In April 2015, the website of the office of Principal Controller of Defence Accounts (Officers) — PCDA(O) — located in Pune, was hacked. The website contains information about salaries and allowances of all serving officers of the Indian Army, across ranks. Though officials claimed that no data was lost, the act prompted the office to launch a new website with updated security features.
Nearly a year later, the same office warned Army officers against clicking on links sent to them via fake messages, saying PCDA(O) had developed a phone-based app and was seeking the officers’ personal information. The messages were considered to be another attempted cyber attack.
This example from Pune in the recent past is yet another proof of the increasing threat of cyber terrorism, pointed out defence officials.
With almost all sectors — railway networks, communication and stock markets among others — heavily dependent on data communication and storage, experts fear that a cyber attack on any of these is capable of causing more damage than conventional forces.
A senior Army official, who has been working in the field of cyber security, said, “This is an ongoing war and it is on as we speak. The threat to our cyber security is not just from countries like China and Pakistan, but also from non-state actors like terror groups. And these attacks can come in any form, such as hacking of websites, computer viruses and Trojan attack. It can also be a more specialised form of attack, like denial of service, a cyber attack when even authorised persons lose access to their systems, or a cryptological attack, when the attacker encrypts all the data and it takes time and effort to decrypt it. In this non-contact type of warfare, the adversaries will try to cripple each others’ systems, rather than actually carry out an attack on the ground.”
National security expert Lieutenant General (Retired) D B Shekatkar, who has served in the intelligence arm of the Army, said, “Cyber terrorism is currently one of the biggest challenges to national security. We are heavily dependent on web-based technology for the operation of railway networks, air transport network and communications networks. These systems can be brought to a grinding halt by cyber attacks… for example, attacking the railway or air traffic network would prove way more damaging than bombing a bridge or an airport. These attackers can even target our nuclear armoury or satellite systems.”
Another Army official spoke about the “psychological aspect” of a cyber attack. “Here, the adversaries indoctrinate people, especially the young generation. They then train and use them to carry out attacks on others. We have several examples of the youth being targeted through Internet by organisations like the Islamic State.”
He added, “But the Indian Army is keeping no stone unturned in preparing itself to face any kind of cyber attack. We are in constant communication with the National Informatics Centre, the Indian Computer Emergency Response Team, the National Information Security Assurance Programme of the central government. Regular cyber audits are carried out at the unit level and above. The Army strictly uses its own network for internal communication… storage devices are completely prohibited and any kind of violations is strictly dealt with”.