According to their latest reports, China intensified cyberattacks during the 2020 Galwan Valley clashes.
When the clashes took place on the Indian-Chinese border, cyberattacks took place and infiltrated power stations in India.
In the past two years, we have seen 60 break-ins in India by a range of actors from the Chinese Ministry of State Security and the People’s Liberation Army targeting the government, defense and telecommunications. We zeroed out the exact locations of a Chinese cyber unit in Xinjiang Province, and after we put them on a map and published, there were strong rejection from the Chinese government.
China has targeted the United States and stolen not only intellectual property but defense technology as well. But after the U.S.-China agreement in 2015 that no government would support or conduct intellectual property theft and follow proper norms of government behavior in cyberspace, China shifted focus and India ended up in his crosshairs.
Do you work with the Indian government?
Yes. We love working with India and looking for the government. We found Chinese hackers targeting the media, healthcare, defense, telecommunications, energy and other critical infrastructure. The hackers are also trying to create databases of soldiers and journalists by stealing their information while searching for targets that can be recruited as spies. We have notified the Indian authorities of a number of attacks in advance.
Is India transparent in recognizing its cyber vulnerabilities?
Until ten years ago, the US did the same. It denied everything, but over time people have learned the benefit of disclosure. Joe Biden’s new government directive states that any violation must be reported within 48 hours.
India could have a similar law at some point. The best information security officer is the one who comes out and says this is the problem and shares the incident which can then become information for the rest of the world.
Does India need to build more cyber defense capabilities?
India is disproportionately strong in information technology, but less invested in security. India can catch up as it doesn’t have to work from zero, it just has to divert some money into collateral. If you look at America, the Department of Homeland Security is very open right now, using social media to talk about cyber threats (like the rampant ransomware attacks in the healthcare sector or the cyber attacks during the 2016 elections) and there is so much collaboration between the NSA that FBI and those who want to work on site. India can do the same.
Another challenge India may face soon is that Indian companies operate a large number of IT supply chains. When there is a problem, there are a million questions to worry customers. We are impressed with the efforts made by Indian outsourcing companies and we are confident that they will fill the gaps.