Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

12/29/2020
10:00 AM
Mike Hamilton
Mike Hamilton
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
0%
100%

India: A Growing Cybersecurity Threat

Geopolitical tensions and a dramatic rise in offensive and defensive cyber capabilities lead India to join Iran, Russia, China, and North Korea as a top nation-state adversary.

With geopolitical tensions against the United States continuing to heat up, a new cyber superpower and formidable adversary is quickly emerging to join Iran, Russia, China, and North Korea as a top nation-state adversary: India.

Geopolitical Factors Boost India's Cyber-Threat Activity
India's cyber capabilities are growing, at least partially in reaction to activities across the border in China. The rise of China and its apparent expansionist activity is likely to motivate Indian actors with varying levels of state support to act. This provides fertile ground for the development of national offensive cyber capabilities and crime.

Related Content:

Navigating the Security Maze in a New Era of Cyberthreats

The Changing Face of Threat Intelligence

10 Ways Device Identifiers Can Spot a Cybercriminal

Diplomatic relations between India and China are at a low point, with troops fighting along the border in the western Himalayas in mid-2020. China is also considering a plan to construct dams on a section of the Brahmaputra river, which could cause downstream water shortages through Bangladesh.

At the same time, unemployment in India as a result of the COVID-19 pandemic has created a very large population of technically skilled people in need of income. Reports indicate that this has caused an uptick in cybercrime from India — presumably from the younger, tech-educated population.

India has also banned over 200 Chinese apps over security concerns, both to curtail surveillance activity and to make its digital sovereignty clear. This confluence of drivers has created patriotic and profit incentives, and the "bench" of technically adept actors is enormous. In addition, an emergent Indian initiative to provide technical education to 400,000 young people in poverty will assuredly have an amplifying effect.

What to Expect From India's Cyber Capabilities and Defenses
We should initially expect more domestic cybercrime in India as non-state actors build skills and tool sets. There has already been a noticeable uptick in cybercrime accompanying online shopping for Indian festivals, and it's likely that a growing fraction of that activity is domestic.

At the state level, we should expect that the Indian government will follow the lead of the United States and now the United Kingdom in the "defend forward" doctrine of acting in advance to disable threats that are supported by high-confidence intelligence. One indication of this was a recent revision to the Foreign Trade Act, which now includes a prohibition on exporting "software specially designed or modified for the conduct of military cyber operations."

Further, as the Indian and Chinese space programs gain ground, we should expect space to be much more contested in terms of satellite jamming, position spoofing, and potentially kinetic space operations. Beidou, China's competitor to the US GPS constellation, is already the preferred positioning system for 165 countries, and the exposure this creates has not gone unnoticed.

Finally, India will undoubtedly be developing defensive capabilities to counter the "new normal" of autonomous kinetic delivery vehicles — basically, drones with bombs. These are being increasingly used around the world, and without electronic or cyber countermeasures in place, there are few ways to mitigate the effects of robotic combat.

How India Compares With Other Adversaries
Today, India is regarded more as a victim than an aggressor of cybercrime and espionage. Compared with other developed nations, India's offensive cyber capabilities are nascent — but the motivating factor of an aggressive and expansionist adversary combined with a very large population educated in technology suggests it won't be long before the country catches up, potentially with key allies' help. Indeed, a recent report ranking China as the No. 2 country in terms of global cyber power has India's attention and likely provides an accelerant for developing offensive capabilities.

Ultimately, the rise of India's offensive cyber capabilities may be good for the global balance of power; it may become a catalyst for bringing countries to the table to develop norms and enforcement methods. In the short term, the last thing we need are more criminals. India would be wise to consider how intertwined these two outcomes are and plan accordingly.

One of CI Security's Founders, Mike Hamilton has worked in InfoSec for 30 years in every sector and in every imaginable role. Michael has 30 years of experience in information security as a practitioner, consultant, executive, and entrepreneur. As former Chief Information ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27132
PUBLISHED: 2021-02-27
SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header.
CVE-2021-25284
PUBLISHED: 2021-02-27
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
CVE-2021-3144
PUBLISHED: 2021-02-27
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
CVE-2021-3148
PUBLISHED: 2021-02-27
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
CVE-2021-3151
PUBLISHED: 2021-02-27
i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__M...