As the world grapples with the COVID-19 pandemic, the technological shifts have made working remotely a reality for millions of people. But it is not just the ‘Zoom fatigue’ that has been on rise due to the drastic increase of virtual workspaces. According to data from India’s Computer Emergency Response Team (CERT-In), cyber-attacks in India rose by almost 300 percent in 2020 in comparison to 2019.
Not only India, but other countries like US, UK, and Germany too are witnessing an increase in cyber-attacks aimed at stealing, sabotaging, or destroying data. However, high usage of legacy systems in India, both in offices and homes, puts India at a higher risk. According to a report released in June this year, by the International Institute for Strategic Studies (IISS), India is categorised as a Tier 3 nation based on its core cyber-intelligence capabilities, cyber security and resilience, strategy and doctrine, and offensive cyber capability. While US is the only nation in Tier 1, and Tier 2 consists of nations like Australia, China, Canada, France, Israel and Russia; India stands with Iran, Malaysia, Vietnam and North Korea with significant weaknesses in some of the categories mentioned above.
A 2018 report by F-secure, a cyber-security firm who deployed ‘honeypots’ across the world to enable information collection regarding cyber-attacks, highlighted that India had faced over 695,000 cyber-attacks between June and July 2018, with most cases emerging from Russia (more than 250,000).
More recently in March this year, a report by Cyfirma- a Goldman Sachs backed Singapore based threat intelligence firm, highlighted that Indian pharma companies and hospitals have been targeted by Russian, Chinese and Korean hacker groups, and identified 15 active hacking groups, again most groups linked to Russia (7).
The Russian Cyber-offensive
It is not hard to believe that Russia has been pointed out as the biggest source for cyber-attacks, considering frequent reports and allegations put on Russia-based groups since over a decade. Russia and US have engaged in cyber espionage campaigns for long and now China has also entered the fray.
But the question that needs consideration is whether the Indian government is ready to acknowledge that Russian hackers have become the biggest source of cyber-attacks on India, and whether New Delhi mulls over expressing displeasure about this to Moscow. Various reports have attributed cyber-attacks on India originating from Russian groups like APT-29 or the ‘Cozy Bear’- the group also accused of hacking US government agencies in 2014-15 and alleged to be aligned with the Russian intelligence services.
This displeasure would not be without precedent when it comes to Russian origin cyber-attacks. In June this year, the US president Joe Biden asked Russian president Vladimir Putin during their summit how Putin would feel if a ransomware attack hits Russia’s oil network (referring to an attack on the US pipeline network recently). The US president wants to take a stern approach towards cyber-attacks from Russia and has commented that he will take ‘any necessary action’ to stop them. In the same month, the Polish government blamed Russia secret services for a wave of cyber-attacks on Polish government officials from various political parties. And in September this year, Germany has accused Russia of cyber-attacks to interfere in elections to choose Germany’s new chancellor to succeed Angela Merkel.
However, New Delhi has refrained from releasing any statement.
It can be argued that when it comes to cyber-attacks, in absence of ability to assign accurate culpability on any individual, group or country, New Delhi would not want to sour relations with Moscow, given the strong partnership between India and Russia witnessed in the last two decades. Moreover, the categories like ‘Russian origin’, or ‘Russian speaking’, used by US based reports and allegations, leave a lot to be interpreted.
Many reports have highlighted that China based hackers and groups have hit Russian systems, which are alleged to be backed by state authorities. In a report by a US company Sentinel One, a hacker group associated with China was involved in using malicious software to hack websites of Russian government agencies for stealing confidential government data. While this means that Russia and China conduct cyber espionage against each other, similar reciprocity from India towards Russia has not been observed.
Moreover, it cannot be ruled out that China uses Russian-origin groups to hit Indian cyberspace, given how several reports point towards common goals of Russia and China based hacking groups in multiple realms like counter espionage against US and the continuously developing alliances and groupings in the Indo-pacific region which are seen by China and Russia as mechanisms for their containment. But any finger-pointing by New Delhi towards Moscow in public domain will only bring delight to Beijing.
In 2015, an official statement from Indian Ministry of Home Affairs had said that India and Russia will form an ‘expert group’ on cybersecurity to jointly fight the threat of terrorism (from Islamic extremists such as ISIS). However, it turned out to be only a gesture from the two sides and not working model evolved.
At present, Budapest convention is the main legally binding multilateral treaty which criminalises cyber-crime and coordinates cybercrime investigations between nation-states. India and Russia are both non-signatories to this convention. Instead, in last few years Russia has led a campaign for a cyber-crime convention to be adopted in United Nations, which includes an expanded list of cyber-crime categories. In 2019, India had voted in favour of the UN resolution for adopting this draft convention.
For now, as highlighted by many experts, India is in utmost need for a National Cyber Strategy. New Delhi needs to formulate policies to upgrade the legacy systems and take measures to shield all possible routes that can be utilised to harm India’s cyber-security. New Delhi should talk to Moscow when it comes to tightening grips on Russian origin cyber-attacks on India. Given the historical closeness in India-Russia relationship and the rejuvenation both nations have witnessed in last few years, New Delhi’s concerns might not be brushed aside by Moscow, like those of US.