by Zaheema Iqbal* 13 August 2020
The relationship between India and Pakistan is featured by an intense military and economic competition, leading towards physical conflicts; 27th February being the recent addition to the list of such clashes. India despite having size advantage has been resorting to clandestine campaigns. Capturing and acceptance of Kulbhushan Jadhav is proof of such activities. Cyber is the fifth dimension of warfare with added advantage where adversary can deny or it is challenging to establish the attribution of attack. The Kashmir issue has always added an enormous tension between already strained relationships. In order to gain an advantage, and claim superiority on the ground, both nations have started integrating new technologies into their strategies and taking advantage of cyberspace as an emerging battleground. Hacktivists and patriotic hackers from both sides enunciate their feelings and disparage the opponent. Government IT infrastructure has hack worth and hacking for government websites and information systems are treated as trophy hunting. For both nations being in the state of Advanced Persistent Threats (APTs) and employing technologies for cyber espionage and electronic warfare pose emerging challenges. State-sponsored cyber-attacks and attacks on critical infrastructures add a new dimension to the conflict where two nuclear-armed neighbors are resorting to cyberspace to wage electronic and cyberwar against each other. The cyberattack on the Indian nuclear power plant is one such example. There is growing evidence of both nations slowing turning the knob on and testing the cyber capabilities of each other.
Since 2019 stand-off over Kashmir, India has waged intensified cyberwar against each other by trying to steal intelligence, cyber hacking targeting data of military personnel, officials, state institutions, and businesses. This has had a domino effect since both the nation-states keep gathering information in order to keep tabs on the situation. A US-based tech company tracked six Indian groups believed to be state-backed hacktivists and they were found engaged in geopolitical skirmishing. The heavy use of phishing emails, files, or messages allowing the hacker to steal sensitive information has been seen from both sides. The point of concern is that it is not merely a rise in the volume of cyberattacks but cyber capabilities are also getting sophisticated. BlackBerry claimed to find two cyber spy campaigns targeting Pakistani officials’ smartphones using fake apps, spread by WhatsApp and social media messages. This campaign was run by a state-backed APT which was known for its relentless espionage campaigns targeting Pakistan. Another campaign associated with an APT called ‘Confucius’ which was linked to an Indian cybersecurity firm.
Recent Covid-19 outbreak has not stopped these hostile cyber activities, rather threat actors have used Covid-19 and Work From Home (WFH) as an excuse to increase the hostile cyber activities.
The tit-for-tat cyber engagement between the two countries already remained at a peak when the COVID-19 outbreak emerged from the city of Wuhan, China. State-sponsored espionage campaigns using Covid-19 themed emails were found since January 2020. Nation-state threat groups have joined phishing cartels in leveraging the virus for targeted and sophisticated attacks. The Pakistan Telecommunication Authority (PTA) has advised citizens to avoid public WiFi services, due to the lurking cyberattacks containing coronavirus information.
There has been a considerable push towards resorting to online platforms to continue business activities and engage via digital meeting applications.
cyber infiltration from Indian hackers into online webinars of Pakistani businesses, security organizations, and financial institutions cannot be ruled out.
Indians Information warfare tactics aren’t limited to hacking and cyber espionage but leveraging social media platforms to push their biased agenda to frame Pakistan and even Muslims residing in India. India has intensified its propaganda war and hate speech against Pakistan and Muslim communities residing in India in order to support its narrative. The anti – Pakistan and Islamophobic hashtag started circulating during the lockdown and Indian officials have linked dozens of coronavirus cases to Muslim missionary groups which held its annual conference in Delhi in early March. Since religious fervors were already intense in India, it did not take much time to circulate false videos claiming Muslim clerics spitting Indian police. These videos went viral in no time exacerbating the already minacious epoch for Muslim communities. It was not until the last week of March 2020, tweets with hashtags #coronajihad more than 300,000 times and seen by more than 165 million people on Twitter. This surge in hate speech just demonstrates how anxious present Indian government has been as it merged Islamophobia at the time when the world is busy tracing, testing, and minimizing the spread of the COVID-19. During this time, when the Muslim minority of around 200 million people in the 1.3 billion population began to feel insecure and kept being targeted by the ruling Hindu nationalists. The long-standing hatred of a specific communal Indians faction towards Muslim minorities has become the new anxiety surrounding the COVID-19.
India and Pakistan as active regional cyber players should realize that ultimate peace in cyberspace will ensure to build a community with a shared future in cyberspace thus leads to stability in the South Asian region. For instance, the conflict between the two countries can further be escalated through propaganda, hate speech, and the spread of mis and disinformation. This can lead to strikes on military installations, critical infrastructure, and government networks. In this context, any solution to the anti-escalatory cyber policy along with a nuclear arms control agreement is required to this delicate situation over Kashmir. Besides, cyber-diplomacy can be another option in addition to the nonproliferation of nuclear weapons, and the dejection of traditional war should be the sole aim of negotiations. This is the time to realize that cyberwar is as serious as a conventional war, particularly amidst the Kashmir conflict. In the existing geopolitical regional environment, cyberspace engagements require a coordinated response and need to understand the necessity of international norms. No state should be allowed to get involved in cyberspace espionage and engagements against other country’s critical infrastructure. There should be responsible state behavior in cyberspace as the global health crisis prolongs having deleterious implications on global economies.
**The author is a cybersecurity policy researcher. Her interest includes cyber governance, data privacy, and emerging technologies. She can be reached at firstname.lastname@example.org