Pakistan-India Cyberspace Shenanigans

234
By: Zaheema Iqbal & Hammaad Salik

The history of cyber warfare is not too long as it has taken place in last few decades as a global security challenge and a grave security threat to all nations. It is a new and volatile environment which often reduces power differentials among various actors thus providing a unique example of the diffusion of power which typifies global politics. Pakistan and India have been the regional rivals since their independence in 1947 with Kashmir being the most militarized zone in the world. Their intermittent relationship has been punctuated with conflict, provocation and war. While internet and cyberspace have facilitated communication between the two countries, it has also served to escalate tensions between both states. New technologies have quickly integrated into standard diplomatic and military doctrines. It’s been more than two decades now that both countries are engaged in cyberspace activities. Traditional conflicts and events were used as a tool for cyberspace patriotic hackers from both sides in order to launch website defacement campaigns most aptly called tit-for-tat defacements. Cyber engagements consist of website defacements which usually occurs on independence days, commemoration anniversaries and any other physical clashes between the two rivals. Terrorist attacks or skirmishes on the LOC (Line of Control) also results in escalation in cyberspace campaigns. While website defacements attract a lot of media attention and are simply publicity stunts, their effects are merely an annoyance for most of the population. Even though these cyber engagements can increase the tensions between two powers, they have not yet provoked a conventional conflict.  Other than hacktivist and patriotic hackers, both nations-backed cyber actors were reportedly engaged in cyber espionage against one another. It is observed that even with relatively unsophisticated tools, both side APT’s managed to steal information and achieve their strategic goal. This also highlights a huge gap in the security and privacy faced by both countries. More often, aberration in cyberspace engagements have become the norm: rarely a time goes by without some website defacements incidents making the headlines.

Pakistan also does not have any Central Cyber Command which can run the system. It’s high time for Pakistani policy makers to realize and take cyber as a real imminent threat which requires solid mechanisms and organization framework to handle.

Pakistani hackers seemed to have been the first ones to initiate cyberspace engagement targeting Indian’s websites. They were mostly active in retaliation for Indians hacking events, or after any incident occurred in Kashmir. In 1998, Pakistani hackers hacked the website of Indian Bhabha Atomic Research Centers, the primary nuclear research facility of India. In 1998, Pakistani hackers defaced an Indian Army propaganda website with messages denouncing torture in Kashmir by the Indian Army.  It was in November 2008 when Indian hackers defaced several Pakistani websites in retaliation for the Mumbai Terrorist attacks. Pakistan Cyber Army (PCA) a day later defaced of Indian Oil and Natural Gas Company as a reaction of Pakistani websites defacement after Mumbai attacks. A cyber security firm ThreatConnect identified PCA members later on but it remained unclear whether the group was working under the umbrella of Government or independently. In December 2010, Pakistani hackers hacked and erased data on the Indian Central Bureau of Investigation website as a retaliation for the defacements of November 2010. Two years later, in 2012 and 2014 witnessed series of tit-for-tat cyber-attacks between two countries in which Pakistani hackers defaced more than 400 websites on the eve of Indian Republic Day. In 2016, Pakistani hackers retaliated for the surgical strikes with the defacement of thousands of Indian websites while Indian hackers claimed to have access to Pakistani critical infrastructure networks. In 2017, Pakistani hackers ‘Pakistan Haxor Crew (PFC) hacked ten various Indian universities websites. The group claimed the responsibility and confirmed the defacement as a retaliation of Pakistan’s Railway website hacked by Indians a day before.

Indian hackers were identified as defensive in cyberspace. They mostly perpetrate website defacement on Pakistani government websites. Few of them claimed ransomware attacks on Pakistani government websites and airports. They are mostly active on Pakistani Independence Day and anniversary of the Mumbai attacks. One of the renowned hackers group The Mallu Cyber Soldiers (MCS) stands out from others due to number of cyberattacks it has perpetrated. They were formed in 2014 and claim to protect Indian websites from cyberattacks. They also restored number of websites which were defaced and informed website administrators about the vulnerabilities. In 2016, various Pakistani Ministries websites were hacked by Indian hackers on Independence Day. According to reports, Indian hackers defaced these websites including Ministry of Defense, Ministry of IT, Ministry of Water and Power, Ministry of Law and Justice, Ministry of National Food Security and Research and displayed Indian flag along with Indian soldiers’ pictures. In September 2017, Indian hackers attacked Pakistan users of Inpage software.  In Feb 2019, Indian hackers group named I Crew hacked several Pakistani websites after the incident of Pulwama attack. They hacked the websites and issued the list of hacked websites on social media. This year, Pakistan’s microfinance bank was hacked by Indian hackers on the eve of Independence Day.

As per reports by Indian Computer Emergency Response Team (CERT-In), total of 33,147; 30,067; and 15,779 Indian websites were hacked during the years 2016, 2017 and 2018 respectively. The Indian government had taken security measures to enhance the cyber security and to prevent cyber attacks in the country. The CERT-India is responsible for issuing alerts and advisories regarding cyber security exercises which are conducted regularly in order to enable assessment of cyber security posture and preparedness of organizations in government and critical sectors. Besides, the Indian government has also formulated a Crisis Management Plan to counter cyberattacks and cyberterrorism for implementation by all ministries. India has also established Cyber & Information Security Division (C&IS) which deals with matters relating to Cyber Security, Cyber Crime, National Information Security Policy and Guidelines (NISPG) and implementation of NISPG, NATGRID etc. As far as Pakistan is concerned, it has yet to develop its first Computer Emergency Response Team till today. The cyber response teams are fragmented and work in asylums. Pakistan also does not have any Central Cyber Command which can run the system. It’s high time for Pakistani policy makers to realize and take cyber as a real imminent threat which requires solid mechanisms and organization framework to handle.

Authors:

Zaheema Iqbal is a senior cyber security policy researcher at National Institute of Maritime Affairs, Bahria University Islamabad and member advisory Strategic Warfare Group.  Her interest includes Cyber Warfare, Cyber Defense Planning and Cyber governance. She can be reached at [email protected]

Hammaad Salik is an entrepreneur and member advisory Strategic Warfare Group. He aims to provide accurate and transparent cyber information to the general public.  His expertise is Cyber Warfare Operations, Kinetic and Psychological Warfare, AI & Big data. He can be reached at [email protected].

© All rights reserved