Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

12/29/2020
10:00 AM
Mike Hamilton
Mike Hamilton
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
0%
100%

India: A Growing Cybersecurity Threat

Geopolitical tensions and a dramatic rise in offensive and defensive cyber capabilities lead India to join Iran, Russia, China, and North Korea as a top nation-state adversary.

With geopolitical tensions against the United States continuing to heat up, a new cyber superpower and formidable adversary is quickly emerging to join Iran, Russia, China, and North Korea as a top nation-state adversary: India.

Geopolitical Factors Boost India's Cyber-Threat Activity
India's cyber capabilities are growing, at least partially in reaction to activities across the border in China. The rise of China and its apparent expansionist activity is likely to motivate Indian actors with varying levels of state support to act. This provides fertile ground for the development of national offensive cyber capabilities and crime.

Related Content:

Navigating the Security Maze in a New Era of Cyberthreats

The Changing Face of Threat Intelligence

10 Ways Device Identifiers Can Spot a Cybercriminal

Diplomatic relations between India and China are at a low point, with troops fighting along the border in the western Himalayas in mid-2020. China is also considering a plan to construct dams on a section of the Brahmaputra river, which could cause downstream water shortages through Bangladesh.

At the same time, unemployment in India as a result of the COVID-19 pandemic has created a very large population of technically skilled people in need of income. Reports indicate that this has caused an uptick in cybercrime from India — presumably from the younger, tech-educated population.

India has also banned over 200 Chinese apps over security concerns, both to curtail surveillance activity and to make its digital sovereignty clear. This confluence of drivers has created patriotic and profit incentives, and the "bench" of technically adept actors is enormous. In addition, an emergent Indian initiative to provide technical education to 400,000 young people in poverty will assuredly have an amplifying effect.

What to Expect From India's Cyber Capabilities and Defenses
We should initially expect more domestic cybercrime in India as non-state actors build skills and tool sets. There has already been a noticeable uptick in cybercrime accompanying online shopping for Indian festivals, and it's likely that a growing fraction of that activity is domestic.

At the state level, we should expect that the Indian government will follow the lead of the United States and now the United Kingdom in the "defend forward" doctrine of acting in advance to disable threats that are supported by high-confidence intelligence. One indication of this was a recent revision to the Foreign Trade Act, which now includes a prohibition on exporting "software specially designed or modified for the conduct of military cyber operations."

Further, as the Indian and Chinese space programs gain ground, we should expect space to be much more contested in terms of satellite jamming, position spoofing, and potentially kinetic space operations. Beidou, China's competitor to the US GPS constellation, is already the preferred positioning system for 165 countries, and the exposure this creates has not gone unnoticed.

Finally, India will undoubtedly be developing defensive capabilities to counter the "new normal" of autonomous kinetic delivery vehicles — basically, drones with bombs. These are being increasingly used around the world, and without electronic or cyber countermeasures in place, there are few ways to mitigate the effects of robotic combat.

How India Compares With Other Adversaries
Today, India is regarded more as a victim than an aggressor of cybercrime and espionage. Compared with other developed nations, India's offensive cyber capabilities are nascent — but the motivating factor of an aggressive and expansionist adversary combined with a very large population educated in technology suggests it won't be long before the country catches up, potentially with key allies' help. Indeed, a recent report ranking China as the No. 2 country in terms of global cyber power has India's attention and likely provides an accelerant for developing offensive capabilities.

Ultimately, the rise of India's offensive cyber capabilities may be good for the global balance of power; it may become a catalyst for bringing countries to the table to develop norms and enforcement methods. In the short term, the last thing we need are more criminals. India would be wise to consider how intertwined these two outcomes are and plan accordingly.

One of CI Security's Founders, Mike Hamilton has worked in InfoSec for 30 years in every sector and in every imaginable role. Michael has 30 years of experience in information security as a practitioner, consultant, executive, and entrepreneur. As former Chief Information ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-12512
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting
CVE-2020-12513
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.
CVE-2020-12514
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd
CVE-2020-12525
PUBLISHED: 2021-01-22
M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x is vulnerable to deserialization of untrusted data in its project storage.
CVE-2020-12511
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a Cross-Site Request Forgery (CSRF) in the web interface.