China needs to be taught a lesson for the cyber attack on Mumbai’s power grid

Brigadier Hemant Mahajan

A few weeks ago, there was news that Chinese hackers have attacked the power grid of Mumbai, due to which, power in Mumbai was cut off for 12 hours. ‘New York Times’, a leading American newspaper published an article on this. It said that China had taken revenge for India giving China a bloody nose in Galwan Valley. The message behind the cyber attack was – ‘If India takes tough lines, the whole country will face a severe power-cut’. This means that China had responded to India’s military action in this way. If this incident had happened on 22nd October 2020, then why was the news published in March 2021, that is, 4 to 5 months later ? What could be the reason for this ? According to many experts, China wants to warn India that if you try to defeat China militarily, we will launch a cyber attack on your ‘critical systems’, which will spread darkness all over India. How much of this is it true ? How big is the risk ? And to avoid such dangers being repeated in the future, what measures should India take ? We will try to analyse this here.

1. China’s cyber war against India and its types

The Maharashtra Government had said that this was not a cyber attack, but a human error. What then exactly happened ? It is up to the experts to decide about it; however, no one should doubt that China can launch such a cyber attack. Such attacks could cause great damage to India. China is waging wars on several fronts against India. Cyber war is one of the many wars such as psychological, propaganda, trade, water, environment, etc.

Recently all our systems have gone digital. You cannot live without the internet even for a minute. For example, all the power distribution systems, banks, railway reservations, Prime Minister’s Office, various schemes of the Ministries, etc. have been digitized. Cyber warfare involves attacking the relevant systems, hacking them, stealing information from them, damaging the country by shutting the systems down, disabling the systems by injecting viruses or slowing down the systems.

2. The equipment used in various systems of the country need to be verified

According to reports in the newspapers, China has launched more than 40,000 attacks on India in the last few months. China uses different tactics to fight India. China has established a command called ‘Strategic Forces’ and a ‘cyber agency’ under it. The command has explored many areas for carrying out cyber attacks such as the Prime Minister’s Office, the Ministry of Finance, the Ministry of Commerce, the Intelligence Departments. India’s power system is also on the same list prepared by China. Ten years ago, Bharat Heavy Electrical Limited’s (BHEL) materials were used in India’s power generating establishments. BHEL is an Indian establishment.

China tried to systematically destroy the establishment. Since 2003, a large number of Chinese equipments have been used in the energy sector. This increased the risk of cyber attacks. Even if you use any Chinese hardware, it contains ‘bugs’, ‘Trojan horses’ or other items that could lead to China monitoring you and shutting down the systems. Through this, China can take aggressive action in various ways. Therefore, India should stop using any China equipment. The Central Government has been vigilant in this regard for the past 2 years. On similar lines, the equipment already in use needs to be verified.

3. Many questions about the cyber attack on the ‘Power Grid’ still remain unanswered

Hackers work outside India. If India wants to secure its own digital systems, it must not use Chinese software, Apps, or even connect important systems to the Internet. Only selected people should be allowed to enter all these systems. In doing so, we can protect ourselves from cyber attacks.

The ‘New York Times’ reports that China has stepped up its cyber attacks against India in 2020. This was followed by discussions in the Indian media. If the cyber attack took place in October, why is it being discussed so late ? Is this not China’s ‘propaganda war’ ? How did the power outage take place ? It is for the experts to find out, but how did they intrude ? How did they manage to transfer this data ? From which ‘intellectual property address’ did they come to you ? Were those ‘addresses’ from India or from outside India? How were ‘Allware Systems inserted ? Many such questions remain unanswered.

4. India should always be one step ahead of the Chinese cyber security agency

The cyber agency owned by the Indian Army protects all cyber borders of the Department of Defence. From time to time, the agency also analyses all systems and provides information on the risks. It also advises on what precautions should be taken. In case of any possible attack on the system, advance notice is given. Similar work is being done by 3 more establishments working in our urban areas. Of these, the NTRO (National Technical Research Organization) works to extract classified information with the help of technology. These people have helped us many times to stop terrorist and cyber attacks. You should always be one step ahead of the Chinese Cyber Security Agency.

5. India’s has achieved much success in defending itself from Chinese cyber attacks

Hackers try to harass using new methods, and we try to build a protective wall. If an attack is likely to take place, the level of cyber security is also increased. Although China has launched several cyber attacks against India, India has been very successful in defending itself. China has made many efforts. But they have not succeeded as they wanted.

6. India’s anti-cyber attack technology needs to be faster

A. The Computer Emergency Response Team (CERT) is an Indian organisation working to respond quickly to cyber attacks. A news was published about the power outage in Mumbai, in which the rulers said, “We will analyse”. There is no time available for analysis in such cases, because cyber attacks take place all of a sudden, and the response has to be quick. For this too, CERT must be ready. Such a system should be different for each State or every public body.

The Indian Army has prepared a ‘wide network’ of its own. Through this, the country’s defence sector is kept in contact.

B. The Chief of the CERT is Lieutenant General Pant, who is very intelligent. His experience in this field is also immense. There are so many types of scams, attacks and crimes on the ‘Internet’ that it is impossible to list and describe them. Therefore, our cyber attack technology needs to be faster.

C. When the power grid was affected by a cyber attack and the power outage took place, the CERT must have tried to stop the attack. Whenever our soldiers fight a war against terrorists, the terrorist attacks are somewhat successful, and we also suffer some losses. At such times, our efforts are directed towards minimising the losses. The CERT is working well. Pakistan has also formed a hackers brigade. China has deployed its hacker brigade in Wuhan province. From there, they work in many places around the world. At present, India is their biggest enemy and they are trying hard to harass India. Therefore, we should increase and update our ability regularly.

7. ‘Cyber Surgical Strike’ is needed

It is said that the incident at the power station was a human error. Was this mistake made on purpose ? – this is also important to look at. China has the capability to carry out such attacks and will continue to do so on a regular basis. It is always difficult to defend ourselves. China suffers just as much as it suffers while defending itself. China also has a number of important areas, including the Ministry of Energy, the Intelligence Department, the Ministry of Foreign Affairs, and the Prime Minister’s Office. Can we hack their systems too ? This also has to be looked into. Just as India carried out a ‘surgical strike’ on Pakistan, there is a need to carry out a ‘cyber surgical strike’ on China. Scientists in India are capable of this, only they should be ordered.

8. India should give a fitting reply to China’s cyber war 

Just as there were 40,000 to 50,000 cyber attacks on India, there are also attacks taking place in China. The United States, Israel or India could be behind them. These things happen in a covert manner. Therefore, the Central Government did not comment on the case of an attack on the power grid. Whatever we say will provide information to the enemy. Therefore, the Government does not deliberately give out such information. The intensity of our attack should be more intense than that of China. ‘Cyber Surgical Strike’ should be carried out using the ability we have. At the level that China attacked India, India should give it back to them many times more.

– (Retd.) Brigadier Hemant Mahajan, Pune

‘Cyber Surgical Strike’ – At the level that China attacked India, India should give it back to them many times more !