Cyber warfare has revolutionised contemporary warfare beyond traditional direct military engagements by using non-kinetic means to achieve defined military objectives. It plays a critical role, from intercepting enemy communications to degrading critical infrastructures. Moreover, cyberwarfare provides cost-effective, covert, prompt, and discreet responses to an adversary’s provocation and also retains the ability to influence cross-domain operations. The Indian military, recognising these advantages, has consistently made efforts to augment its capabilities by adhering to the prerequisites required to operate in cyberspace. These pursuits in the cyber domain pose a threat to Pakistan, given Indian history of persistently conducting cyberattacks against the country’s cyber infrastructure.
Within the Indian Armed Forces, the Army remains at the forefront of adaptation to cyber warfare. Last year, the Indian army raised new cyber units called ‘Command Cyber Operations and Support Wings (CCOSW)’. Moreover, to hire skilled human resources, the Indian army conducted a maiden hackathon in 2021, which lasted three consecutive months. The hackathon included participants from across India, whose numbers exceeded 15,000, demonstrating various skills, such as offensive cyber operations, coding, and intercepting encrypted communications. Similarly, the Indian Air Force (IAF) and the Indian Navy are also working to strengthen their cyber capabilities.
While most of these efforts remain shrouded in secrecy, statements from respective service chiefs indicate that significant progress has been made in the cyber domain. For instance, the present IAF chief V.R. Chaudhari publicly announced the importance of cyber capability by stating that the IAF considers cyber operations an integral part of modern military operations and works constantly to enhance its cyber capabilities.
Moreover, to enhance inter-service synergy and efficacy in cyber warfare, the Indian Ministry of Defence announced the establishment of the Defense Cyber Agency in 2018. The agency became operational in 2021, primarily providing specialised training to military personnel, formulating a new doctrine, and conducting defensive and offensive cyber operations. In addition, the military wanted a dedicated command that could initiate swift and decisive responses to sudden provocations in the cyber realm. On the operational side, the Agency conducts regular exercises in which all stakeholders are engaged in cyber activities to gauge their resilience to cyber-attacks. One such endeavour was ‘Exercise Cyber Suraksha – 2024’ in May to achieve a robust and common cyber posture.
Likewise, more recently on 18th June, the military unveiled its maiden Joint Doctrine for Cyberspace Operations. The new framework is a key document because it aims to amalgamate each service’s cyber warfighting capabilities in the future. The release of the doctrine is a continuation of India’s attempts to consolidate its cyber prowess under one roof to enhance operational effectiveness.
India is also actively engaged in boosting its indigenous cyber capabilities by signing multiple cyber partnerships with various countries, including the United States, Japan, United Kingdom, Israel, Russia, Japan, Australia, and France. The focus of these partnerships is providing cyber training, transferring knowledge, and collaborations with Indian law enforcement and military services.
Publicly available information also indicates that India has built sophisticated cyber warfare skills with a specific focus on targeting Pakistan. Its ‘Advanced Persistent Threats’ (APT) groups, including the SideWinder, Bahamut, and PatchWork, have targeted key domestic government organisations in recent years. Moreover, Indian cyber teams are targeting web traffic in Pakistan. In 2020, a cyber team tried to hack Pakistan’s military and civilian government official’s cellular and computer devices. Actions to disrupt and hack Pakistan’s state machinery are likely to expand in the future, necessitating appropriate protective measures.
Pakistan has undertaken concrete measures to address such cyber threats. Notably, the establishment of a Computer Emergency Response Team (CERT) marked a significant step in countering cyber-attacks. The CERT initiative is designed to protect the country’s critical infrastructure from offensive cyber actions and to identify and mitigate existing vulnerabilities, thereby enhancing the nation’s cybersecurity posture.
The Indian military is expected to continue enhancing its warfighting capabilities and spearheading cyber-attacks against Pakistan. This necessitates that Pakistan not only improves its cyber capabilities but also develops and maintains robust ‘cyber deterrence’ to prevent India from initiating cyber-attacks. This can be accomplished by increasing the capacity of the national CERT team to counter threats and strengthen cyber security, as well as creating cyber awareness among personnel working in government institutions. Importantly, Pakistan also needs to set up a dedicated national cyber command to improve and synergise its response, making it more effective and efficient.
Usman Haider is a Research Assistant at the Centre for Aerospace & Security Studies (CASS), Islamabad, Pakistan. He can be reached at cass.thinkers@casstt.com.
