Securing India's Cyber Frontiers in Hostile Environments
Cyber Warfare & Information Warfare: Emerging Security Threats for India
1. Context
Modern conflicts are no longer limited to traditional battlefields. Countries increasingly use:
- Cyber warfare
- Information warfare
These tools allow adversaries to weaken a nation without declaring war.
They blur the line between peace and war, creating what experts call “grey-zone conflict.”
2. What is Cyber Warfare?
Definition
Cyber warfare refers to the use of digital attacks by states or non-state actors to disrupt, damage, or gain unauthorized access to another country’s computer systems or networks.
Targets
Cyber attacks often target:
- Power grids
- Banking systems
- Government databases
- Telecommunications
- Healthcare infrastructure
Example (India)
Cosmos Bank Cyber Heist (2018) Hackers stole over $13 million through malware-based attacks.
Other Major Cyber Incidents in India
| Year | Incident |
|---|---|
| 2018 | Cosmos Bank cyber heist |
| 2020–21 | Malware detected in power plants and ports |
| 2022 | AIIMS Delhi ransomware attack |
| 2025 | 1.4 TB data theft from major industrial company |
Growth of Cyber Attacks
According to CERT-In (Indian Computer Emergency Response Team):
- 2017: ~53,000 cyber incidents
- Recent years: Millions of incidents annually
This shows exponential growth in cyber threats.
3. What is Information Warfare?
Definition
Information warfare refers to the strategic use of misinformation, propaganda, and digital manipulation to influence public opinion and weaken social or political stability.
Objectives
Information warfare aims to:
- Spread misinformation
- Create social divisions
- Influence elections
- Damage a country’s global reputation
Example (India)
CAA/NRC Protests (2019–20)
Coordinated campaigns spread false anti-Muslim narratives, increasing social tensions and affecting India's global image.
Example (2024 Elections)
- Thousands of deepfakes
- AI-generated propaganda
- Fake political speeches
These campaigns aimed to influence voter perceptions.
4. Deepfakes and Synthetic Media
Definition
Deepfakes are AI-generated videos, images, or audio that mimic real people but contain fabricated content.
Why Deepfakes Are Dangerous
They can:
- Manipulate elections
- Spread misinformation
- Damage reputations
- Trigger social unrest
Example
Fake speeches of political leaders circulated online during the 2024 Indian elections.
5. What is Grey-Zone Conflict?
Definition
Grey-zone conflict refers to actions taken by states below the threshold of conventional warfare but intended to weaken an adversary.
Examples
- Cyberattacks
- Economic coercion
- Disinformation campaigns
- Election interference
Key Feature
Grey-zone tactics are deniable and difficult to attribute.
6. Why Cyber & Information Warfare Are Dangerous
These threats have unique characteristics.
1. Low Cost
Cyber attacks are far cheaper than traditional warfare.
2. Easy Entry
Even small groups can launch cyber attacks.
3. Anonymity
Attackers can hide their identity.
4. Plausible Deniability
Countries can deny involvement.
5. Automation
AI enables large-scale attacks using:
- Bots
- Automated malware
- Synthetic media
7. Role of Private Sector
Much of cyberspace is owned by private companies.
Examples:
- Cloud servers
- Data centres
- Telecom networks
- Social media platforms
Thus technology companies become strategic actors in national security.
8. International Responses
Many countries are integrating military capabilities into cyber defence systems.
United States
National Cybersecurity Strategy (2023)
Key feature:
US Cyber Command supports civilian agencies even in peacetime.
Functions:
- Cyber threat detection
- Real-time intelligence sharing
- Offensive cyber capabilities
Israel
Israel follows a highly integrated model.
Institutions:
- Israel Defense Forces (IDF)
- Israel National Cyber Directorate
The military actively detects and neutralizes cyber threats.
France
France recognizes cyber operations below war threshold and includes a permanent military role in cybersecurity.
9. India’s Cybersecurity Architecture
India has recently strengthened its cybersecurity framework.
2024 Amendment to Allocation of Business Rules
This clarified responsibilities among different agencies.
Key Institutions
| Institution | Role |
|---|---|
| MeitY | Overall cybersecurity policy |
| CERT-In | Incident response |
| Ministry of Home Affairs | Cybercrime |
| Department of Telecom | Telecom security |
| NSCS | Strategic coordination |
NSCS
National Security Council Secretariat
Acts as the central coordination body for national cybersecurity strategy.
10. Existing Gaps in India’s Cyber Strategy
Despite reforms, some limitations remain.
Major Challenges
- Limited role for the military in peacetime cyber defence
- Weak civil-military coordination
- Lack of unified cyber command
- Rapid technological changes
11. Need for Civil-Military Coordination
Experts recommend stronger coordination between:
- Civilian ministries
- Military forces
- Intelligence agencies
- Private sector companies
Proposed Framework
The NSCS could act as the central intelligence hub.
It would combine:
- Civilian technical data
- Military intelligence
- Diplomatic inputs
This creates a national picture of cyber threats.
12. Role of Private Sector
Private companies must be treated as national security partners.
Suggested Measures
- Mandatory cybersecurity standards
- Real-time threat reporting
- Legal protection for cooperation
13. Cyber Warfare During Actual War
If war occurs:
- Military leads cyber operations
- Civilian agencies support logistics and infrastructure protection
Priority Areas
- Power grids
- Banking systems
- Telecom networks
- Healthcare services
14. Future Threat: Artificial Intelligence
AI will significantly increase cyber warfare capabilities.
AI Applications in Cyber Warfare
- Automated hacking
- AI-generated malware
- Deepfake propaganda
- Bot-driven influence campaigns
15. Quote
“Cyber and information warfare blur the traditional peace-war divide.”
16. Key Takeaways
- Cyber and information warfare are now central tools of modern conflict.
- India faces rapidly increasing cyber threats.
- Information warfare threatens democracy and social cohesion.
- Strong civil-military-private sector coordination is essential.
- AI will further intensify digital warfare.
17. Possible UPSC Mains Question
Q. Cyber warfare and information warfare are emerging as major threats to national security. Examine the challenges faced by India and suggest measures to strengthen cyber resilience.
Attribution
Original content sources and authors
Syllabus classification
How this article maps to GS papers
Main syllabus
GS3Cyber SecurityQuick Q&A
What is meant by cyber warfare and information warfare, and how do they differ from traditional forms of conflict?
Unlike conventional warfare that involves visible military confrontation, cyber and information warfare operate in the “grey zone” between peace and war. These operations are typically low-intensity, covert, and continuous. Adversaries exploit vulnerabilities in digital infrastructure and social media ecosystems to create disruptions without triggering a formal military response. For example, malware implanted in power plants or coordinated misinformation campaigns on social media may not constitute a traditional act of war but can significantly weaken national resilience.
India has already witnessed several such incidents. The Cosmos Bank cyber heist of 2018 reportedly led to losses exceeding $13 million, while a ransomware attack in AIIMS Delhi in 2022 disrupted hospital services for several days. These incidents demonstrate how cyberattacks can affect essential services and economic stability. At the same time, disinformation campaigns during events such as the CAA–NRC protests and the 2024 elections illustrate how information warfare can influence political narratives and social harmony.
Thus, cyber and information warfare represent a fundamental transformation in the nature of conflict. They blur the distinction between war and peace, involve both state and non-state actors, and demand continuous vigilance rather than episodic responses.
Why are cyber and information warfare increasingly becoming central to national security strategies in the 21st century?
One of the key reasons for the growing prominence of cyber warfare is its low cost and scalability. Unlike conventional military operations that require large investments in weapons and personnel, cyber operations can be conducted with relatively limited resources. Additionally, hostile states can outsource attacks to proxy groups or non-state actors, allowing them to maintain plausible deniability. Automation and artificial intelligence further amplify the scale of attacks, enabling thousands of bots or automated scripts to conduct cyber intrusions or spread propaganda simultaneously.
Information warfare has also become more sophisticated with the rise of social media platforms, deepfakes, and synthetic media. These technologies allow adversaries to manipulate public opinion, inflame communal tensions, and undermine trust in democratic institutions. For instance, during the 2019–20 CAA/NRC protests, coordinated disinformation campaigns amplified false narratives internationally, damaging India’s global image.
Therefore, cyber and information warfare represent a strategic shift in conflict dynamics. Nations now view digital domains as critical theatres of competition, requiring integrated responses involving technology, intelligence, diplomacy, and public communication strategies.
What factors make cyber and information warfare particularly difficult to detect, attribute, and counter?
Key factors contributing to these challenges include:
- Anonymity and weak attribution: Cyberattacks can be routed through multiple countries and networks, masking the identity of the attacker.
- Plausible deniability: States can outsource cyber operations to proxy groups or criminal networks, complicating diplomatic or military responses.
- Automation and scale: Bots and automated scripts can generate large volumes of misinformation or launch repeated cyber intrusions.
Another complicating factor is the absence of universally accepted international norms governing cyber conduct. While international law provides some guidance, the boundaries between espionage, cybercrime, and cyber warfare remain blurred. As a result, states often struggle to determine when a cyber incident constitutes a national security threat.
Information warfare further complicates matters because it targets societal vulnerabilities. Disinformation campaigns exploit existing social divisions related to religion, ethnicity, or political ideology. For example, coordinated online narratives about Kashmir or communal tensions in India demonstrate how adversaries strategically amplify sensitive issues.
These factors make cyber and information warfare persistent and cumulative threats. Effective responses require not only technological defenses but also intelligence coordination, public awareness, and international cooperation.
What recent examples illustrate the growing scale and impact of cyber and information warfare in India?
One notable example is the Cosmos Bank cyber heist in 2018, in which attackers reportedly stole more than $13 million by exploiting vulnerabilities in the bank’s digital payment infrastructure. Another major incident occurred in 2022 when AIIMS Delhi suffered a ransomware attack. The attack crippled hospital operations for several days, disrupting medical services and highlighting the vulnerability of healthcare infrastructure to cyber threats.
India’s critical infrastructure has also been targeted. Between 2020 and 2021, malware was reportedly discovered in systems connected to power plants and ports. Such malware could potentially enable adversaries to disrupt electricity supply or maritime logistics during a crisis. Additionally, the reported theft of 1.4 terabytes of data from a major industrial house in 2025 reflects growing concerns about economic espionage targeting Indian corporations.
Information warfare has also intensified. During the 2024 general elections, thousands of deepfakes and synthetic media clips circulated online, attempting to manipulate voter perceptions. Similarly, coordinated disinformation campaigns during the CAA–NRC protests demonstrated how hostile actors exploit social media to amplify divisive narratives.
These examples underline the need for stronger cyber defenses, better information monitoring mechanisms, and coordinated national security responses.
Critically analyse the role of the private sector in national cybersecurity and information warfare defence.
Positive contributions of the private sector include:
- Technological expertise: Technology companies possess advanced cybersecurity tools, threat detection systems, and innovation capabilities.
- Rapid response capacity: Private firms often have the ability to identify vulnerabilities and deploy patches faster than government systems.
- Global intelligence sharing: Multinational technology companies can detect patterns of cyber threats across multiple countries.
However, the involvement of private companies also raises certain challenges. Corporations may prioritize commercial interests over national security considerations, particularly when disclosure of cyber incidents could damage their reputation. Additionally, regulatory frameworks governing data sharing between governments and companies remain underdeveloped in many countries.
The article argues that the private sector should be treated not as a passive contractor but as a strategic partner in national security. This requires clear legal obligations for crisis cooperation, trusted channels for real-time information sharing, and safeguards that protect companies acting in good faith. Without such collaboration, governments alone may lack the technological capacity to counter sophisticated cyber threats.
Therefore, a balanced approach is required where governments provide regulatory clarity and strategic direction while leveraging private-sector capabilities to strengthen national cybersecurity.
How has India restructured its cybersecurity governance architecture in recent years to address cyber and information warfare?
Under this framework, the Ministry of Electronics and Information Technology (MeitY) leads overall cybersecurity policy, while the Indian Computer Emergency Response Team (CERT-In) handles technical incident response. The Ministry of Home Affairs coordinates cybercrime investigations, and the Department of Telecommunications oversees telecom network security. The National Security Council Secretariat (NSCS) functions as the nodal body for strategic coordination and oversight at the national level.
In addition, new frameworks addressing emerging threats such as AI-enabled cyberattacks, supply chain vulnerabilities, and space-based infrastructure have been developed. These initiatives reflect recognition that cybersecurity is not merely a technical issue but a strategic national security concern.
However, a key limitation highlighted in the article is the limited role currently assigned to the military in peacetime cyber operations. While civilian agencies lead cybersecurity efforts, effective responses to sophisticated cyber warfare may require closer civil–military coordination. Strengthening intelligence fusion, strategic assessment, and operational coordination between civilian and military institutions will be essential to building a resilient national cyber defence architecture.
Suppose India faces a coordinated cyberattack targeting power grids, banking networks, and social media platforms simultaneously. What institutional response framework should be activated?
The first step would involve technical containment and infrastructure protection. Agencies such as CERT-In and sectoral Computer Emergency Response Teams would work with power utilities, banks, and telecom providers to isolate compromised networks, activate backup systems, and restore essential services. Ensuring continuity in critical sectors such as electricity, healthcare, banking, and telecommunications would be the immediate priority.
At the strategic level, the National Security Council Secretariat (NSCS) would coordinate intelligence fusion by integrating data from civilian agencies, military intelligence, and diplomatic channels. The armed forces could provide advanced cyber threat analysis, attribution capabilities, and response options. Meanwhile, civilian authorities would remain responsible for public communication to prevent misinformation and maintain public confidence.
Finally, collaboration with the private sector would be essential because many critical networks are privately owned. Companies managing data centres, cloud infrastructure, and telecom networks would need to share threat intelligence and cooperate in recovery efforts. In the longer term, diplomatic engagement and international cooperation may be required to deter future attacks and establish accountability.
This case highlights the importance of a whole-of-government and whole-of-society approach to cybersecurity, integrating civilian authorities, military capabilities, and private-sector participation.
Practice questions
2 questions for mains preparation