Abstract
With the second-largest Internet user base and a leading Information and Communications Technology industry, India has quickly adopted digital technologies to emerge as a major actor in the global cyberspace. This thrust on digital and information technologies is accompanied by a rapid expansion of cyberthreats such as malware attacks, data breaches and cyber-enabled espionage operations. While there has been no major disruptive cyber-attack, India has faced multiple attacks from China and Pakistan—two countries with which it is locked in protracted border disputes. These two sources of threat are joined by non-state actors such as organised hacking syndicates and terrorist groups which have used the cyberspace to target Indian interests. This paper broadly examines the sources and nature of India’s cyberthreats. It also reviews the government’s policy measures to counter these threats. The paper argues that in tackling these threats, India maintains a precarious balance between its commitment to a liberal multi-stakeholder order in the cyberspace and the pressure to protect its national security interests.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Baezner, M. (2018). Regional rivalry between India Pakistan: Tit-for-tat in cyberspace. Risk and Resilience Team Center for Security Studies (CSS), ETH Zürich. https://www.researchgate.net/profile/Marie-Baezner/publication/326866504_Regional_rivalry_between_India-Pakistan_tit-for-tat_in_cyberspace/links/5b6985fd299bf14c6d950724/Regional-rivalry-between-India-Pakistan-tit-for-tat-in-cyberspace.pdf.
Balasubramanian, D. (2013). Sixty years of IT in India. The Hindu. https://www.thehindu.com/sci-tech/science/sixty-years-of-it-in-india/article4435223.ece.
Basu, A. (2019). India’s role in global cyber policy formulation. Lawfare. https://www.lawfareblog.com/indias-role-global-cyber-policy-formulation.
Bhardwaj, S. (2013). Security in cyberspace: India’s multilateral efforts. In W. P. S. Sidhu, Pr. B. Mehta, & B. Jones (Eds.), Shaping the emerging world: India and the multilateral order (pp. 217–236). Brookings Institution Press.
Chakravarti, A. (2021). Data of 100 million credit, debit cardholders leaked on dark web. India Today. https://www.indiatoday.in/technology/news/story/-data-of-100-million-credit-debit-cardholders-leaked-on-dark-web-1755570-2021-01-04.
Cosmos Bank. (n.d.). Official press release regarding the unfortunate attack on the Indian banking sector. Retrieved Sep 20, 2018, from https://www.cosmosbank.com/press-release/.
Department of Justice. (2013). Criminal complaint against Ross William Ulbricht. https://www.cs.columbia.edu/~smb/UlbrichtCriminalComplaint.pdf.
Department of Justice. (2018). North Korean regime-backed programmer charged with conspiracy to conduct multiple cyber attacks and intrusions. https://www.justice.gov/opa/pr/north-korean-regime-backed-programmer-charged-conspiracy-conduct-multiple-cyber-attacks-and.
Dingledine, R., Mathewson, N., & Syverson, P. (2004). Tor: The second-generation onion router. SSYM’04: Proceedings of the 13th Conference on USENIX Security Symposium 13. https://www.usenix.org/legacy/publications/library/proceedings/sec04/tech/full_papers/dingledine/dingledine.pdf.
DQI Bureau. (2003). India’s first ‘Nigeria 419’ case registered. Dataquest. https://www.dqindia.com/india-s-first-nigeria-419-case-registered/.
Ebert, H. (2020). Hacked IT superpower: How India secures its cyberspace as a rising digital democracy. India Review, 19(4), 376–413.
Economic Times. (2019). Tracing dark web crimes a big challenge for Kerala police. Economic Times. https://government.economictimes.indiatimes.com/news/secure-india/tracing-dark-web-crimes-a-big-challenge-for-kerala-police/71258534.
FireEye. (n.d.). APT38: Un-usual Suspects. Retrieved May 21, 2019, from https://content.fireeye.com/apt/rpt-apt38.
Fitter, P. (2012). Stuxnet attack wakes India up to threat to critical infrastructure. India Today. http://indiatoday.intoday.in/story/stuxnet-cyber-war-critical-infrastructure-of-india-ntro/1/216107.html.
Gopakumar, G., & D’Monte, L. (2017). How Union Bank was hacked and got its money back. LiveMint. https://www.livemint.com/Industry/xuBJNapRGBrtl05iEAvsYO/How-Union-Bank-was-hacked-and-got-its-money-back.html.
Government of Jammu and Kashmir. (2020). Temporary suspension of Telecom Services-directions reg. http://jkhome.nic.in/28(TSTS)of2020.pdf.
Greenwald, G., & Saxena, S. (2013). India among top targets of spying by NSA. The Hindu. http://www.thehindu.com/news/national/india-among-top-targets-of-spying-by-nsa/article5157526.ece.
Hegel, T. (2021). A global perspective of the sidewinder APT. https://cybersecurity.att.com/blogs/labs-research/a-global-perspective-of-the-sidewinder-apt.
Hitachi. (2017). Hitachi, final investigation report completed; Hitachi payment services suffered breach due to sophisticated malware attack in mid-2016. https://www.hitachi-payments.com/src/HPY%20Press%20Release_V9.pdf.
Hohmann, M., Pirang, A., & Benner, T. (2017). Advancing cybersecurity capacity building: Implementing a principle-based approach. Global Public Policy Institute. https://www.gppi.net/media/Hohmann__Pirang__Benner__2017__Advancing_Cybersecurity_Capacity_Building.pdf.
ICANN. (2015). Indian government declares support for multistakeholder model of internet governance at ICANN53. https://www.icann.org/resources/press-material/release-2015-06-22-en.
Insikt Group. (2021). China-linked group RedEcho targets the Indian power sector amid heightened border tensions. https://www.recordedfuture.com/redecho-targeting-indian-power-sector/.
ITU. (1999). Consultations get under way for world summit on information society. ITU News, 4. http://www.itu.int/itunews/issue/1999/04/index.html.
Kushner, D. (2013). The real story of Stuxnet. IEEE Spectrum. https://spectrum.ieee.org/telecom/security/the-real-story-of-stuxnet.
Leyden, J. (2021). Indian cyber-espionage activity rising amid growing rivalry with China, Pakistan. https://portswigger.net/daily-swig/indian-cyber-espionage-activity-rising-amid-growing-rivalry-with-china-pakistan.
McGuinness, D. (2017). How a cyber attack transformed Estonia. BBC. https://www.bbc.com/news/39655415.
Ministry of Home Affairs. (n.d.). Details about Indian cybercrime coordination centre (I4C) Scheme. Retrieved August 19, 2020, from https://www.mha.gov.in/division_of_mha/cyber-and-information-security-cis-division/Details-about-Indian-Cybercrime-Coordination-Centre-I4C-Scheme.
Naren, N. (2020). Two decades of the information technology act, 2000: Way forward. The Daily Guardian. https://thedailyguardian.com/two-decades-of-the-information-technology-act-2000-way-forward/.
National Payments Corporation of India. (2020a). Statement pertaining to press reports on debit card compromise. https://www.npci.org.in/PDF/npci/press-releases/2016/Statementpertainingtopressreportsondebitcardcompromise.pdf.
National Payments Corporation of India. (2020b). RuPay product overview. RuPay Product Overview. https://www.npci.org.in/what-we-do/rupay/product-overview.
Patil, S. (2014). India’s vulnerable SCADA systems. https://www.gatewayhouse.in/indias-vulnerable-scada-systems/.
Patil, S. (2018a). Punjab’s unshakable drug smuggling networks. https://www.gatewayhouse.in/punjabs-drug-smuggling/.
Patil, S. (2018b). India’s lead on cyber space governance. https://www.gatewayhouse.in/india-cyber-space-governance/.
Patil, S. (2019a). Partnering for prosperity: India-Canada collaboration to curb digital black markets (No. 2; Canada-India Track 1.5 Dialogue). https://www.gatewayhouse.in/wp-content/uploads/2019/02/Canada-India-Paper-no-2_0.pdf.
Patil, S. (2019b). Pakistan’s cyber propaganda: Fake news and social media.
Patil, S., & Chakraborty, S. (2019). A cybersecurity agenda for India’s digital payment systems (No. 20). https://www.gatewayhouse.in/wp-content/uploads/2019/10/Digital-Payments_FINAL.pdf.
Press Information Bureau. (2019). Raksha Mantri Reviews Defence Cooperation Mechanism. https://pib.gov.in/Pressreleaseshare.aspx?PRID=1573610.
PTI. (2020a). Access to internet is a fundamental right, rules Supreme Court. The Hindu. https://www.thehindubusinessline.com/news/right-to-access-internet-is-a-fundamental-right-rules-supreme-court/article30531490.ece.
PTI. (2020b). Sabotage suspected in Mumbai power outage: Nitin Raut, energy minister. https://economictimes.indiatimes.com/news/politics-and-nation/sabotage-suspected-in-mumbai-power-outage-nitin-raut-energy-minister/articleshow/78656392.cms.
Rajaraman, V. (2012). History of computing in India (1955–2010). IEEE Computer Society.
Ramani, S. (2011). Bringing the Internet to India. In M. Rao & O. Manzar (Eds.), NetCh@kra: 15 years of internet in India, retrospect and roadmaps (pp. 47–62). Digital Empowerment Foundation.
Rao, P. (2016). Online radicalisation: The example of Burhan Wani. Manohar Parrikar institute for defence studies and analyses. https://idsa.in/issuebrief/online-radicalisation-burhan-wani_prao_160716.
Reserve Bank of India. (n.d.). Payment and settlement systems in India: Journey in the second decade of the millennium. Retrieved Feb 27, 2021, from https://rbidocs.rbi.org.in/rdocs/Publications/PDFs/PSSBOOKLET93D3AEFDEAF14044BC1BB36662C41A8C.PDF.
Reserve Bank of India. (2016). Cyber security framework in banks. https://www.rbi.org.in/scripts/BS_CircularIndexDisplay.aspx?Id=10435.
Reuters. (2021, March 1). Chinese hackers target India’s serum institute, Bharat Biotech: Report. NDTV.
Scott-Railton, J., Hulcoop, A., Bahr, A. R., Marczak, B., Anstis, S., & Deibert, R. (2020). Dark Basin: Uncovering a massive hack-for-hire operation. Citizen Lab. https://citizenlab.ca/2020/06/dark-basin-uncovering-a-massive-hack-for-hire-operation/.
Shah, K., & Kaul, A. (2020). Indian government’s 2G restrictions in Kashmir fail to curb online extremism. Observer Research Foundation. https://www.orfonline.org/research/indian-governments-2g-restrictions-in-kashmir-fail-to-curb-online-extremism-66861/.
Sinha, J. (2020). Delhi: 21-year-old drug dealer operating through the ‘dark web’ arrested. The Indian Express. https://indianexpress.com/article/cities/delhi/21-yr-old-drug-dealer-operating-through-the-dark-web-arrested-6259629/.
Software Freedom Law Centre. (n.d.). Longest Shutdowns. Retrieved Feb 27, 2021, from https://internetshutdowns.in/.
Ultrascan Advanced Global Investigations. (2013). 419 Advance fee fraud statistics 2013. https://www.ultrascan-agi.com/public_html/html/pdf_files/Pre-Release-419_Advance_Fee_Fraud_Statistics_2013-July-10-2014-NOT-FINAL-1.pdf.
UNI. (2000, August 9). IT Act to come into force from Aug 15. Refiff.Com. https://www.rediff.com/business/2000/aug/09itact.htm.
United Nations Security Council. (2019). Report of the panel of experts established pursuant to resolution 1874. https://www.undocs.org/S/2019/171.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this chapter
Cite this chapter
Patil, S. (2022). India’s Cyber Security Landscape. In: Behera, A., Mishra, S. (eds) Varying Dimensions of India’s National Security. India Studies in Business and Economics. Springer, Singapore. https://doi.org/10.1007/978-981-16-7593-5_6
Download citation
DOI: https://doi.org/10.1007/978-981-16-7593-5_6
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-7592-8
Online ISBN: 978-981-16-7593-5
eBook Packages: Political Science and International StudiesPolitical Science and International Studies (R0)