Cyber Warfare And Information Security For India – Analysis
By Asif Ahmed
“The defence forces on their part have adopted information warfare doctrines, which include infosec as a vital element. There is a growing partnership between defence and private industry to evolve IT security solutions for the defence information infrastructure….As defence reliance on commercial off the shelf technology (COTS) grows, the dilemma of selecting an appropriate vendor has been to a large extent addressed by the CII [Confederation of Indian Industry] online defence directory—a web-based listing of Indian software vendors working on defence related systems and applications.” – Lt. Commander Prashant Bakshi, “Security Implications of a Wired India: Challenges Ahead” Strategic Analysis, April 2001
Introduction
Security analysts are predicting that 2013 is when nation-sponsored cyber warfare goes mainstream — and some think such attacks will lead to actual deaths. In 2012, large-scale cyber attacks targeted at the Iranian government were uncovered, and in return, Iran is believed to have launched massive attacks aimed at U.S. banks and Saudi oil companies. At least 12 of the world’s 15 largest military powers are currently building cyber warfare programs, according to James Lewis, a cyber security expert at the Center for Strategic and International Studies. So a cyber Cold War is already in progress. But some security companies believe that battle will become even more heated this year. The U.S. has already put would-be attackers on notice. Defense Secretary Leon Panetta said recently that the United States reserves the right to use military force against a nation that launches a cyber attack on the country.
Even if hackers aren’t capable of killing with a cyber attack, there is no doubt that they’ve become more destructive1. Cyber attacks pose more than a theoretical challenge to the Indian government’s day-to-day national security agenda due to the intrusions and web defacements experienced after New Delhi’s nuclear weapons test and in the confrontation with Pakistan over Kashmir. The Indian authorities announced a shift in military doctrine in 1998 to embrace electronic warfare and information operations.
An IT roadmap, enumerating a comprehensive ten year plan, was published. In the framework of the roadmap, the government has granted permission for closer government/industry cooperation to leverage the output of India’s world-class IT software industry. In addition, a new National Defense University and Defense Intelligence Agency (DIA) have been established. According to journalistic accounts, the armed forces plan to establish an information warfare agency within the DIA with responsibility for cyber war, psychological operations, and electromagnetic and sound wave technologies2.
Cyber security is a complex issue that cuts across multiple domains and calls for multi-dimensional, multilayered initiatives and responses. It has proved a challenge for governments because different domains are typically administered through siloed ministries and departments. The task is made all the more difficult by the inchoate and diffuse nature of the threats and the inability to frame an adequate response in the absence of tangible perpetrators. The rapidity in the development of information technology (IT) and the relative ease with which applications can be commercialised has seen the use of cyberspace expand dramatically in its brief existence. From its initial avatar as an NW (network) created by academics for the use of the military, it has now become a global social and economic and communications platform.
The increasing centrality of cyberspace to human existence is exemplified by facts and figures brought out recently by the International Telecommunications Union (ITU), according to which the number of Internet users has doubled between 2005 and 2010 and surpasses two billion. Users are connecting through a range of devices from the personal computer (PC) to the mobile phone, and using the Internet for a variety of purposes from communication to e-commerce, to data storage. The rise in the Internet population has meant that while the threats and vulnerabilities inherent to the Internet and cyberspace might have remained more or less the same as before, the probability of disruption has grown apace with the rise in the number of users.
While such disruptions are yet to cause permanent or grievous damage worldwide, they serve as a wake-up call to the authorities concerned to initiate measures to improve the security and stability of cyberspace in terms of their own security. Governments are constrained in their responses by pressures exerted by politico-military-national security actors at one end and economic-civil society actors at the other3. In our research, we found that experts employ diverse definitions of cyber warfare, depending on the weight or emphasis accorded to various actions, actors, and intent. We attempted to minimize the all-encompassing and academically confusing expression “information warfare” to describe electronic attacks.
In this document, we also eschew other terms, such as information operations, electronic warfare, “hacktivism”, information disruption, or cyber terrorism. In each of these terms there exists a common link to cyber activities, yet each term is different enough to not entirely capture or mostly miss the definition of cyber warfare4. As stated at the outset, cyber warfare, involves units organized along nation-state boundaries, in offensive and defensive operations, using computers to attack other computers or networks through electronic means. In the future, if not already common practice, individual cyber warfare units will likely execute through the wires attacks against targets in a cooperative and simultaneous manner. The overall intent is to seek advantage over an adversary by compromising the integrity, confidentiality, or availability of a computing device.
Internet Governance – Challenges and Constraints
The success of the Internet has partly been attributed to its relative openness and low barriers (including minimal security features) to entry. However, the same openness, while allowing companies to flourish, has also facilitated those with malicious intent to operate with relative ease. The origins of the Internet can be traced back to the attempts by the Defense Advanced Research Projects Agency (DARPA) of the US Department of Defense to create a communications NW that would survive a nuclear exchange between the two superpowers of the time. It was subsequently used by academia as a means of communicating and collaborating on research projects.
The uniqueness of the Internet in being an open structure with few barriers to entry is the outcome of the circumstances in which it was conceptualised and a result of the worldview of its initial champions. Though a military project, its very nature of being a communications project plus the fact that it was quickly adopted by academics as a means of collaboration led to a quick crossover to the civilian domain. The fact that the technology did not belong to any one company saw the implementation of standards for its various protocols, which was responsible for continuing innovation and improvements of its capabilities.
In the early stages of development of the Internet, much of the task of developing cyberspace was in the hands of line organisations such as the Department of Information Technology (DIT) at the national level or the ITU at the international level, and other expert bodies. While these organisations were competent in their own right, they were unable to bring a holistic perspective to the issue, given their domain-specific focus on issues. This also resulted in fragmented approaches to cyber security, dictated by different requirements and priorities at different points in time.
Among the many institutions that came up and have endured are the Internet Engineering Task Force (IETF), set up in 1986. It comprised a number of experts on various aspects of the Internet who worked through a cooperative consensus-based decision-making process. The Internet Corporation for Assigned Names and Numbers (ICANN) was created in 1998 on similar principles to manage the Domain Name System (DNS), another key infrastructure of the Internet. Most of the ICANN’s powers and functions were devolved to it by the US government, which hitherto controlled DNS. The multistakeholder approach to discussing the development of the Internet that was institutionalised though these organisations was further carried forward in the UN-sponsored series of conferences beginning with the World Summits on the Information Society held in 2003 and 2005, and ultimately resulting in the Internet Governance Forum (IGF), convened by and reporting to the UN Secretary General.
The US has had a major influence on the development of cyberspace by virtue of the fact that much of the initial infrastructure and use was centered in that country and it continues to be a major force in its development and use. The US has thus been in a position to fend off periodic attempts to challenge its supremacy, and those times when it has been forced to shed some of its control, as in the case of ICANN, it has done so very reluctantly. Though it has been a participant in multilateral fora, the United States’ agenda invariably has been to ensure that its dominant position is not disturbed. More recently, approaches to cyberspace have taken on ideological hues, with countries ultimately seeking to gain effective control over deciding the form and shape of cyberspace within their national boundaries.
The jockeying for influence to impact Internet governance issues has seen increased activity in recent times. Most of these have taken place at the multilateral level, with countries forming coalitions and introducing resolutions at multilateral fora. While Russia has been introducing resolutions on cyber security at the United Nations since 1998, it recently joined hands with China, Tajikistan and Uzbekistan to introduce an “International Code of Conduct for Information Security” (ICCIS). Some of the clauses within this resolution have been criticised as an attempt to increase control over content and information in the guise of securing cyberspace. Proposals by the IBSA forum (India, Brazil, South Africa) have also been seen with similar scepticism.
One of the unstated goals of the recent Cyber Security Summit held by the British government would be seen as an effort on the part of the advanced economies to regain the initiative in drawing up norms for cyberspace that highlight core Western values5. Policies such as the New Internet Policy of 1998 paved the way for multiple Internet service providers (ISPs) and saw the Internet user base grow from 1.4 million in 1999 to over 15 million by 2003. Though the rate of growth has slowed subsequently, with Internet users now approximately numbering 100 million, exponential growth is again expected as Internet access increasingly shifts to mobile phones and tablets, with the government making a determined push to increase broadband penetration from its present level of about 6%. The target for broadband is 160 million households by 2016 under the National Broadband Plan6.
The Indian Cyberspace Scenario
The National Informatics Centre (NIC) was set up as early as 1975 with the goal of providing IT solutions to the government. Between 1986 and 1988, three N/Ws (networks) were set up: INDONET, connecting the IBM mainframe installations that made up India’s computer infrastructure; NICNET (the NIC Network), being a nationwide very small aperture terminal (VSAT) N/W for public sector organisations as well as to connect the central government with the state governments and district administrations; and the Education and Research Network (ERNET), to serve the academic and research communities. Policies such as the New Internet Policy of 1998 paved the way for multiple Internet service providers (ISPs) and saw the Internet user base grow from 1.4 million in 1999 to over 15 million by 2003. Though the rate of growth has slowed subsequently, with Internet users now approximately numbering 100 million, exponential growth is again expected as Internet access increasingly shifts to mobile phones and tablets, with the government making a determined push to increase broadband penetration from its present level of about 6%.The target for broadband is 160 million households by 2016 under the National Broadband Plan.
Despite the low numbers in relation to the population, Indians have been active users of the Internet across various segments. The two top email providers, Gmail and Yahoo, had over 34 million users registered from India7. Similar figures have also been seen in the social networking arena, which is the most recent entrant to the cyber platform. India currently has the fastest growing user base for Facebook and Twitter, the two top social networking sites. An indication of the rapid pace of adaptation to the Internet in India is that Indian Railways, India’s top e-commerce retailer, saw its online sales go up from 19 million tickets in 2008 to 44 million in 2009, with a value of Rs. 3800 crore ($875 million)
8.Cyber Threats
Cyber threats can be disaggregated, based on the perpetrators and their motives, into four baskets: cyber espionage, cyber terrorism, cyber crime and cyber warfare.
Cyber Crime
Cyber terrorism
Cyber Espionage
Cyber warfare
Cyber attackers use numerous vulnerabilities in cyberspace to commit these acts. They exploit the weaknesses in software and hardware design through the use of malware. DOSS attacks are used to overwhelm the targeted websites. Hacking is a common way of piercing the defences of protected computer systems and interfering with their functioning. Identity theft is also common. The scope and nature of threats and vulnerabilities is multiplying with every passing day.
Cyber Crime
The increasing online population has proved a happy hunting ground for cyber criminals, with losses due to cyber crime being in billions of dollars worldwide. While other countries are reporting enormous losses to cyber crime, as well as threats to enterprises and critical information infrastructure (CII), there are hardly any such reports coming out of India other than those relating to cyber espionage. Though the report of the National Crime Records Bureau (NCRB) for 2010 reported an increase of 50% in cyber crime over the previous year, the numbers were quite small in absolute terms. The total number of cases registered across various categories was 698; but these low numbers could be because cyber laws have proved ineffective in the face of the complex issues thrown up by Internet. As a case in point, though the cyber crimes unit of the Bengaluru Police receives over 200 complaints every year, statistics show that only 10% have been solved; a majority of these are yet to be even tried in the courts; and the cases that did reach the courts are yet to reach a verdict since the perpetrators usually reside in third countries.
Even though the Information Technology Act (IT Act) 2000 confers extraterritorial jurisdiction on Indian courts and empowers them to take cognisance of offences committed outside India even by foreign nationals provided “that such offence involves a computer, computer system or computer network located in India”, this has so far existed only on paper. Similarly, there are relatively few reports of Indian companies suffering cyber security breaches of the sort reported elsewhere. Companies attribute this to the primacy placed on information assurance in the outsourcing business. Industry bodies such as the National Association of Software and Services Companies (NASSCOM) also attribute this to the fact that they have been at the forefront of spreading information security awareness amongst their constituents, with initiatives such as the establishment of the Data Security Council of India (DSCI) and the National Skills Registry. The Indian government has also aided these initiatives in a variety of ways, including deputing a senior police officer to NASSCOM to work on cyber security issues, keeping the needs of the outsourcing industry in mind. That said, cyberspace is increasingly being used for various criminal activities and different types of cyber crimes, causing huge financial losses to both businesses and individuals. Organised crime mafia has been drawn to cyberspace, and this is being reflected in cyber crimes gradually shifting from random attacks to direct (targeted) attacks. A cyber underground economy is flourishing, based on an ecosystem facilitated by exploitation of zero-day vulnerabilities, attack tool kits and botnets. The vast amounts of money lubricating this ecosystem is leading to increased sophistication of malicious codes such as worms and Trojans.
The creation of sophisticated information-stealing malware is facilitated by toolkits such as ZueS, which are sold on Internet for a few thousands of dollars. At the other extreme, components of critical infrastructure such as Programmable Logic Control (PLC) and Supervisory Control and Data Acquisition (SCADA) systems were targeted by the Stuxnet malware that attacked supposedly secure Iranian nuclear facilities. Stuxnet exploited five distinct zero-day vulnerabilities in desktop systems, apart from vulnerabilities in PLC systems, and exposed the grave threat to critical infrastructure such as nuclear plants and other critical infrastructure. Cyber criminals are using innovative social engineering techniques through spam, phishing and social networking sites to steal sensitive user information to conduct various crimes, ranging from abuse to financial frauds to cyber espionage.
While large enterprises are ploughing more resources into digital security, it is the small enterprises and individuals that are falling prey to cyber crime, as evinced by the increasing number of complaints on consumer complaint forums. The low levels of computer security are also apparent in recurring statistics that show that India is the third-largest generator of spam worldwide, accounting for 35% of spam zombies and 11% of phishing hosts in the Asia-Pacific-Japan region. Over 6,000,000 computers were part of both NWs. India ranked first in the Asia-Pacific region and contributed 21% to the regional total. A continuing trend for Internet users in India was that of the threat landscape being heavily infested with worms and viruses. The percentage of worms and viruses in India was significantly higher than the Asia-Pacific regional average. According to CERT-In, India sees an average of 788 bot-infected computers per day. With regard to web-based attacks, India has seen a significant increase and has ranked seventh, with 3% of the world attacks, and second in the Asia-Pacific region.
Cyber terrorism
Cyberspace has been used as a conduit for planning terrorist attacks, for recruitment of sympathisers, or as a new arena for attacks in pursuit of the terrorists’ political and social objectives. Terrorists have been known to have used cyberspace for communication, command and control, propaganda, recruitment, training, and funding purposes. From that perspective, the challenge of non-state actors to national security is extremely grave. The shadowy world of the terrorist takes on even murkier dimensions in cyberspace where anonymity and lack of attribution are a given. The government has taken a number of measures to counter the use of cyberspace for terrorist-related activities, especially in the aftermath of the terrorist attack in Mumbai in November 2008.
Parliament passed amendments to the IT Act, with added emphasis on cyber terrorism and cyber crime, with a number of amendments to existing sections and the addition of new sections, taking into account these threats. Further actions include the passing of rules such as the Information Technology (Guidelines for Cyber Cafe) Rules, 2011 under the umbrella of the IT Act. In doing so, the government has had to walk a fine balance between the fundamental rights to privacy under the Indian Constitution and national security requirements. While cyber hactivism cannot quite be placed in the same class, many of its characteristics place it squarely in the realm of cyber terrorism both in terms of methods and end goals.
Cyber Espionage
Instances of cyber espionage are becoming quite common, with regular reports of thousands of megabytes of data and intellectual property worth millions being exfiltrated from the websites and NWs of both government and private enterprises. While government websites and NWs in India have been breached, the private sector claims that it has not been similarly affected. It may also be that theft of intellectual property from private enterprises is not an issue here because R&D expenditure in India is only 0.7% of GDP, with government expenditure accounting for 70% of that figure. Companies are also reluctant to disclose any attacks and exfiltration of data, both because they could be held liable by their clients and also because they may suffer a resultant loss of confidence of the public. As far as infiltration of government NWs and computers is concerned, cyber espionage has all but made the Official Secrets Act, 1923 redundant, with even the computers in the Prime Minister’s Office being accessed, according to reports.
The multiplicity of malevolent actors, ranging from state-sponsored to hactivists, makes attribution difficult; governments currently can only establish measures and protocols to ensure confidentiality, integrity and availability (CIA) of data. Law enforcement and intelligence agencies have asked their governments for legal and operational backing in their efforts to secure sensitive networks, and to go on the offensive against cyber spies and cyber criminals who are often acting in tandem with each other, and probably with state backing. Offence is not necessarily the best form of defence in the case of cyber security, as seen in the continued instances of servers of the various government departments being hacked and documents exfiltrated.
Cyber Warfare
There is no agreed definition of cyber warfare but it has been noticed that states may be attacking the information systems of other countries for espionage and for disrupting their critical infrastructure. Mainly, it refers to politically motivated hacking to conduct sabotage and espionage. It is a form of information warfare sometimes seen as analogous to conventional warfare although this analogy is controversial for both its accuracy and its political motivation. The attacks on the websites of Estonia in 2007 and of Georgia in 2008 have been widely reported. Although there is no clinching evidence of the involvement of a state in these attacks, it is widely held that in these attacks, non-state actors (e.g. hackers) may have been used by state actors. Since these cyber attacks, the issue of cyber warfare has assumed urgency in the global media. The US has moved swiftly and set up a cyber command within the Strategic Forces Command and revised its military doctrine.
In the latest official military doctrine, the US has declared cyberspace to be the fifth dimension of warfare after land, air, oceans and space, and reserved the right to take all actions in response, including military strikes, to respond to cyber attacks against it. It is almost certain that other countries will also respond by adopting similar military doctrines. The issue whether cyber attacks can be termed as acts of warfare and whether international law on warfare applies to cyber warfare is being hotly debated.
Multilateral discussions are veering around to debating whether there should be rules of behaviour for state actors in cyberspace. The issue becomes extremely complicated because attacks in cyberspace cannot be attributed to an identifiable person and the attacks traverse several computer systems located in multiple countries. The concept of cyber deterrence is also being debated but it is not clear whether cyber deterrence can hold in cyberspace, given the easy involvement of non-state actors and lack of attribution. There is, however, ongoing debate between those who believe that cyber warfare is over-hyped and those who believe that the world is heading towards a cyber Armageddon. Both sides have valid arguments, but even as that debate continues, cyber warfare as a construct has become inevitable because the number of countries that are setting up cyber commands is steadily growing.
These commands have been accompanied by efforts at developing applicable military doctrines. There is, therefore, a pressing need to think about norms for cyber warfare, whether the laws of armed conflict (LOAC) can be adapted to cyber warfare, and how principles like proportionality and neutrality play out in the cyber domain. Current rules of collective security such as Article 41 of the UN Charter and Chapter 7 are found wanting in the context of cyber warfare, particularly when it comes to the rapidity of cyber attacks, and the inordinate time it takes for decision making and action under these rules9.
The Need to be Prepared for Cyber War
The growing threat of cyber warfare has not been well appreciated or sufficiently understood. Cyber warfare is a term that has been loosely used to describe almost all events in cyberspace, irrespective of perpetrator, motive or scale. Cyber warfare forms a part of Information War (IW), which extends to every form of media, and inter alia includes aspects of propaganda and perception management. Cyberspace, though technically restricted to the Internet, is now increasingly linked by convergence to every communication device. With greater connectivity, this divide is narrowing and every citizen or aspect of life is vulnerable. It is also an important constituent of NCW.
The cyber realm, like the universe, is expanding and it is estimated that by 2015 there will be almost double the number of devices connected to the Internet as there are people. The scope for exploitation by inimical elements, ranging from mischievous hackers, to criminals, terrorists, non-state actors as also nation states, is thus unlimited. The damage could be immense and many countries are pressing ahead and taking steps to build capabilities and capacities for defending themselves, as also taking offensive action in cyberspace.
The United States was the first country to formally declare this as the fifth domain warfare after land, sea, air and space. It has also formally classified the use of cyberspace as a “force”, a euphemism for offensive capability. The Chinese adopted the concept of “informationalisation” in the mid-1990s and have relentlessly built up structures and operations in this domain. Consequent to the raising of the US Cyber Command (USCYBERCOM), South Korea followed with the creation of a Cyber Warfare Command in December 2009. This was also in response to North Korea’s creation of cyber warfare units. The British Government Communications Headquarters (GCHQ) has begun preparing a cyber force, as also France. The Russians have actively been pursuing cyber warfare. In 2010 China overtly introduced its first department dedicated to defensive cyber warfare and information security in response to the creation of USCYBERCOM.
The race is thus on. India is a target. There have been numerous incidents of sensitive government and military computers being attacked by unknown entities and information being stolen. A group, which called itself the Pakistan Cyber Army, hacked the Central Bureau of Investigation website in December 2010. Further mocking India’s cyber security the same group of hackers raided the Bharat Sanchar Nigam Limited website a few months later. Earlier this year, Pakistan-based hacker groups hacked 112 Indian websites in a span of three months leaving India red-faced. The panic that spread after the Assam violence because of images uploaded from Pakistan that caused thousands of people from the northeast to flee Bengaluru is a matter of grave concern. However, little has been done to put the national cyber security policy in place.
Union Home Secretary has accused websites in Pakistan of spreading false rumors and that investigators had found that most of the websites used images of people killed in cyclones and earthquakes and passed them off as Muslims killed in violence earlier this year to spread fear of revenge attacks. This clearly is the biggest instance of cyber warfare on India in recent times and the threat continues not only from Pakistan but also from China. While China looks to snoop into important defence information, Pakistan on the other hand defaces Indian websites and uses Indian networks to spread hatred via cyber space.
The greatest threat comes from the Pakistan Cyber Army and from a group called the Team_H4tr!ck, which have been largely responsible for hacking Indian websites. Both these groups in the past have hacked the BSNL website and claimed to have gained access to users’ information, which included names, e-mail addresses, phone numbers and location details. Investigators had pointed out then that the database that they managed to collect could have been used for subversive activities. Pakistan has engaged in a cyber war since 1998 and since then created many groups to hack into websites of developing nations especially India. There have been several attempts by Pakistani hackers to hack into the Bhabha Atomic Research Centre website. Groups such as the armyinkashmir, Pakistan G Force, Pakistan Cyber Army, Pakistan Hackers Club have targeted nearly 500 websites while Indian hacker groups have made 40 such attempts.
Moreover, social media today is a favourite tool of terror groups to spread jihad. Recently, investigations into the Indian Mujahideen and its activities revealed that encrypted messages have been passed on through social media. The IM during the Delhi blasts used networking sites to create fake accounts. Not only did they share information between each other but also managed to conduct a recruitment drive. During this investigation, it was also found that the IM had been using lesser-known websites to communicate. According to experts, the National Cyber Security Policy is not fully in place. In addition to this, our servers are vulnerable. Moreover, Pakistan-based hackers are completely funded by its intelligence and unlike their counterparts in India they are fully protected. There has been a lot of intelligence regarding Pakistan groups using the social media and other websites to create panic. It was in this context that the Rs 800-crore National Cyber Coordination Committee was mooted. The NCCC will monitor content on social media and pass on information to intelligence agencies. Experts however feel that these are organisations are controlled by the government and this would lead to red-tapism. Although India does have a cyber army, many feel that they need more patronage from the government.
The frequency and intensity of such episodes is increasing. There is enough evidence to suggest that this is the action of nation states either directly or through proxies. There have also been cases of offensive action such as reports of shutting down of power systems. Such attacks on critical infrastructure either singly or in multiples are of serious concern, especially with respect to national security. The draft National Cyber Security Policy (NCSP) mainly covers defensive and response measures and makes no mention of the need to develop offensive capacity. This is a must if we are to ensure capability for self-defence granted under Article 51 of the UN Charter.
This leads to the question: what is cyber warfare?
In the absence of a formal definition of cyber warfare, we may define it as “actions by a nation-state or its proxies to penetrate another nation’s computers or networks for the purposes of espionage, causing damage or disruption”. These hostile actions against a computer system or NW can take two forms: cyber exploitation and cyber attacks. Cyber exploitation is in a manner nondestructive and includes espionage. It is usually clandestine and is conducted with the smallest possible intervention that allows extraction of the information sought. It does not seek to disturb the normal functioning of a computer system or NW. The best cyber exploitation is one that a user never notices. These are silent and ongoing, and as mentioned earlier, have shown an upward trend. Cyber attacks on the other hand are destructive in nature. These are deliberate acts of vandalism or sabotage – perhaps over an extended period of time – to alter, disrupt, deceive, degrade, or destroy an adversary’s computer systems or NWs or the information and programs resident in or transiting these systems or networks. Actors in both types of activities cover a wide range, as mentioned earlier. Of these, nation states and their proxies are of the greatest concern. For easier understanding, the domains of cyber warfare may broadly be classified as:
- Espionage and National security breaches
- Vandalism
- Sabotage
- Espionage and national security breaches
Cyber espionage is the act or practice of obtaining secrets (sensitive, proprietary or classified information) from individuals, competitors, rivals, groups, governments and enemies also for military, political, or economic advantage using illegal exploitation methods on internet, networks, software and or computers. Classified information that is not handled securely can be intercepted and even modified, making espionage possible from the other side of the world. Specific attacks on the United States have been given codenames like Titan Rain and Moonlight Maze. General Alexander notes that the recently established Cyber Command is currently trying to determine whether such activities as commercial espionage or theft of intellectual property are criminal activities or actual “breaches of national security10.”
Vandalism
Defacing web pages or use DDOS to take them down. Such actions were evident in Estonia or Georgia.
Sabotage
This has the most serious implications and includes DDOS, destruction of data, insertion of malware and logic bombs. It also encompasses actions in war such as those taken for preparation of the battlefield. Computers and satellites that coordinate other activities are vulnerable components of a system and could lead to the disruption of equipment. Compromisation of military systems, such as C4ISTAR components that are responsible for orders and communications could lead to their interception or malicious replacement. Power, water, fuel, communications, and transportation infrastructure all may be vulnerable to disruption.
According to Clarke, the civilian realm is also at risk, noting that the security breaches have already gone beyond stolen credit card numbers, and that potential targets can also include the electric power grid, trains, or the stock market. In mid July 2010, security experts discovered a malicious software program called Stuxnet that had infiltrated factory computers and had spread to plants around the world. It is considered “the first attack on critical industrial infrastructure that sits at the foundation of modern economies,” notes The New York Times11.
Denial-of-service attack
In computing, a denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users. Perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers.
Electrical power grid
The federal government of the United States admits that the electric power transmission is susceptible to cyberwarfare. The United States Department of Homeland Security works with industry to identify vulnerabilities and to help industry enhance the security of control system networks, the federal government is also working to ensure that security is built in as the next generation of “smart grid” networks are developed. In April 2009, reports surfaced that China and Russia had infiltrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national security officials. The North American Electric Reliability Corporation (NERC) has issued a public notice that warns that the electrical grid is not adequately protected from cyber attack. China denies intruding into the U.S. electrical grid. One countermeasure would be to disconnect the power grid from the Internet and run the net with droop speed control only. Massive power outages caused by a cyber attack, could disrupt the economy, distract from a simultaneous military attack, or create a national trauma.
Howard Schmidt, Cyber-Security Coordinator of the US, commented on those possibilities: It’s possible that hackers have gotten into administrative computer systems of utility companies, but says those aren’t linked to the equipment controlling the grid, at least not in developed countries. [Schmidt] has never heard that the grid itself has been hacked12.
Military
In the U.S., General Keith B. Alexander, first head of the recently formed USCYBERCOM, told the Senate Armed Services Committee that computer network warfare is evolving so rapidly that there is a “mismatch between our technical capabilities to conduct operations and the governing laws and policies. Cyber Command is the newest global combatant and its sole mission is cyberspace, outside the traditional battlefields of land, sea, air and space.” It will attempt to find and, when necessary, neutralize cyber attacks and to defend military computer network.
Alexander sketched out the broad battlefield envisioned for the computer warfare command, listing the kind of targets that his new headquarters could be ordered to attack, including “traditional battlefield prizes – command-and-control systems at military headquarters, air defense networks and weapons systems that require computers to operate13.”
One cyber warfare scenario, Cyber ShockWave, which was wargamed on the cabinet level by former administration officials, raised issues ranging from the National Guard to the power grid to the limits of statutory authority. The distributed nature of internet based attacks means that it is difficult to determine motivation and attacking party, meaning that it is unclear when a specific act should be considered an act of war. Other cyberwarfares caused from political motivations can be found worldwide. In 2008, Russia began a cyber attack to Georgian government website, which was carried out along with military operation in South Ossetia. In 2008, Chinese ‘nationalist hackers’ attacked CNN as CNN announced on Chinese repression on Tibet14.
Neighbour Countries’s Cyber War on India
India has been facing cyber warfare for a long time. In the absence of adequate cyber security in India, cyber attacks and cyber warfare are posing real danger to India. As on date, India is vulnerable to cyber warfare. As on date we have no cyber warfare policy of India. As on date we have no implementable cyber crisis management plan of India15.
In August 2010 the Indian government told its agencies to enhance their capabilities in cyber warfare. The strategy directed government agencies to develop capabilities to break into networks of unfriendly countries, set up hacker laboratories, set up a testing facility, develop countermeasures, and set up CERTs for several sectors. The agencies at the forefront of this strategy were the National Technical Research Organization, the Defense Intelligence Agency, and the Defense Research and Development Organization. Not long after the strategy was announced, India discovered a Chinese variant of the Stuxnet worm in Indian installations. India has since stepped up efforts in its offensive cyber capabilities. In December 2010 hackers from the Pakistan Cyber Army defaced India’s Central Bureau of Investigation, which was supposed to be one of the nation’s most secure websites. This attack caused the Indian government to call for increased capabilities in cyber security. The increasing focus on cyber security is evident through the planning of India’s second cyber warfare conference, which will be held in November 2011.
A government-private sector plan being overseen by National Security Advisor (NSA) Shivshankar Menon began in October 2012, and intends to beef up India’s cyber security capabilities in the light of a group of experts findings that India faces a 4.7-lakh shortfall of such experts despite the country’s reputation of being an IT and software powerhouse16.
The next generation of warfare, the cyber war, can not only disrupt data-links, electronic devices and networks, but can also create panic by use of the social media as we witnessed in the mass exodus of people of North-East from Bengaluru, Hyderbad and Pune recently. The Pakistani Military Establishment, including ISI, is frustrated with its inability to create problems in Kashmir and the lowering of intensity of insurgencies in the North-East. They feel that in spite of their best efforts, these areas are slipping out of their hands permanently.
The Pakistan Military lost major wars with India. To offset such losses, they started a proxy war through covert means with the help of export of terrorism. Despite every effort, the proxy war also appears to be failing, as India moves on. Now with the help of their Irregular Forces consisting of the jihadi groups, it has decided to create havoc with the help of internet and the social media. First, their websites culled out photographs of violence and disasters from different countries and morphed and uploaded to show violence against Muslims in Myanmar and Assam. Second, they used SMS messages through their sleeper cells in India to circulate threat to all the North-East people working in major cities like Bengaluru, Hyderabad, Pune Delhi etc. The result was that there was mass exodus from these cities due to the threat posed in these messages.
In other words, Pakistan successfully used the next generation warfare, i.e. ‘Cyber War’ and managed in creating a false perception of insecurity amongst the people from the northeast, as well as spread of disaffection. Unfortunately, the Indian intelligence agencies, the local police and the government at large were fairly clueless. The result was almost half a million people in panic left for their hometown in Assam. The government response was pathetic – it lodged a protest with Pakistan. Pakistan’s home ministry as usual, rejected the Indian protest and asked for proofs for investigations.
In the past 65 years, Pakistan has never accepted our legitimate concerns and yet New Delhi, to gain time and avoid criticism, ‘passed the buck’ once again. In peacetime, if an adversary can with ease manipulate perceptions with the help of cyber space, just imagine the danger that India faces in times of war. The fly-by-wire fighter aircrafts can be neutralized. Missiles instead of firing on the enemy can be redirected to destruct within. The electricity grids can be disrupted and that will create mayhem from hospitals to airports.
Fake orders can be passed to military units as also nuclear strategic command. The television transponders can be imposed with false news to create panic in the country. The subverted networks will bring to halt the bank transactions. The jamming of telephone lines can leave the civil government and the military blind, and the people gasping. The result will be rumors, panic, and chaos. The only successful defence in any war is offence, whether it is conventional, overt or covert or cyber war. The enemy will always use the next generation warfare, i.e. cyber war as the first instrument to neutralize us before it launches its military forces. The cyber war will be used to soften the target, just like artillery is used by the Army. Government’s policy therefore should be based on twin principles, namely that India’s cyber army should be able to defend networks, data links and electronic devices, and at the same time launch counter attack on the enemy. India fortunately boasts of a young demographic profile, which is IT savvy. Therefore, New Delhi can raise one of the best Cyber Armies in the world. The answer does not lie in shutting down the social media as demanded by many ignorant, but in wielding the weapons of the 21st century in a far superior fashion that can outwit the adversary17.
Cyber War: Fifth Domain of Warfare
The cyber warfare that this section addresses is that which is practised mainly by nation states or their proxies. The potency of this threat has compelled almost every country to develop capabilities in the cyber domain, as is the case for land, air, sea and space. According to Spy Ops, by the end of 2008 nearly 140 countries possessed varying degrees of cyber attack capabilities. In addition, an unknown number of extremist groups and non-state actors have developed or acquired cyber weapons.
Some commercially available products are flexible enough to be classified as dual purpose – security testing tools and weapons of attack. Thus some organisations have or are developing cyber weapons and cloaking them as security testing tools. All this is classified information and each nation works on its own. An assessment of cyber warfare threat matrix by the USA, which covered over 175 countries and organisations, made a watchlist in which the top ten in order of priority were: China; Russian business network; Iran; Russia tied with France; extremist/terrorist groups; Israel; North Korea; Japan; Turkey; and Pakistan. India on its growth path is vulnerable. Located in an unstable region where the larger neighbours possess this capacity, it is logical to assume that the country is under serious threat and constant attack. The impact on national security is thus serious and such that all institutions and organs of the state must jointly work to counter this challenge. In order to understand the challenge, the following issues need to be addressed:
- Coordination
- Defining Objectives and Doctrine
- Proactive Cyber Defence
- Critical Infrastructure
- Legal Provisions18
- Coordination
It is appreciated that in keeping with current needs, the Defence forces, DRDO (Defence Research and Development Organisation), NTRO (National Technical Research Organisation), CERT-In (Computer Emergency Response Team India), RAW (Research and Analysis Wing), IB (Intelligence Bureau), C-DAC (Centre for Development of Advanced Computing), Ministries, NIC (National Informatics Centre), NASSCOM (National Association of Software and Services Companies), private industry et al. have to work in concert. The impact of this on every aspect of electronic media requires a coordinated and integrated approach. Given its all encompassing nature, it also follows that control of all cyber and IW (Information Warfare) activities at the national level must fall under the purview of the NSC and controlled by its Secretariat i.e. the NSCS. Within this lead agencies for executing offensive cyber operations interalia could be the NTRO, CIDS (Chief of Integrated Defence Staff) and the DRDO.
Defining Objectives and Doctrine Application
Defining Objectives and Doctrine Application of such measures must be in accordance with clearly defined objectives that would be in keeping with customary international law and practice. The primary objective would be to garner knowledge to find how systems are breached and thus provide the ability for defensive measures to be developed and put in place. There is a further argument that it must be visible as an armour of selfdefence so as to deter an attack. While this capability will be ambiguous, subtle signals and clear definition of objectives will lend credibility. Moral arguments stand thin in the face of realities. There is therefore a need to lay down the objectives and include them in the draft NCSP (National Cyber Security Policy) or issue a doctrine in this regard.
Proactive Cyber Defence
This comprises actions taken in anticipation to prevent an attack against computers and NWs. As opposed to the current practice of passive defence, it provides a via media between purely offensive and defensive action: interdicting and disrupting an attack, or an adversary’s preparation to attack, either pre-emptively or in self-defence. Proactive cyber defence will most often require operationalising upstream security mechanisms of the telecommunications or Internet providers. The most compelling reasons for a proactive defence can be couched in terms of cost and choice. Decision-makers will have few choices after an impact, and all of them are costly to start with. Proactive defence is thus the key to mitigating operational risk. The USA had set up a Proactive Pre-emptive Operations Group (P2OG) in 2002. Such actions thus find international acceptability.
Critical Infrastructure
There is a need to prioritise and protect critical infrastructure. In the USA 18 sectors have been identified. In India’s case, the sectors of power, water supply, communications, transportation, defence and finance are vital constituents of national security. These need to be defined and suitable protection measures ensured as laid down in the IT Act. Steps to guard against threats, i.e. destructive actions or cyber exploitation will constitute a basis for research on offensive action. The electric power system merits top priority. While the risk of an attack can be reduced, it would be unrealistic to assume that an attack can be prevented. This leads to the conclusion that containment, isolation, minimising the impact, backup systems and reactivation are areas of capacity building. The debate on which agency will undertake this in India rages and begs immediate resolution. As critical infrastructure spans both the public and private domains, the organisation to ensure its protection has to be in the public realm and, in a manner, accountable.
Legal Provisions
The IT Act of 2008 covers all actions in this domain. Sections 69, 69A and 69B contain provisions for intercepting, monitoring or blocking traffic where, amongst other reasons, there is a threat to national security. Section 70A covers protection of critical infrastructure. There is a need to work within these provisions. LOAC (Laws of Armed Conflict) provide the primary legal framework within which one can analyse constraints for offensive cyber operations. Immunity for actions taken against another nation, institutions, hostile group or individual is possible if taken under LOAC or for selfdefence under Article 51 of the UN Charter. The cyber realm, with scope of non-attributable actions as also ease of deniability, provides immense scope for exploitation. The fact that there are no international cyber laws or treaties at present is also used to advantage. Offensive cyber operations by their very nature have to remain in the grey realm and restricted. Each nation would thus determine the structure best suited to its needs. However, the necessity to clearly enunciate such measures or self-defence actions in a doctrine as also the NCSP is essential for steps in this regard; it also acts as an element for deterrence. The emphasis must remain on protecting NWs, systems and users.
Controversy over terms
There is debate on whether the term “cyberwarfare” is accurate. In October 2011, for instance, the Journal of Strategic Studies, a leading journal in that field, published an article by Thomas Rid, “Cyber War Will Not Take Place.” An act of cyber war would have to be potentially lethal, instrumental, and political. Then not one single cyber offense on record constitutes an act of war on its own. Instead, all politically motivated cyber attacks, Rid argued, are merely sophisticated versions of three activities that are as old as warfare itself: sabotage, espionage, and subversion19.Howard Schmidt, an American cybersecurity expert, argued in March 2010 that “there is no cyberwar… I think that is a terrible metaphor and I think that is a terrible concept. There are no winners in that environment.” Other experts, however, believe that this type of activity already constitutes a war. The warfare analogy is often seen intended to motivate a militaristic response when that is not necessarily appropriate. Ron Deibert, of Canada’s Citizen Lab, has warned of a “militarization of cyberspace.” The European cybersecurity expert Sandro Gaycken argued for a middle position. He considers cyberwar from a legal perspective an unlikely scenario, due to the reasons lined out by Rid (and, before him, Sommer), but the situation looks different from a strategic point of view. States have to consider military-led cyber operations an attractive activity, within and without war, as they offer a large variety of cheap and risk-free options to weaken other countries and strengthen their own positions. Considered from a long-term, geostrategic perspective, cyber offensive operations can cripple whole economies, change political views, agitate conflicts within or among states, reduce their military efficiency and equalize the capacities of high-tech nations to that of low-tech nations, and use access to their critical infrastructures to blackmail them20.
Meeting the Cyber Warfare Challenge
Cyber warfare encompasses government and public and private domains. As clarified earlier, this must be coordinated by the NSCS (National Security Council Secretariat). In the USA it comes directly under the White House. Thus the need to create a Directorate or Special Wing in the NSCS for this. It would oversee and coordinate both defensive and offensive cyber operations. There is also a requirement for intimate involvement of the private sector, as they are equal, if not larger, stakeholders. Regular meetings must be held and, if needed, working groups created. Current organisations which could be tasked to take on the cyber warfare challenge include the NTRO, HQ IDS (Headquarter Integrated Defence Services), DRDO, RAW and IB. Representatives of CERT, NASSCOM, etc. will invariably be involved. Each would have to function under guidelines and through proxies. This includes:
- Raising of Cyber Command
- Territorial Army (TA) Battalions for Cyber Warfare
- Perception Management and Social Networks21
- Raising of Cyber Command
While cyber warfare is ongoing activity during peacetime, there is a dire need to develop this capacity for a warlike situation. Cyber warfare in a manner is NCW and will form an essential part of preparation of the battlefield in any future conflict. Such attacks may also precede the kinetic war. Building this capability will take time and must remain covert and ambiguous. It could also form part of the strategic deception process. This should be the responsibility of the Armed Forces (HQIDS) along with the DRDO and other experts. Detailed discussions and consultations in this regard require to be initiated. India must raise a Cyber Command. This will comprise not only the three services but personnel from the DRDO and scientific and technological community. It could work with the space command because many aspects overlap and would economise on resources. It will oversee all activities undertaken during peacetime, as also plan for offensive cyber operations as required, to include preparation of the battlefield. It must work in close concert with the NTRO. To determine the structure it would be prudent to study the mission and objectives of USCYBERCOM (US Cyber Command) as a guide. USCYBERCOM plans, coordinates, integrates, synchronises and conducts activities to: “direct the operations and defense of specified Department of Defense information NWs and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries.” The Command is charged with pulling together existing cyberspace resources, creating synergy and synchronising war-fighting effects to defend the information security environment. It comes under the Strategic Command, which also has the Space Command as a constituent. A similar structure for India could be considered, especially as the US has evolved its structure based on experience and also because it functions as an open democracy. India already has the Strategic Forces Command, which could be augmented with both Space and Cyberspace Wings. These may be of smaller size to start with, and will develop in accordance with threats and needs. Each service has its own requirements. The structure therefore has to be need-based and flexible. The various elements of this could be:
- Army, Navy and Air Force CERTs
These would monitor traffic, disseminate information, ensure remedial measures to ensure ongoing security to networks and systems. They would also in a manner be charged with protection of critical infrastructure of each service, i.e. communication backbone, power systems, high-priority networks. The structure thus envisages a Defence CERT which works in concert with each service CERT.
Intelligence and information operations
A Defence Intelligence Agency exists under HQ IDS. Its cyber and information operations elements could work with this command. Intelligence gathering is an accepted reality and cyberspace possibly provides the best scope for this as also information operations.
Defence communication NWs
Each service has its special requirements and own communication directorates. Joint operations, strategic communications as also high-security NWs need to be coordinated under HQ IDS and the proposed Cyber Command.
Cyber operations which are required for preparation of the battlefield
This again would be a tri-service organisation, with additional experts from the DRDO or any other such institution. This would include R&D.
Territorial Army (TA) Battalions for Cyber Warfare
While cyber warfare is ongoing, there are periods of heightened threat. A recent example was the Commonwealth Games, when networks were subjected to attacks. There is therefore need to create and maintain a “surge capacity” for crisis or warlike situations. Young IT professionals constitute a vast resource base and a large number would be willing to loyally serve the nation when required. This resource must be capitalised by raising of cyber warfare TA battalions similar to those for Railways and ONGC, which could be embodied when required. In addition to purely “defence” requirements these could also provide for protection of critical infrastructure.
Perception Management and Social Networks
In the current age of “democratisation” or “instant availability of information” and growth of social NWs, there is tremendous scope for perception management and manipulation of information. The year 2011 saw extensive use during the “Arab Spring” and London Riots. This media is seen as a potential tool for psychological and no-contact warfare and must form part of any offensive or defensive action. All this requires central coordination and study with respect to national security.
Capacity Building
Capacity building is vital. It must also be sustainable and of larger benefit. There is a need to create an R&D base and institutions. Growth forecasts of Internet usage, especially with e-governance, will create an employment potential for “cyber doctors” and sleuths. Just as the terrorist attack on Mumbai in November 2008 created a whole new dimension of requirement of physical security, protection of Internet usage and transactions will create millions of jobs in the near future. It will be a seller’s market for which India with its HR base must be ready. Consequently, the government must accelerate this process. Some thoughts in this regard are:
- Partnerships
- HR and R&D
- Testing and Certification
- Language Training
- Legal Capital
- Understanding Vulnerabilities
- Identification of Technologies22
Partnerships India cannot go it alone. Various past attempts have not been of much success. It has to be seen as a global issue and capacities developed.
HR and R&D DIT (Department of Information Technology) has set up the Information Security Education and Awareness (ISEA) programme with funding of Rs 100 crore. Other options which need to considered are government and public and private institutions. The Chinese models could be studied in this regard. They set up four universities for this purpose in 1999. Security of data for the BPO industry has brought up the necessity for such institutions. Talent spotting with competitions is an easy option. Programmes and competitions such as “Cyber Patriot” need to be followed up in schools and educational institutions. These could be self-financed. Army Training Command (ARTRAC), as also the other two services, must take the lead in partnership with the private sector.
Testing and Certification The outsourcing model has affected testing and certification. Hardware and HR in this regard has to be Indian. This can then be adapted for proactive defence. Steps taken by DIT need to be implemented.
Language Training HR trained in language of our potential adversaries is a must. This must be provided suitable incentives and permanence of employment.
Legal Capital Legal aspects of developing capacities, understanding use of cyberspace as a “force”, implications of the UN Charter, negotiating international laws and treaties – all of this needs trained personnel. While the legal aspects are covered in a separate section, expertise with respect to cyber warfare needs special attention.
Understanding Vulnerabilities Study of vulnerabilities both of own systems as also those of potential adversaries must be undertaken to prevent intrusion and exploit weaknesses.
Identification of Technologies There is a need to identify technologies in this regard. These should also include isolation of NWs within the country, close monitoring of gateways and backbone, identification of “zero day” vulnerabilities, protection of power grids, secure communications for defence and critical services, penetration, et al.
Efforts at prohibition of Cyberwar worldwide
The Shanghai Cooperation Organisation (members include China and Russia) defines cyberwar to include dissemination of information “harmful to the spiritual, moral and cultural spheres of other states”. In September 2011, these countries proposed to the UN Secretary General a document called “International code of conduct for information security”. The approach was not endorsed by western countries as it entailed too many hints on political censorship of the internet. In contrast, the United States’ approach focuses on physical and economic damage and injury, putting political concerns under freedom of speech. This difference of opinion has led to reluctance in the West to pursue global cyber arms control agreements23. However, American General Keith B. Alexander did endorse talks with Russia over a proposal to limit military attacks in cyberspace24. A Ukrainian professor of International Law, Alexander Merezhko, has developed a project called the International Convention on Prohibition of Cyberwar in Internet. According to this project, cyberwar is defined as the use of Internet and related technological means by one state against political, economic, technological and information sovereignty and independence of any other state. Professor Merezhko’s project suggests that the Internet ought to remain free from warfare tactics and be treated as an international landmark. He states that the Internet (cyberspace) is a “common heritage of mankind25.” The UN has urged countries to seek a “peaceful resolution” in cyberspace to avoid the threat of global cyberwar.
Conclusion
India’s armed forces have initiated a shift in military doctrine to embrace more directly offensive and defensive cyber warfare, leveraging India’s strengths in IT research and software development. India has a robust hacking network. In addition, the government has announced several operational steps, such as founding a National Defense University with a key focus on computer software, and establishing a new intelligence communication and electronic surveillance agency. In parallel with these steps, India’s traditional pre-occupation with protecting military secrets has given way to closer government/industry collaboration to keep pace with competitive challenges within the region and at the global level. New Delhi actively seeks military-technical and scientific cooperation and exchange with strategic partners such as Israel and Russia that reputedly possess exceptional cyber capabilities. In addition, there is significant open discussion relating to adoption of the Israeli model of military/industry strategic cooperation, i.e., a national software export strategy centered on product-supplier relationships and military hi-tech spin-offs. Understanding the threat of cyber warfare and developing capacity for offensive actions in this domain is a sine qua non. Nations, non-state actors, terrorist groups and individuals pose a challenge to growth, which is increasingly going to be dependent on the cyber domain. Cyber warfare will also be central to any hostile or conflict situation. Clearly defined objectives and national doctrine in this regard along with supporting structures and matching capabilities are thus inescapable. Even the prime Minister of India now acknowledged that India must be prepared to meet the challenges arising out of Internet and cyberspace. However, if this acknowledgement is just another speech for another occasion, we may not see any ground level action for another decade or more. Defending against cyber warfare requires maturity and skills and lots of patience. If India thinks that it can produce cyber warfare experts at the eleventh hour that would be a big blunder. India has to give attention to this aspect right now and then only it may be able to acquire necessary expertise in this regard after some years.
(Assistant Professor, Defence & Strategic Studies, Department of Political Science, Kurukshetra University, Kurukshetra, [email protected] )
References:
1. Nations prepare for cyber war, ByDavid Goldman@CNNMoneyTech, January 7, 2013 http://money.cnn.com/2013/01/07/technology/security/cyber-war/index.html
2. CYBER WARFARE – Institute for Security Technology Studies. www.ists.dartmouth.edu/docs/cyberwarfare.pdfSimilar
3. http://idsa.in/system/files/book_indiacybersecurity.pdf
4. For a discussion on the evolution of cyber warfare terminology see Lieutenant Colonel (ret.) Timothy L. Thomas, “Is the IW Paradigm Outdated? A Discussion of U.S. IW Theory,” Journal of Information Warfare, February/March 2003 pp. 109-116.
5. Ibid 3.
6. www.trai.gov.in. According to the Report for 2010 of the Telecom Regulatory Authority of India (TRAI), over 381 million mobile subscribers possessed the ability to access the Internet through their mobiles, with 35 million having accessed at least once.
7. www.comscore.com. According to Internet research firm Comscore, 62% of Internet users in India use Gmail
8. www.imrbint.com. A report compiled by the Indian Market Research Bureau (IMRB) projects domestic ecommerce to be in the region of $10 billion by the end of 2011.
9. Ibid 3.
10. “Clarke: More defense needed in cyberspace” HometownAnnapolis.com, 24 September 2010.
11. “Malware Hits Computerized Industrial Equipment” New York Times, 24 September 2010.
12. http://en.wikipedia.org/wiki/Cyberwarfare.
13. “Cyber-War Nominee Sees Gaps in Law”, New York Times, 14 April 2010.
14. Steve Ragan Report: The Cyber ShockWave event and its aftermath. The Tech Herald. 16 February 2010.
15. http://cjnewsind.blogspot.in/2012/07/cyber-warfare-and-india.html
16. “5 lakh cyber warriors to bolster India’s e-defence”. Times of India (India). 16 October 2012. http://articles.timesofindia.indiatimes.com/2012-10-16/india/34498075_1_cyber-security-cyber-attacks-cyber-warfare. Retrieved 18 October 2012.
17. Pakistan unleashes Cyber War on India By Bharat Verma, Issue Net Edition | Date : 20 Aug , 2012
18. Ibid 3.
19. Rid, Thomas (October 2011). “Cyber War Will Not Take Place”. Journal of Strategic Studies. doi:10.1080/01402390.2011.608939. http://dx.doi.org/10.1080/01402390.2011.608939. Retrieved 21 October 2011.
20. Ibid 12.
21. Ibid 3.
22. Ibid 3.
23. Tom Gjelten (23 September 2010). “Seeing The Internet As An ‘Information Weapon’”. National Public Radio. http://www.npr.org/templates/story/story.php?storyId=130052701. Retrieved 23 September 2010.
24. Gorman, Siobhan. (4 June 2010) WSJ: U.S. Backs Talks on Cyber Warfare. Online.wsj.com. Retrieved 8 November 2011.
25. Politik.org.ua. Retrieved 8 November 2011.