICT) of another for political, strategic, or military objectives.
The utilization of digital technologies has facilitated state practices to become more efficient, cost-effective, largely imperceptible, and highly deniable. The proliferation of cybernetics in India and Pakistan is increasing exponentially. As per the data provided by the World Bank, the proportion of internet users in Pakistan was 10% of the total population in 2014. However, this figure has increased to 25% as of 2020. India had a 14% user base in 2014, which significantly increased to 43% in 2020. The proliferation of cyberspace has necessitated a heightened focus on cultivating a robust cybersecurity culture, wherein states must ensure the security of their data and privacy.
Cyber skirmishes have become an accepted component of contemporary hybrid clashes, with countries asserting their digital prowess against one another. Despite nuclear deterrence as a balancing act in South Asia facilitating strategic stability, cybersecurity has emerged as a more inconspicuous threat in the contemporary age. The militarization of cyberspace is accelerating the proliferation of cyber-arms culture in South Asia.
India and Pakistan, two nuclear powerhouses and long-standing rivals, view the opportunity to target the other’s cyberspace as a potential advantage. Increasingly frequent cyberattacks of minor severity and scope, such as the growth of digital vandalism and narrative propagation on social media platforms, are becoming more commonplace between the two neighboring countries. Reports show that both Pakistani and Indian hacktivists and patriotic hackers have been the pioneers in utilizing cyberspace to launch aggression against each other. They could employ known vulnerabilities to attack websites that have not been updated with the latest security patches. Targeting government websites reflects their political motivations and suggests a desire to ensure their activities are noticed. Moreover, Advanced Persistent Threats (APTs) from both sides, primarily expected to be juxtaposed with the official state, have been engaged in cyberespionage operations with open-source malware transmitted via spear phishing emails or watering holes attacks.
In recent years, India has taken steps to augment its defensive and offensive cyber warfare capabilities. India’s ambitions of military modernization by inculcating cutting-edge, disruptive technologies into its military doctrine for an operational pompous is of critical concern for Pakistan. With overtly recognized assaults varying from IT, banking, firms, transport, utility, and government, Pakistan’s nuclear and other critical installations are more susceptible to cyberattacks. Both countries have seen persistent cyberattacks over the last decade, albeit on a low scale.
A proxy cyber war by rival intelligence agencies of Pakistan and India, known as the first Indo-Pak cyber war on the Internet, between the “Indian Cyber Army” and “Pakistan Cyber Army” was waged on 26th November 2010, when ICA attacked 870 Pakistani websites. Since then, various events, such as terrorist attacks or scuffles on the Line of Control, have prompted vandalism campaigns from both rival countries. The two sides face several incidences of website defacements, primarily on special days such as Independence Days and commemoration centenaries. They have demonstrated increased activity in reaction to Indian hacking incidents and response to certain occurrences in Kashmir and Jammu.
Specifically, after the abrogation of Articles 370 and 35A from the Indian constitution, a consistent surge in cyberattacks has been observed on both sides of the border. In 2019, it was reported that some high-ranking Pakistani officials’ cell phones were purportedly hacked for surveillance. An exploit of the popular social media app “WhatsApp” was conducted by the Israeli spyware company, the NSO Group, utilizing malware named ‘Pegasus.’In the same year, an Indian group used the Target Collision hijacking technique to launch an attack on Pakistan Navy. The popular APT group “Rattlesnake” carried out this attack, intending to steal confidential information from the military networks while replacing it with misleading documents.
Moreover, in 2021, Pakistan’s tax collection agency suffered a cyber security liability due to un-updated Microsoft Hyper-V software. According to the revealed facts, in this attack on the FBR data center, despite not being able to manipulate the system entirely, the hackers stole the private information of taxpayers and momentarily ceased FBR’s activities for 72 hours.
Nevertheless, most of the cyber-activities examined in Indo-Pak enmity demonstrates that despite using ingenious cyber tools, the APTs of both arch-rivals succeeded in pilfering information to accomplish their strategic goals.
The rapidly advancing Indian offensive cyber capabilities and its strategic cooperation with the US and Israel threaten Pakistan’s cybersecurity. At the 9th Annual International Cybersecurity Conference, Israeli PM Benjamin Netanyahu expressed his ambitions of making Israel the top five cybersecurity powers globally. Israel has been investing in cybersecurity more proportionally than any other country.
India’s “TechSar” working with Israeli specialists presents a significant concern for Pakistan, as India can trace Pakistan’s vital devices and conventional military organizations. Indian policymakers are also looking forward to the Talpiot training program of Israel, known for bringing up experts who support the R&D and cybersecurity efforts of the Israeli military.
The 2021 International Institute for Strategic Studies (IISS) report states, “India’s offensive cyber potential is ‘Pakistan-focused’ and ‘regionally effective.’” Moreover, to offset its shortcomings by acquiring upgraded modern capabilities, India is collaborating with international partners, most notably the United States of America. IISS 2021 report shows that despite South Asia’s “geo-strategic instability” and “keen awareness” of the cyber-related threats, “India has made only modest progress in developing a cybersecurity policy.” Moreover, the report shows that despite having good cyber intelligence reach in the region, India heavily depends on its allies, including the US, for comprehensive insight. Given this, India’s strategic collaboration with its pertinent allies greatly concerns Pakistan’s national and economic security. It has the potential to proliferate a cyber-arms culture between the two states.
Indo-Pak cyber warfare has redefined the nature of warfare in South Asia by introducing new threat perceptions in the political and military realm, which poses the region with a greater risk of warfare than conventional threats.
On a regional front, a cyberattack on critical infrastructure can trigger broader implications for regional security, potentially destabilizing neighboring countries and creating a regional security crisis. The use of cyberattacks can cause a rapid escalation of tensions between the two main actors, India, and Pakistan. Moreover, a major cyberattack might lead to severe consequences for critical infrastructure such as power grids, telecommunications networks, and financial institutions that can cause widespread disruption, affecting millions of people and businesses across the region. Nonetheless, both countries must work towards developing a framework for responsible behavior in cyberspace and establish clear rules of engagement to prevent escalation of the conflict to ensure regional peace and stability.
Disclaimer: The views expressed in the article are of the author and do not necessarily represent the institute’s policy.