China's Cyber Warfare: Targeting Indian Defense Research Organizations and More | Important Defence Update for SSB Lecturette

China's Cyber Warfare

Targeting Indian Defense Research Organizations and More

The Rise of Chinese Cyber Warfare Units

In recent years, the Chinese People's Liberation Army (PLA) has established specialized cyber warfare units with the objective of targeting not only Indian defense research organizations but also various other departments. These units form an integral part of China's comprehensive cyber strategy, which dates back to its initial investments in cyber warfare in 1997. This strategy is driven by a broad range of objectives derived from Beijing's interests in the digital domain.

Contrasting Approaches: India vs. China

• China has actively invested in and developed its cyber warfare capabilities, while India is still in the process of shaping its approach to cyber operations.
• Indian state-sponsored cyber offensives primarily target Pakistan, with fewer instances aimed at China.
• The number of publicly attributed Indian cyber operations is significantly lower compared to those attributed to China.
• The lack of publicly available information on Indian intelligence agencies and armed forces' cyber activities makes it challenging to identify the leading entities behind offensive cyber campaigns in India.

Capabilities of Chinese Hackers

• Chinese hackers demonstrate proficiency in spear phishing techniques, utilizing tactics like using compromised email addresses and impersonating relevant individuals to their targets.
• They excel in installing custom backdoors, employing credential stealers and keyloggers, infecting removable drives, and utilizing rootkits and MBR bootkits to conceal malware and ensure persistence on compromised systems.
• Adaptability and agility are notable strengths of Chinese hackers, as they can modify and adapt source code to sustain their activities over extended periods while maintaining consistent tools, tactics, and infrastructure.
• Chinese hacking groups frequently develop and adapt Zero-Day exploits, allowing them to exploit vulnerabilities before they become publicly known.
• They employ encoded command-and-control (C2) infrastructure embedded within forums and posts, making it difficult to trace the true location of the C2 and enabling the infrastructure to remain active for prolonged durations.

The Operational Capabilities of Indian Hackers

The operational capabilities of the Indian hacking community, as observed from attributed operations, are relatively modest compared to their Chinese counterparts. Spear phishing emails remain the primary tactic, often reusing command-and-control infrastructure and decoy documents. Indian hackers have also utilized SQL injection techniques to gain unauthorized access to website servers, defacing websites in the process. In terms of malware, they employ information stealers like Delphi Information Stealers, file splitter tools, and various other malware written in Visual Basic.

China's Ambitious Cyber Objectives

China's cyber strategy goes beyond immediate objectives. It aims to establish a significant global digital footprint, which it can leverage to project economic and political power and influence the global order. China sees cyber dominance as a means to shape the world order and enhance its overall standing on the global stage. In contrast, India's current cyber policy primarily focuses on securing its cyberspace and lacks a clear notion of cyber as a tool for projecting power or influence. The Indian military's role in the cyber domain is yet to be clearly defined.

The Need for a Comprehensive Indian Cyber Strategy

As cyber warfare continues to evolve and play an increasingly crucial role in global affairs, it is imperative for India to develop a comprehensive cyber strategy that aligns with its strategic objectives. This strategy should not only focus on defensive measures but also incorporate offensive capabilities to safeguard India's interests in the digital realm. By investing in cyber warfare research and development, nurturing skilled cyber personnel, and fostering partnerships with the private sector, India can enhance its cyber capabilities and effectively respond to emerging threats.

Conclusion: Navigating the Cyber Landscape for India's Security and Interests

In the face of China's growing cyber warfare capabilities and aggressive cyber operations, India must recognize the need to adapt and strengthen its approach to cybersecurity. By formulating a comprehensive cyber strategy that encompasses defensive and offensive measures, India can enhance its ability to protect its critical infrastructure, secure sensitive data, and safeguard its national interests. It is crucial for India to invest in cyber defense research, develop advanced cyber technologies, and foster international collaborations to effectively navigate the evolving cyber landscape and emerge as a resilient and secure digital nation.