1 of 81

2 of 81

https://www.strategicstudyindia.com/

3 of 81

Hits

Total Visitors

4 of 81

Z

5 of 81

https://indianstrategicknowledgeonline.com/

6 of 81

7 of 81

8 of 81

9 of 81

Kindle Edition on Amazon

10 of 81

11 of 81

12 of 81

13 of 81

14 of 81

15 of 81

16 of 81

17 of 81

18 of 81

19 of 81

�� Maj Gen PK Mallick, VSM (Retd)

Indian Institute of Mass Communication, New Delhi

03 September, 2024

Cyber Warfare-Evolution and Present Status

20 of 81

Why Cyber?

21 of 81

22 of 81

23 of 81

24 of 81

25 of 81

26 of 81

27 of 81

28 of 81

29 of 81

We are facing a future where security challenges will be less predictable; situations will evolve and change swiftly; and, technological changes will make responses more difficult to keep pace with. The threats may be known, but the enemy may be invisible. Domination of cyber space will become increasingly important.. ….. When we speak of Digital India, we would also like to see a Digital Armed Force �-- PM's address to the Combined Commander’s Conference, October, 2014

30 of 81

CYBER WAR GAME

31 of 81

32 of 81

EVOLUTION OF CYBER WAR

  • Estonia Apr – May 2007
  • Attack on Syrian Nuc Plant by Israel, Sep 2007
  • Georgia, Aug 2008
  • Lebanon and Gaza, Dec 2008
  • Stuxnet
  • Recent conflicts.

33 of 81

ESTONIA EVENT

  • 26 April-13 May 2007, coincided with decision to relocate WWII Russian monument
  • Early attacks on Govt Web sites, then newspapers…some bank disruption
  • Media:
    • Cyberwar I, Web War I, a digital invasion, and a “cyber-riot.”
    • “Cybersavvy Russian nationalists unleashed a withering volley of "distributed denial of service" attacks crushing Estonian Web sites with countless computer-generated "zombie" hits, flooding servers in Estonia with junk data, and, as the International Herald Tribune explained, overwhelming "the routers and switches ... that direct traffic on the network.“

34 of 81

  • Actually:
    • Effects were moderate
    • Over 2500 attacking machines were recorded in 96 countries. Couldn’t distinguish between willing and a bot participants; made prosecution or other punitive actions difficult. Filters were effective.
    • Web sites were defaced or briefly taken off-line, there were brief outages of network routers, and some sites suffered sustained Denial of Service attacks.
    • Combined efforts of the Government of Estonia and their commercial partners were sufficient to mitigate effects of the attacks.
    • Most Estonians were not affected by the attacks, and likely would not have been aware of the attacks
    • Finally, the intensity of attacks did not rise to a level sufficient to pose a serious threat to Estonia's internet operations.

ESTONIA EVENT DRILL-DOWN

35 of 81

��ESTONIA��

  • Estonia has blamed Russia for the attack.
  • 17 percent of the computers that attacked Estonia were in the United States.
  • Did the Estonians have the right to attack the U.S. in response, and what responsibility did the U.S. bear?

-- Robert Giesler, Pentagon's former Director of Information Operations

36 of 81

37 of 81

38 of 81

GEORGIA

39 of 81

STUXNET

40 of 81

Stuxnet Videos

41 of 81

42 of 81

43 of 81

44 of 81

CYBER WARFARE - HYPE OR REALITY ?

Those who know enough about Digital Security are either in the employment of the government and not able to speak about it much… Or they are in the employment of Computer Security Vendors that have a vested interest…”

45 of 81

46 of 81

47 of 81

48 of 81

49 of 81

SOCIAL MEDIA

50 of 81

51 of 81

52 of 81

Use of Social Media

  • Connectivity
  • Education
  • Help
  • Information and Updates
  • Promotion
  • Noble Cause
  • Awareness
  • Help Government Agencies fight crime
  • Improves Business Reputation
  • Help in building communities

53 of 81

54 of 81

55 of 81

Use of AI for Making Deep Fakes

56 of 81

57 of 81

Break

58 of 81

INDIA

59 of 81

Components of Cyber Warfare

  • Computer Network Attack (CNA), Computer Network Defence (CND) and Computer Network Exploitation (CNE).

  • Computer Network Exploitation (CNE). CNE uses actions and operations to obtain information that would otherwise be kept classified and is resident on or transiting through an adversary's computer systems or networks. Cyber exploitations are usually covert in nature. They do not seek to disturb the normal functioning of a computer system or network. The best cyber exploitation is one that a user never notices. It is non-destructive.

  • Fundamental difference between a cyber attack and cyber exploitation is the payload's nature to be executed. A cyberattack payload is destructive, whereas a cyber exploitation payload acquires information non-destructively.

  • Intent has to change.

60 of 81

Defensive Cyber Operation

61 of 81

INDIAN NATIONAL CYBER SECURITY POLICY, 2013

62 of 81

Ministry of Communication and Information Technology �Department of Electronics and Information Technology�Notification on National Cyber Security Policy-2013 (NCSP-2013)

Dated: 02 July, 2013

STRATEGIES FOR NATIONAL CYBER SECURITY POLICY-2013 (1/2)

  • Creating a secure cyber ecosystem.
  • Creating an assurance framework.
  • Encouraging Open Standards.
  • Strengthening the Regulatory framework.
  • Creating mechanisms for security threat early warning, vulnerability management and response to security threats.
  • Securing E-Governance services.
  • Protection and resilience of Critical Information Infrastructure.

63 of 81

Ministry of Communication and Information Technology �Department of Electronics and Information Technology�Notification on National Cyber Security Policy-2013 (NCSP-2013)

Dated: 02 July, 2013

Strategies for National Cyber Security Policy-2013 (2/2)

  • Protection and resilience of Critical Information Infrastructure.
  • Promotion of Research & Development in cyber security.
  • Reducing supply chain risks.
  • Human Resource Development.
  • Creating Cyber Security Awareness.
  • Developing effective Public Private Partnerships.
  • Information sharing and cooperation.
  • Prioritized approach for implementation.

64 of 81

Ministry

Parent Agency

Security Agency

Full Nomenclature

Essential Role

PMO

NSC (NTRO)

NCIIPC

National Critical Information Infrastructure Protection Centre

Enforcing Agency, Guidelines for Protection to Govt Depts

MoCIT

DoIT

CERT-IN

Computer Emergency Response Team

Referral Agency to respond to cyber security incidents, on occurrence and report

NCCC

National Cyber Coord Centre

Coordinate Cyber Security

TERM

Telecom Enforcement Resource and Monitoring

Security in the telecommunication domain

MHA

IB

CMS

Centralised Monitoring System (under formulation)

Monitoring suspected sites under legal framework

MoD & Other Deptts

Services and Deptts

CISO

Chief Information Security Officer in each Service and Department

Implementing Agency under all Depts: Implement directions of CERT

Essential Focus : Cyber Security Structures in India

More in the nature of Policing & Assisting own Agencies

65 of 81

Ministry

Parent Agency

Security Agency

Full Nomenclature

Essential Role

PMO

NSC (NTRO)

NCIIPC

National Critical Information Infrastructure Protection Centre

Enforcing Agency, Guidelines for Protection to Govt Depts

MoCIT

DoIT

CERT-IN

Computer Emergency Response Team

Referral Agency to respond to cyber security incidents, on occurrence and report

NCCC

National Cyber Coord Centre

Coordinate Cyber Security

TERM

Telecom Enforcement Resource and Monitoring

Security in the telecommunication domain

MHA

IB

CMS

Centralised Monitoring System (under formulation)

Monitoring suspected sites under legal framework

Users MoD etc

Services and Deptts

CISO

Chief Information Security Officer in each Service and Department

Implementing Agency under all Depts: Implement directions of CERT

Full Responsibility

Bureaucratic Outlook

Little Responsibility

Essential Focus : Cyber Security Structures in India

More in the nature of Policing & Assisting own Agencies

Focus on Participative, Synergetic and Proactive Structures

66 of 81

CYBERSECURITY STRATEGY DOCUMENTS LACKED KEY ELEMENTS

  • Milestones and performance measures

  • Cost and resources

  • Roles and responsibilities

  • Linkage with other key strategy documents

67 of 81

NCIIPC

68 of 81

CERTIN

69 of 81

70 of 81

Global Cybersecurity Index : 2020

71 of 81

72 of 81

How a Remote Town in Romania Has Become Cybercrime Central

Râmnicu Vâlcea has only about 120,000 residents, but among law enforcement experts around the world, it has a nickname : Hackerville. The town is full of online crooks who cruise the streets in expensive European cars.

www.wired.com/2011/01/ff_hackerville_romania/all/

73 of 81

  • VIDEO CYBER CAPABILITY

74 of 81

Use of Fake News in INDIA

75 of 81

76 of 81

WHO IS WINNING ?

77 of 81

CONCLUSION

  • So What?
  • Who is spreading the narrative?
  • What is his interest?
  • See the other side of the hill.

78 of 81

79 of 81

80 of 81

THANK YOU

81 of 81

Q & A