Unpacking India's Role in Cyber Threats Against China
The Indo-Pacific region, already a complex landscape of geopolitical tensions, is now facing an additional layer of instability due to the escalation of cyber conflicts, particularly those emanating from India and targeting China.
A security expert has said while many think the US poses the biggest cybersecurity threat to China, a lot of attacks come from South Asia.
One India-based group of hackers, known as ‘Bitter’, has used various methods to target government, military and nuclear sectors.
This digital warfare not only exacerbates the longstanding friction between these two populous nations but also has far-reaching implications for adjacent trading nations like Australia, Singapore, and New Zealand.
These countries are grappling with the dual challenges of countering increased cybercrime volumes while striving to uphold the delicate balance of international trade relations and regional political stability.
The targeting of China and Pakistan by the Indian-based cyberespionage group "Bitter" underscores a strategic shift towards digital confrontations. "Bitter," identified as an advanced persistent threat (APT) active since at least November 2013, has primarily focused its efforts on government, military, and nuclear sectors.
This group's activities highlight a sophisticated level of political motivation, with one Beijing-based security expert noting,
Contrary to popular belief that China’s cyber threats mainly come from the United States, professionals in the field point out that a significant number of attacks originate from South Asian countries.
In the face of escalating cyber confrontations, both China and India have adopted a stance of restraint in their official communications, with China's Foreign Ministry notably avoiding public denunciations of cyber incursions. On the other side, India's Foreign Ministry has remained silent on the matter, though there has been occasional criticism from Indian media regarding Chinese cyber activities.
For instance, a report by Outlook India in December 2022 highlighted allegations of Chinese hackers targeting Indian medical research institutions and critical infrastructure, including the power grid.
This cautious approach to addressing cyber threats is not isolated to the Indo-Pacific.
In the United States, the growing concern over cyber vulnerabilities was starkly articulated by Christopher Wray, the Director of the Federal Bureau of Investigation (FBI). In a testimony before a U.S. House committee in January, Wray underscored the gravity of the situation by revealing that essential services such as water treatment facilities, the electrical grid, and transportation infrastructure have become prime targets for state-sponsored cyber operations.
This acknowledgment reflects a broader understanding of the strategic significance of cyber infrastructure as a national security concern.
The Cyber news centre analysts observes that these cyberattacks not only strain China-India relations but also send ripples through the trading networks that bind the Indo-Pacific region. Australia, Singapore, and New Zealand, as key players in these networks, find their cyber infrastructures and economic stability at risk.
The emergence of Southeast Asia as a nexus for cybercrime as a service, further complicates the scenario, introducing a hybrid warfare element that threatens to undermine the very fabric of international relations and trade.
The broader ramifications of these cyber conflicts are profound. Rebecca Miller, human trafficking program coordinator for the U.N. Office on Drugs and Crime regional office for Southeast Asia and the Pacific, highlights the interconnected challenges, stating,
"There is certainly a trend for more increased engagement from countries and their law enforcement as this issue becomes more widely understood, and the depth and breadth of the scale of what is actually occurring in Southeast Asia." Ms Miller said.
This statement reflects the growing recognition of the need for a concerted international effort to address the multifaceted threats posed by cybercrime and espionage.
Furthermore, the global response, as evidenced by the United Kingdom's sanctions against individuals and companies linked to Southeast Asian cybercrime syndicates and Interpol's Operation Storm Makers II, indicates a readiness to tackle these issues head-on.
However, these measures also underscore the urgency of developing more robust mechanisms for international cooperation in cybersecurity.
As the Indo-Pacific navigates these tumultuous waters, the role of adjacent trading nations becomes increasingly critical.
Australia, Singapore, and New Zealand are far more than bystanders but pivotal actors in shaping a collective response to cyber threats and also require to maintain international relations with their respective agencies to foster a transparent non threatening posture to maintain stability in the region.
Their economic ties and strategic positions afford them a unique opportunity to foster dialogue, enhance regional cybersecurity initiatives, and advocate for a rules-based international order that respects sovereignty in both the physical and digital domains.
