GS3 Cyber Security

Cyber and information warfare reshape modern conflict dynamics
Cyber and information warfare reshape modern conflict dynamics

Securing India's Cyber Frontiers in Hostile Environments

Understanding the impact of cyber warfare on national security and societal trust in India amidst rising vulnerabilities.
Surya
5 mins read

Cyber Warfare & Information Warfare: Emerging Security Threats for India

1. Context

Modern conflicts are no longer limited to traditional battlefields. Countries increasingly use:

  • Cyber warfare
  • Information warfare

These tools allow adversaries to weaken a nation without declaring war.

They blur the line between peace and war, creating what experts call “grey-zone conflict.”


2. What is Cyber Warfare?

Definition

Cyber warfare refers to the use of digital attacks by states or non-state actors to disrupt, damage, or gain unauthorized access to another country’s computer systems or networks.

Targets

Cyber attacks often target:

  • Power grids
  • Banking systems
  • Government databases
  • Telecommunications
  • Healthcare infrastructure

Example (India)

Cosmos Bank Cyber Heist (2018) Hackers stole over $13 million through malware-based attacks.


Other Major Cyber Incidents in India

YearIncident
2018Cosmos Bank cyber heist
2020–21Malware detected in power plants and ports
2022AIIMS Delhi ransomware attack
20251.4 TB data theft from major industrial company

Growth of Cyber Attacks

According to CERT-In (Indian Computer Emergency Response Team):

  • 2017: ~53,000 cyber incidents
  • Recent years: Millions of incidents annually

This shows exponential growth in cyber threats.


3. What is Information Warfare?

Definition

Information warfare refers to the strategic use of misinformation, propaganda, and digital manipulation to influence public opinion and weaken social or political stability.


Objectives

Information warfare aims to:

  • Spread misinformation
  • Create social divisions
  • Influence elections
  • Damage a country’s global reputation

Example (India)

CAA/NRC Protests (2019–20)

Coordinated campaigns spread false anti-Muslim narratives, increasing social tensions and affecting India's global image.


Example (2024 Elections)

  • Thousands of deepfakes
  • AI-generated propaganda
  • Fake political speeches

These campaigns aimed to influence voter perceptions.


4. Deepfakes and Synthetic Media

Definition

Deepfakes are AI-generated videos, images, or audio that mimic real people but contain fabricated content.


Why Deepfakes Are Dangerous

They can:

  • Manipulate elections
  • Spread misinformation
  • Damage reputations
  • Trigger social unrest

Example

Fake speeches of political leaders circulated online during the 2024 Indian elections.


5. What is Grey-Zone Conflict?

Definition

Grey-zone conflict refers to actions taken by states below the threshold of conventional warfare but intended to weaken an adversary.


Examples

  • Cyberattacks
  • Economic coercion
  • Disinformation campaigns
  • Election interference

Key Feature

Grey-zone tactics are deniable and difficult to attribute.


6. Why Cyber & Information Warfare Are Dangerous

These threats have unique characteristics.

1. Low Cost

Cyber attacks are far cheaper than traditional warfare.

2. Easy Entry

Even small groups can launch cyber attacks.

3. Anonymity

Attackers can hide their identity.

4. Plausible Deniability

Countries can deny involvement.

5. Automation

AI enables large-scale attacks using:

  • Bots
  • Automated malware
  • Synthetic media

7. Role of Private Sector

Much of cyberspace is owned by private companies.

Examples:

  • Cloud servers
  • Data centres
  • Telecom networks
  • Social media platforms

Thus technology companies become strategic actors in national security.


8. International Responses

Many countries are integrating military capabilities into cyber defence systems.


United States

National Cybersecurity Strategy (2023)

Key feature:

US Cyber Command supports civilian agencies even in peacetime.

Functions:

  • Cyber threat detection
  • Real-time intelligence sharing
  • Offensive cyber capabilities

Israel

Israel follows a highly integrated model.

Institutions:

  • Israel Defense Forces (IDF)
  • Israel National Cyber Directorate

The military actively detects and neutralizes cyber threats.


France

France recognizes cyber operations below war threshold and includes a permanent military role in cybersecurity.


9. India’s Cybersecurity Architecture

India has recently strengthened its cybersecurity framework.

2024 Amendment to Allocation of Business Rules

This clarified responsibilities among different agencies.


Key Institutions

InstitutionRole
MeitYOverall cybersecurity policy
CERT-InIncident response
Ministry of Home AffairsCybercrime
Department of TelecomTelecom security
NSCSStrategic coordination

NSCS

National Security Council Secretariat

Acts as the central coordination body for national cybersecurity strategy.


10. Existing Gaps in India’s Cyber Strategy

Despite reforms, some limitations remain.

Major Challenges

  1. Limited role for the military in peacetime cyber defence
  2. Weak civil-military coordination
  3. Lack of unified cyber command
  4. Rapid technological changes

11. Need for Civil-Military Coordination

Experts recommend stronger coordination between:

  • Civilian ministries
  • Military forces
  • Intelligence agencies
  • Private sector companies

Proposed Framework

The NSCS could act as the central intelligence hub.

It would combine:

  • Civilian technical data
  • Military intelligence
  • Diplomatic inputs

This creates a national picture of cyber threats.


12. Role of Private Sector

Private companies must be treated as national security partners.

Suggested Measures

  • Mandatory cybersecurity standards
  • Real-time threat reporting
  • Legal protection for cooperation

13. Cyber Warfare During Actual War

If war occurs:

  • Military leads cyber operations
  • Civilian agencies support logistics and infrastructure protection

Priority Areas

  • Power grids
  • Banking systems
  • Telecom networks
  • Healthcare services

14. Future Threat: Artificial Intelligence

AI will significantly increase cyber warfare capabilities.

AI Applications in Cyber Warfare

  • Automated hacking
  • AI-generated malware
  • Deepfake propaganda
  • Bot-driven influence campaigns

15. Quote

“Cyber and information warfare blur the traditional peace-war divide.”


16. Key Takeaways

  1. Cyber and information warfare are now central tools of modern conflict.
  2. India faces rapidly increasing cyber threats.
  3. Information warfare threatens democracy and social cohesion.
  4. Strong civil-military-private sector coordination is essential.
  5. AI will further intensify digital warfare.

17. Possible UPSC Mains Question

Q. Cyber warfare and information warfare are emerging as major threats to national security. Examine the challenges faced by India and suggest measures to strengthen cyber resilience.

Attribution

Original content sources and authors

Author Ajay Kumar Source Business Standard

Syllabus classification

How this article maps to GS papers

Main syllabus

GS3Cyber Security

Quick Q&A

What is meant by cyber warfare and information warfare, and how do they differ from traditional forms of conflict?
Cyber warfare and information warfare have emerged as critical instruments of modern conflict, operating largely in the digital domain rather than on physical battlefields. Cyber warfare involves attacks on digital systems, networks, and critical infrastructure with the objective of disrupting services, stealing sensitive data, or weakening the functioning of a state. Information warfare, on the other hand, focuses on manipulating narratives, spreading misinformation or disinformation, and influencing public perception to undermine social cohesion and democratic processes.

Unlike conventional warfare that involves visible military confrontation, cyber and information warfare operate in the “grey zone” between peace and war. These operations are typically low-intensity, covert, and continuous. Adversaries exploit vulnerabilities in digital infrastructure and social media ecosystems to create disruptions without triggering a formal military response. For example, malware implanted in power plants or coordinated misinformation campaigns on social media may not constitute a traditional act of war but can significantly weaken national resilience.

India has already witnessed several such incidents. The Cosmos Bank cyber heist of 2018 reportedly led to losses exceeding $13 million, while a ransomware attack in AIIMS Delhi in 2022 disrupted hospital services for several days. These incidents demonstrate how cyberattacks can affect essential services and economic stability. At the same time, disinformation campaigns during events such as the CAA–NRC protests and the 2024 elections illustrate how information warfare can influence political narratives and social harmony.

Thus, cyber and information warfare represent a fundamental transformation in the nature of conflict. They blur the distinction between war and peace, involve both state and non-state actors, and demand continuous vigilance rather than episodic responses.
Why are cyber and information warfare increasingly becoming central to national security strategies in the 21st century?
Cyber and information warfare have become central to national security strategies because modern societies depend heavily on digital infrastructure, interconnected networks, and information ecosystems. Critical sectors such as power grids, banking systems, healthcare networks, transportation, and telecommunications are now digitised. This creates significant vulnerabilities that hostile actors can exploit through cyberattacks or disinformation campaigns.

One of the key reasons for the growing prominence of cyber warfare is its low cost and scalability. Unlike conventional military operations that require large investments in weapons and personnel, cyber operations can be conducted with relatively limited resources. Additionally, hostile states can outsource attacks to proxy groups or non-state actors, allowing them to maintain plausible deniability. Automation and artificial intelligence further amplify the scale of attacks, enabling thousands of bots or automated scripts to conduct cyber intrusions or spread propaganda simultaneously.

Information warfare has also become more sophisticated with the rise of social media platforms, deepfakes, and synthetic media. These technologies allow adversaries to manipulate public opinion, inflame communal tensions, and undermine trust in democratic institutions. For instance, during the 2019–20 CAA/NRC protests, coordinated disinformation campaigns amplified false narratives internationally, damaging India’s global image.

Therefore, cyber and information warfare represent a strategic shift in conflict dynamics. Nations now view digital domains as critical theatres of competition, requiring integrated responses involving technology, intelligence, diplomacy, and public communication strategies.
What factors make cyber and information warfare particularly difficult to detect, attribute, and counter?
Cyber and information warfare pose unique challenges for detection and response due to several structural and technological factors. Unlike conventional attacks, digital operations are often designed to remain covert, anonymous, and difficult to attribute. This makes it challenging for governments to identify the perpetrators and respond appropriately.

Key factors contributing to these challenges include:
  • Anonymity and weak attribution: Cyberattacks can be routed through multiple countries and networks, masking the identity of the attacker.
  • Plausible deniability: States can outsource cyber operations to proxy groups or criminal networks, complicating diplomatic or military responses.
  • Automation and scale: Bots and automated scripts can generate large volumes of misinformation or launch repeated cyber intrusions.

Another complicating factor is the absence of universally accepted international norms governing cyber conduct. While international law provides some guidance, the boundaries between espionage, cybercrime, and cyber warfare remain blurred. As a result, states often struggle to determine when a cyber incident constitutes a national security threat.

Information warfare further complicates matters because it targets societal vulnerabilities. Disinformation campaigns exploit existing social divisions related to religion, ethnicity, or political ideology. For example, coordinated online narratives about Kashmir or communal tensions in India demonstrate how adversaries strategically amplify sensitive issues.

These factors make cyber and information warfare persistent and cumulative threats. Effective responses require not only technological defenses but also intelligence coordination, public awareness, and international cooperation.
What recent examples illustrate the growing scale and impact of cyber and information warfare in India?
Several high-profile incidents in recent years illustrate the growing scale and sophistication of cyber and information warfare affecting India. These incidents demonstrate how digital attacks can disrupt essential services, compromise sensitive data, and influence public discourse.

One notable example is the Cosmos Bank cyber heist in 2018, in which attackers reportedly stole more than $13 million by exploiting vulnerabilities in the bank’s digital payment infrastructure. Another major incident occurred in 2022 when AIIMS Delhi suffered a ransomware attack. The attack crippled hospital operations for several days, disrupting medical services and highlighting the vulnerability of healthcare infrastructure to cyber threats.

India’s critical infrastructure has also been targeted. Between 2020 and 2021, malware was reportedly discovered in systems connected to power plants and ports. Such malware could potentially enable adversaries to disrupt electricity supply or maritime logistics during a crisis. Additionally, the reported theft of 1.4 terabytes of data from a major industrial house in 2025 reflects growing concerns about economic espionage targeting Indian corporations.

Information warfare has also intensified. During the 2024 general elections, thousands of deepfakes and synthetic media clips circulated online, attempting to manipulate voter perceptions. Similarly, coordinated disinformation campaigns during the CAA–NRC protests demonstrated how hostile actors exploit social media to amplify divisive narratives.

These examples underline the need for stronger cyber defenses, better information monitoring mechanisms, and coordinated national security responses.
Critically analyse the role of the private sector in national cybersecurity and information warfare defence.
The private sector plays a crucial and increasingly strategic role in national cybersecurity because much of the digital infrastructure used by governments and citizens is owned or operated by private companies. Data centres, cloud platforms, telecommunications networks, and social media platforms form the backbone of the digital ecosystem and are largely managed by private entities.

Positive contributions of the private sector include:
  • Technological expertise: Technology companies possess advanced cybersecurity tools, threat detection systems, and innovation capabilities.
  • Rapid response capacity: Private firms often have the ability to identify vulnerabilities and deploy patches faster than government systems.
  • Global intelligence sharing: Multinational technology companies can detect patterns of cyber threats across multiple countries.

However, the involvement of private companies also raises certain challenges. Corporations may prioritize commercial interests over national security considerations, particularly when disclosure of cyber incidents could damage their reputation. Additionally, regulatory frameworks governing data sharing between governments and companies remain underdeveloped in many countries.

The article argues that the private sector should be treated not as a passive contractor but as a strategic partner in national security. This requires clear legal obligations for crisis cooperation, trusted channels for real-time information sharing, and safeguards that protect companies acting in good faith. Without such collaboration, governments alone may lack the technological capacity to counter sophisticated cyber threats.

Therefore, a balanced approach is required where governments provide regulatory clarity and strategic direction while leveraging private-sector capabilities to strengthen national cybersecurity.
How has India restructured its cybersecurity governance architecture in recent years to address cyber and information warfare?
India has undertaken several institutional reforms to strengthen its cybersecurity governance framework in response to rising cyber threats and information warfare campaigns. One significant step was the September 2024 amendment to the Allocation of Business Rules, which clarified the roles and responsibilities of different government agencies involved in cybersecurity management.

Under this framework, the Ministry of Electronics and Information Technology (MeitY) leads overall cybersecurity policy, while the Indian Computer Emergency Response Team (CERT-In) handles technical incident response. The Ministry of Home Affairs coordinates cybercrime investigations, and the Department of Telecommunications oversees telecom network security. The National Security Council Secretariat (NSCS) functions as the nodal body for strategic coordination and oversight at the national level.

In addition, new frameworks addressing emerging threats such as AI-enabled cyberattacks, supply chain vulnerabilities, and space-based infrastructure have been developed. These initiatives reflect recognition that cybersecurity is not merely a technical issue but a strategic national security concern.

However, a key limitation highlighted in the article is the limited role currently assigned to the military in peacetime cyber operations. While civilian agencies lead cybersecurity efforts, effective responses to sophisticated cyber warfare may require closer civil–military coordination. Strengthening intelligence fusion, strategic assessment, and operational coordination between civilian and military institutions will be essential to building a resilient national cyber defence architecture.
Suppose India faces a coordinated cyberattack targeting power grids, banking networks, and social media platforms simultaneously. What institutional response framework should be activated?
A coordinated cyberattack targeting multiple sectors would represent a serious national security crisis requiring an integrated institutional response. The response framework would need to combine technical mitigation, intelligence coordination, and public communication to prevent panic and restore system functionality.

The first step would involve technical containment and infrastructure protection. Agencies such as CERT-In and sectoral Computer Emergency Response Teams would work with power utilities, banks, and telecom providers to isolate compromised networks, activate backup systems, and restore essential services. Ensuring continuity in critical sectors such as electricity, healthcare, banking, and telecommunications would be the immediate priority.

At the strategic level, the National Security Council Secretariat (NSCS) would coordinate intelligence fusion by integrating data from civilian agencies, military intelligence, and diplomatic channels. The armed forces could provide advanced cyber threat analysis, attribution capabilities, and response options. Meanwhile, civilian authorities would remain responsible for public communication to prevent misinformation and maintain public confidence.

Finally, collaboration with the private sector would be essential because many critical networks are privately owned. Companies managing data centres, cloud infrastructure, and telecom networks would need to share threat intelligence and cooperate in recovery efforts. In the longer term, diplomatic engagement and international cooperation may be required to deter future attacks and establish accountability.

This case highlights the importance of a whole-of-government and whole-of-society approach to cybersecurity, integrating civilian authorities, military capabilities, and private-sector participation.

Practice questions

2 questions for mains preparation

Assess the rise of cyber warfare as a component of national security challenges in India, including the economic and institutional ramifications.

10 marks · 150 words · 8 mins

Critically analyze the role of information warfare in shaping societal perceptions and its impact on India's democratic processes.

10 marks · 150 words · 8 mins