The Silent Invasion: China's Cyber War Against India.
How the Chinese government is targeting India's critical Cyber infrastructure. India is winning on LAC but loosing to Chinese Hackers.
There are a lot of wars going on around us, some big and smalls fights are going on. Russia Ukraine conflict, Azerbaijan Armenia, China-Taiwan-United States and Indo China border skirmish, but these are some of wars which we can see but today I’m not gonna write about them but about the war which India is fighting from past 3 years but normal public doesn't have any clue about it.
In 2019 Indian and Chinese troops started fighting in Ladakh but because Indian Army is pretty strong in comparison to the ill-trained and ill-experienced Chinese Army so they were dominating these fights then China planned another way to defeat India. It is an old tactic of our both enemies that when they get thrashed in fair battles then they strike from back and Chinese responded likewise when India was dominating clashes and developing its infrastructure on LAC then Chinese planned to target India's critical infrastructure but in a new and a pretty famous domain of warfare i.e. Cyber Warfare.
Chinese were continuously targeting critical Indian infrastructure but they were not random attacks, just like Indian hackers do when they put up Indian flag on their website on their independence day and sometimes in response to the Pakistani attacks, but in case of Chinese the pattern can be seen clearly that they were doing it with the purpose of revenge because they were losing every physical battle with Indian Army. For example : June 2020, Chinese helicopter breached Indian airspace, Galwan was a month old now and the whole nation was furious, in response to that India deployed its frontline fighter Sukhoi Su-30MKi and attack helicopters on the forward air bases of Ladakh and it was a shocking move for Chinese because India has never took such aggressive stance against them since 1987 and now they can't challenge the Indian Air Force, they targeted Indian government. In December 2020, multiple cyber attacks detected in attempt to target government's SSL VPN devices.
What is this SSL VPN?
Let me explain you in very simple language, Secure Sockets Layer Virtual Private Network or SSL VPN is a service by which you can securely access any organization's network or server without any specialized application and even from public internet which is considered unsafe for accessing such sensitive networks and servers because government organisation's servers and networks contains very sensitive information and SSL VPN provides a secure line to government officials to access these servers and networks.
Chinese targeted these networks by using Global APT 41. Now what is this APT-41?So the APT-41 is a hacking oragnisation who allegedly works for Chinese intelligence and there are multiple groups like this : Red Echo, Red Delta, Red Foxtrot, TAG 28, TAG 26, APT 10 and all these groups execute cyber attacks for Chinese government.
Next big attack observed in March 2021 which targeted Mumbai Power Grid and for sometime some areas of Mumbai lost power and the reason behind this is same, they couldn't defeat us on LAC but in 40 years India for the first time got to their necks. March 2021's attack had the connection with that night of 29th August 2020 when Indian surveillance saw around 300 Chinese soldiers moving very fast towards black top peak near Pangong Tso and in response Indian special forces climbed the black top in double speed and got there before the Chinese. Indian Army not only got those strategic heights from the jaws of Chinese but Indian Army's presence there were presenting a direct and serious threat on Chinese most important Moldo Garrison in Ladakh and by taking the advantage of this tacitcal move, India forced Chinese to move back from Pangong Tso, this was a humiliation for Chinese and they showed their might by targeting Mumbai's powergrid. Mumbai's power grid attack was one of series of attacks who got highlighed. In August 2020 India captured Black Top and by September 2021 Chinese hacker group “Red Echo” and “Tag 38” started targeting Indian power sector heavily because all these SLDC's were in the states near to Chinese border and these SLDCs are important factor to supply power in any state and targeting this is consider as targeting power grid of any state.
This is without a doubt an act of hostility against India but this is very cute infront of what Chinese were trying to do in the peak delta wave of covid when India was fighting a very big and tough fight to save itself and its loved ones. No Indian can forget those horrific 3-4 months when seeing a loved one going was a common sight because either medicine was not available on time or oxygen but even in that horrific times Chinese wanted to inflict as much damage to India as they can. During the peak time of Delta variant wave, they targeted the most crucial services of India i.e. Indian logistics, healthcare and emergency response services where at many places system failure was reported or the oxygen couldn't reach on time, alot of people lost their lives in this and they tried to celebrate it through a meme - In which on one side there is a picture of multiple pyres and on the other side a space rocket is getting launched.
Text with it read: “Lighting a fire in China VS lighting a fire in India.”
According to the report of Cyber security firm Cyfirma Chinese hacking group APT10 aka Stone Panda found a gap in the IT infrastructure of Bharat Biotech and Serum Institute of India and tried to steal very crucial and sensitive information related to vaccines so that they can have competitive advantage against Indian pharma companies and any reason can be stated for it but this was happening just to pressurize India on border and halt the rise of Indian reputation on international level because of the Vaccine Maitri program of Indian government in which we delivered vaccines to 80+ countries while fighting covid got India the reputation of one of the most potent world leader crush Chinese hope to dominate the region solely and all these attacks shows that Chinese presence in cyber space is a point of concern and a non-ignorable threat but sadly many prominent leaders and strategic thinkers still consider Chinese as a challenge not a threat or enemy.
By these attack we can get an idea of Chinese cyber offensive capabilities but it shows alot about Indian cyber safety too. Apart from some bigger cases some smaller ones also got reported but from 2019 to 2022 India has faced 4 million+ cyber attacks and Indian government is one of the most targeted government in the world. AIIMS Delhi's cyber attack is one of them, which is among one of the prestigious medical facilities and alot of high profile people incluing top politcians and bureaucrats consider it as their go to place in any medical condition. A cyberattack got detected on AIIMS Delhi's 100 servers which was on 40 physical and 60 virtual servers, it was a ransomware attack and Chinese involvement was looking evident in this attack and due to this attack many critical services of AIIMS New Delhi got disrupted for almost a month from November to December 2022, the seriousness of the attack increase manifold when the possibility came forward that attackers might have very sensitive medical information of the many patients and alot of prominent people gets treatment here.
How important can be medical secrets of any country's political figure can be assumed by the report which says whenever North Korea's and Russian leaders goes on foreign trip they carries their toilet with himself because you can figure out if the person is suffering from disease or any symptom of disease through his waste and then this privileged information can be weaponized and rumors can be spread to destabilize the nation.
It is very important to take AIIMS Delhi's cyber attack seriously but if there are no discussion on this topic even after attack on our payment networks, power plants, Aadhar or even on nuclear power plants then as a nation and as an individual citizen who understand some aspects of national security we have to think about our approach. Without a doubt we are defending lakhs of cyber attacks but India have to take offensive posture from defensive one in cyber space because a war can be won or avoided only by deterrence.
Thank You.
You can read another articles of mine, if you’re interested in geopolitics and history.
You can also message me on Instagram to discuss anything and share your thoughts about geopolitics, history and cyber security. @poorvam_tomar
Jai Hind.
- Poorvam Tomar