Next level Cyber War

May 30, 2017 Illustration(s): By Anoop Kamath / SP Guide Pubns
By Lt. General P.C. Katoch (Retd)
Former Director General of Information Systems, Indian Army


The news about IAF's Sukhoi SU-30 gone missing near India-China border has been making headlines. The Sukhoi had taken off on a routine training mission on 23 May 2017 when radar, radio contact was lost roughly 60 km north of Tezpur air force base in Assam. Debris of the Sukhoi was located on May 26 in dense jungles of Assam. Black Box of the aircraft has been recovered by the search party at the site of the crash. While there is no news of survivors, the IAF has ordered an inquiry into the crash. There has been speculation that the fighter went down due to bad weather conditions though the twin engine Sukhoi is all-weather long-range fighter. Since 1997, seven Sukhoi-30 fighter planes have been lost in crashes. On 15 March 2017, a Sukhoi SU-30 jet had crashed in Rajasthan's Barmer district. Now analysts based in vicinity of New York and St Petersburg have indicated that this Sukhoi that went down on May 23 close to the India-China border (despite being an advanced fighter and which had been mechanically certified safe for the mission) may have crashed as result of "cyber-interference with the onboard computers" in the cockpit. Given the range and complexity of cyber interference, the source of the attack could have been from thousands of kms away but also not from very far away — China. While search for the missing Sukhoi was on, China that normally resorts to rhetorical diarrhoea at every opportunity, only responded with a terse message that it had no information on the missing Sukhoi and warned India on "disturbing peace". There is speculation about EMP (electromagnetic pulse) attack, while some discount it outright considering the range and power required for the EMP weapon, though both these factors are very much feasible in the instant case.

China's cyber warfare program is highly advanced and so are her programs in space and the electromagnetic fields. China was training some 600 PLA personnel annually in electronic warfare a decade back; the number of which may have gone up. China's 'Strategic Support Force' combines the functions of intelligence, technical reconnaissance, electronic warfare, cyber warfare and space warfare, all of which gives tremendous capability to strike silently optimizing these functions. In 2015, China for the first time formally acknowledged through its publication 'The Science of Military Strategy' that the PLA and China's intelligence community have specialized units for waging war on computer networks. Earlier, Chinese officials had been routinely dismissing allegations that they spy on US corporations to steal trade secrets or have the ability to damage critical infrastructure like electrical power grids and gas pipelines through cyber attacks. Given the fact that pinpointing the source of a cyber attack is very difficult and even it is traced to mainland China, the Chinese government deflects it to private individuals, cyber-space is free for all. Under this cover, China has been launching cyber attacks in India regularly with impunity with multiple motives including even to simply embarrass. During the 2010 Commonwealth Games held in New Delhi, there were a staggering 8,000 cyber attacks on ticketing and other systems of the games. Being of no particular value, these were obviously to just embarrass India. Concurrently in the same year, a power glitch in the solar panels of INSAT-4B satellite (possible cyber attack) resulted in 12 of its 24 transponders shutting down, which in turn shut down services to an estimated 70% customers of Indian Direct-To-Home (DTH) companies. While this was attributed by some to the Stuxnet worm, consequences of INSAT-4B going dead was that SunDirect redirected customer satellite dishes to point to ASIASAT-5, a Chinese satellite owned and operated by Asia Satellite Telecommunications Co. Ltd (AsiaSat); two primary shareholders of AsiaSat being General Electric and state-owned China International Trust and Investment Co (CITIC).

As per Western scholars, China has divided its cyber warfare forces into three categories: first, specialized military network warfare forces consisting of operational military units employed for carrying out network attack and defense; second, specialists in civilian organizations (Ministry of State Security (MSS) and Ministry of Public Security) authorized by PLA to undertake network warfare operations, and; third, external entities outside the government that can be organized and mobilized for network warfare operations. The PLA spearheads China's cyber warfare program, employing an army of some 65000 hackers. PLA's Unit 61398 is reportedly the focal point for engineering hacking attacks. It is significant to note that the above mentioned analysts based in vicinity of New York and St Petersburg have pointed out that the small amount that India sends on building cyber capability, mostly gets expended on foreign vendors, rather than domestic producers. In sharp contrast China has indigenized its cyber capabilities over the past 15 years. Sure we have the NTRO (National Technical Research Organization) tasked with the protection of our critical security cyber infrastructure, plus institutions like CERT-IN (Computer Emergency Response Team-India) doing their job, but what are we doing about capacity building offensive cyber warfare programs to counter the ongoing hybrid war, what are the plans for establishing the credibility of such capability and how long are we going to keep the military away from it, rather than letting the military lead the cyber warfare program as in the US and China?