2 April 2019

Could Offensive Cyber Capabilities Tip India and Pakistan to War?

By Reda Baig

Tensions ratcheted up in South Asia following the Pulwama suicide bombing against Indian police forces on February 14 and India’s retaliatory strikes against Pakistan. Although officials from the two countries met a couple of weeks ago, the meeting did not signal a definitive thaw in relations. The international community fears further escalation, in this moment or in a future crisis, which could lead to an all-out war between two nuclear-armed powers.

While experts have focused on the risk of a kinetic conflict breaking out, they should give more attention to the potential for conflict in the cyber domain. In recent years, both nations have built up their cyber technology capabilities and arsenals. Activity in cyberspace could matter in two ways: first, contributing to escalation and helping to bring about a conflict; and second, being part of a “hybrid” kinetic and cyber conflict.

The role of cyber in escalation or conflict could go far beyond the website defacements that accentuated recent tensions. The cyber element of conflict is an emerging yet understudied dimension of geopolitics, and experts must consider it when analyzing the latest security developments involving India and Pakistan and the future trajectory of South Asia.


While both countries are responding to the rise in cyberattacks with national strategies and increased defensive capabilities, we do not know how they will set the rules when it comes to offensive cyber operations. We do know both countries are pursuing cybersecurity to protect against cyberattacks.

India has been establishing national cybersecurity policies to address the rise in persistent cyberattacks. The country is vulnerable to cyberattacks—it was ranked as the second most vulnerable nation-state targeted by cyberattacks in a survey by security company Symantec. As India’s economy has shifted toward information and communications technology (ICT), which includes information technology services, commerce, and banking sectors, there are concerns of cyberespionage and cyberattacks taking place against Indian industries and businesses.

In fact, according to a study commissioned by the High Court of India, cyber-related crimes cost Indian businesses $4 billion in 2013. This has led the government and private sector to increase their efforts to protect these industries. Back in 2013, India unveiled its National Cyber Security policy. This policy outlined measures the government would take in protecting India’s critical infrastructure. However, many critics point out this national policy has done little to curb cyberattacks as there is no way to implement many of its policies.

Pakistan is also on alert, though it does not have a national cybersecurity strategy document, despite efforts in Islamabad to develop a framework that will protect critical institutions from cyberattacks. These efforts have been motivated in part by the Edward Snowden leaks, which detailed the U.S. National Security Agency’s spying on Pakistan and were an inflection point for Pakistani government officials, as they realized they needed to address the gaps in their information security. A national Cyber Security Strategy was presented to the National Assembly, but no headway has been made yet on implementing the proposed actions, which included the creation of a national CERT and an Inter-Services Cyber Command Center that would streamline cyber defense for Pakistan’s Army. Pakistan still does not have an official national cybersecurity strategy.

Both countries’ security postures are transforming slowly to introduce cybersecurity. However, there is still not enough data available on what types of technologies these countries possess and how integrated these technologies are in India and Pakistan’s national security strategies. There are reports that both countries have engaged in offensive cyber operations. Each country has their own cyberespionage division, which siphons critical information from other national-states’ security and intelligence organizations.

India launched Operation Hangover that has targeted Pakistan and, in response, Pakistan spearheadedOperation Arachnophobia, which sought to obtain intelligence from Indian officials. While these operations are well-known, there is still a lack of awareness on how much each country spends on cyber technologies and the types of technologies they are employing. India is one of the largest spenders on military, yet the cybersecurity budget is “inadequate” for the growing cyber threat.

Understanding cyber capabilities is important because they can change geopolitical calculations. For example, the low cost of entry for offensive cyber capabilities benefits less resourced actors, and “offense preference” in cyberspace makes it easier to succeed on offense than at defense.

What role does China play in all of this? China enjoys good relations with Pakistan, a relationship that spans several decades. On the other hand, China’s relationship with India has been tumultuous, with relations once so tense that it led to the Sino-Indo War of 1962. Since then, the two nations have been embroiled in border skirmishes, and a rising India puts the entire region in a state of flux.

Many of the cyberattacks that India faces can be attributed back to China, as highlighted in a recent report to the National Security Council Secretariat by a department in the Ministry of Electronics and Information Technology. Following the Pulwama attack and the escalating tensions between India and Pakistan, China has sought to ensure a war does not break out. If a war did erupt, because of China’s close relationship with Pakistan, Beijing would be more inclined to offer support to Islamabad. This support could include cyber capabilities and actions, as China is far more advanced in this arena.

Both India and Pakistan already engage in cyberattacks and espionage campaigns against one another. The already marred relationship can deteriorate further if both countries continue employing cyber technologies for offensive purposes.

More research needs to be done to understand the cyber capabilities of each country, how each country plans to integrate these capabilities into their national security strategies, how cyber capabilities could play into escalation or conflict in the region, and how cyber-enabled escalation or conflict could be managed. Considering the risks of all-out war between these two powers and the importance of cyber capabilities to escalation and conflict in the region, researching these issues and equipping regional experts with an understanding of them, before cyber capabilities add fuel to an already tinderbox situation, is critical.

Reda Baig is a Cyber Risk Associate at Good Harbor Security Risk Management and a graduate student at the George Washington University.

No comments: