NatStrat
Print Share

India’s Digital Front: Cyber Threats, Strategic Vulnerabilities and the Imperative of a Sovereign Digital India

  • Security
  • Jul 10, 2026
  • 20 min read
India's digital sovereignty,  National Cybersecurity,  Cyber Warfare

India’s National Load Dispatch Centre monitors the country’s electricity grid. | Grid Controller of India Limited.

MU Nair
MU Nair - Former National Cyber Security Coordinator of India

India's rise as a great power in the 21st Century, will be built or undermined in the digital domain, as much as on any conventional battlefield. The nations that will define the geopolitical order of the coming decades will be those that secured their digital ecosystems, built sovereign technological capabilities, and cultivated societies resilient enough to function and fight under sustained digital pressure. This article is a strategic assessment for apex decision-makers, policymakers and national stakeholders.

The Strategic Reality

Strategic competition and persistent hostile activities have already permeated India’s digital domain

Technology, digital infrastructure, and data now lie at the heart of global power struggles. India is facing a major strategic challenge, having built one of the world's most ambitious digital public infrastructures, including Aadhaar, Unified Payments Interface (UPI), DigiLocker, FASTag, the Ayushman Bharat Digital Mission (ABDM), GSTN, and a growing 5G network. At the same time, these advances have also created a large, mostly hidden attack surface that adversaries can exploit.

This is not simply a future risk but an ever-present reality. India's power grids have already been probed, and financial systems have been targeted. MIT's military communication architectures have also been tested for vulnerability. Its citizens, meanwhile, have been subjected to large-scale disinformation campaigns. The digital front is active, severely contested and increasingly consequential today.

What sets this moment apart from previous periods of technological disruption is the convergence of four accelerating forces. These include the extraordinary scale of India's digital exposure; the rapidly expanding capabilities of adversarial states, particularly the deepening Sino-Pakistani technological nexus; the democratisation of offensive cyber tools using AI and open-source frameworks; and the inadequacy of current governance, procurement, and industrial structures to respond at the required pace.

Future conflicts may not begin with artillery. Instead, they could begin, and perhaps even end with coordinated attacks on payment systems, power grids, and waves of automated disinformation. Such attacks could unfold simultaneously, with no clear source.

For India's political and military leadership, policymakers at the Centre and in every state, industry leaders, security and law enforcement institutions, and over one billion internet users, the message from the strategic environment is increasingly clear: the digital domain is now a primary theatre of national security. Those who govern, protect and inhabit this domain will need to act with the promptness and clarity that such a reality demands.

Understanding the Threat: How Cyber Attacks Manifest in the Indian Ecosystem

Critical Infrastructure as a Strategic Target

The most consequential category of cyber threat targets the systems that hold modern India together. Today, power grids, railway networks, air traffic management, banking clearing systems, port logistics, hospital networks and satellite ground stations are far more than just conveniences. Together, they form the nation's nervous system.

The documented intrusions into India's power infrastructure, some linked to hostile state actors, offer a glimpse of what a coordinated, large-scale cyber campaign might look like. A simultaneous multi-sector disruption affecting power, telecommunications and financial clearing across four to five major urban centres would involve far more than inconvenience. It could severely disrupt emergency services, freeze economic activity, disrupt military logistics and generate cascading crises that existing governance structures may struggle to manage simultaneously.

India’s rapidly expanding Internet of Things (IoT) ecosystem of smart meters connected to industrial systems and autonomous sensors, all embedded in critical infrastructure, further widens this vulnerability. Many of these devices still operate on legacy software that lacks uniform security standards and are manufactured within global supply-chains that may not have been fully audited.

Financial and Economic Disruption

With India’s UPI processing over 20 billion transactions monthly, making it the world’s largest real-time payments system by volume, a targeted disruption of UPI's backbone or a cascading failure triggered by a compromised National Payments Corporation of India (NPCI) infrastructure would have consequences extending well beyond financial inconvenience. It would strike at the foundational trust architecture of the Indian economy. The erosion of public confidence, capital flight and political instability could follow with significant speed.

Beyond payment systems, India's growing dependence on cloud infrastructure, much of it hosted on servers outside national jurisdiction, creates a strategic vulnerability that deserves far greater policy attention.

Data sovereignty is not just a legal concept. It has become an operational imperative during geopolitical crises when foreign jurisdictions may restrict, withhold or exploit access to critical national data.

Cognitive Warfare and the Battle for Indian Minds

One of the most difficult challenges of cyber threats facing India today is cognitive warfare. The systematic use of AI-generated deepfakes, coordinated disinformation, algorithmic amplification and targeted propaganda to manipulate public perception, inflame communal tensions, distort electoral processes and erode confidence in national institutions.

In a country as diverse and connected as India, where over 500 million citizens are active social media users and communal sensitivities can be weaponised rapidly, cognitive warfare is not just a nuisance. It has become a powerful tool for destabilisation.

Adversarial actors have already demonstrated the capacity to engineer viral disinformation campaigns targeting India's internal cohesion. The scale and sophistication of these operations are likely to increase with the continued advancement of generative AI.

Supply-Chain Compromise and Hardware Vulnerabilities

India's dependence on imported electronics, telecommunications equipment, semiconductor systems, and application software creates a structural vulnerability that cannot be resolved by software security alone. Hardware backdoors, compromised firmware, supply-chain infiltration and embedded malicious code represent threat vectors against which traditional perimeter cybersecurity defences are often ineffective.

These risks are particularly acute in network and cloud infrastructure, where equipment from vendors with opaque ownership structures and potential state-linked obligations creates persistent intelligence and disruption risks. Across India's expanding 5G network, smart city deployments, defence communication systems, and government digital infrastructure, the integrity and long-term security of software, alongside hardware, must become a non-negotiable strategic concern. The application and data centre ecosystem also requires full accountability and visibility, with API interfaces needing real-time monitoring for vulnerabilities.

Strategic competition is increasingly unfolding below the threshold of conventional war through cyber operations, economic coercion, disinformation campaigns, supply-chain manipulation and technological dependencies.

The Adversarial Landscape: Pakistan's Capabilities and the China Dimension

Pakistan: A Persistent and Evolving Cyber Threat

Pakistan's cyber capabilities have historically relied on and operated a combination of state-directed actors, military intelligence-linked groups, and non-state proxies. Groups attributed by international cybersecurity researchers to Pakistani state-backed threat actors such as APT36, also known as Transparent Tribe, have demonstrated sustained, systematic operations targeting Indian defence establishments, government institutions, diplomatic networks, universities, and energy sector organisations.

Pakistan's documented cyber playbook against India includes spear phishing campaigns against defence and government personnel, deployment of remote access trojans (RATs) to establish persistent presence within sensitive networks, targeting of Indian mobile platforms to gather geolocation and communications intelligence and cognitive warfare operations exploiting India's communal and regional fault lines.

While Pakistan's indigenous technical capabilities remain more limited than those of major state cyber powers, this assessment must be qualified by two strategic considerations. First, Pakistani intelligence has demonstrated a consistent willingness to deploy advanced commercial and proxy capabilities to compensate for indigenous limitations. Second, and more significantly, Pakistan's cyber capabilities cannot be assessed in isolation from its strategic partnership with China.

The China-Pakistan Cyber Nexus: A Strategic Force Multiplier

The deepening technological alignment between China and Pakistan has become one of the most consequential and underappreciated dimensions of India's strategic cyber threat environment. It extends beyond arms transfers or diplomatic alignment. It encompasses technology transfer, cyber capability sharing, network infrastructure integration, AI system development, satellite intelligence cooperation, and the embedding of Chinese technical expertise within Pakistan's military and intelligence digital infrastructure.

China's advancements across the full spectrum of digital warfare technologies, offensive cyber capabilities, quantum communications research, AI-driven autonomous systems, electronic warfare integration, satellite intelligence architectures, and deepfake generation platforms are all being progressively transferred, adapted, and operationalised within the Pakistani strategic establishment.

Independent threat intelligence firms have documented extensive cyber operations with footprints tracing to Chinese state-linked actors. The Galwan Valley crisis of 2020 was accompanied by a reported escalation in Chinese cyber activity targeting Indian financial institutions, power infrastructure, defence networks, and government systems. Chinese state-linked groups, notably those associated with APT41, have demonstrated advanced persistent threat capabilities that include long-term network infiltration, patient intelligence collection, and the prepositioning of disruptive capabilities within critical infrastructure for potential future activation.

The China-Pakistan digital nexus does not merely double India's adversarial cyber challenge. One where sophisticated state-level capability, regional intelligence access, and aligned strategic motivation converge against Indian interests.

The strategic implications are sobering. India faces not a bilateral cyber contest but a technologically reinforced adversarial ecosystem in which Chinese technical sophistication, Pakistani regional intelligence, and shared strategic objectives combine to create capabilities and persistence that neither adversary could sustain independently. India's strategic planning, capability development, and policy frameworks must explicitly account for this convergence.

The Policy Imperative: What India Must Build, Change, and Accelerate

National Cyber Command: Unity of Effort at the Apex

India's current cybersecurity governance architecture, while evolving, remains characterised by fragmentation. The National Security Council Secretariat (NSCS), through the office of the National Cyber Security Coordinator (NCSC), provides apex-level coordination but the Defence Cyber Agency (DCyA), Service Cyber Organisations, CERT-In, NCIIPC, NTRO, state police cyber cells, RBI’s financial cyber frameworks and sector regulators continue to function with inadequate coordination mechanisms. This architecture was designed for a period of lower threat intensity. It is insufficient for the strategic environment India now faces.

What India requires at the apex is an empowered, unified National Cyber Command with statutory provisions, a dedicated intelligence fusion capability, a real-time coordination architecture spanning military and civilian domains, and the mandate to defend as well as deter in the digital domain.

Moreover, this is not a matter of bureaucratic reorganisation. It is a strategic requirement for coherent national action in a domain where outcomes are determined by speed, effective integration, and above all, decisiveness.

Former Chief of Defence Staff of India, General Anil Chauhan at a military cyber defence exercise

Former Chief of Defence Staff of India, General Anil Chauhan at a military cyber defence exercise. | Press Information Bureau.

Digital Sovereignty: Building India's Own Ecosystem

India's strategic vulnerability in the digital domain is structurally inseparable from its dependence on foreign hardware, software platforms, cloud infrastructure, and telecommunications equipment. Reducing this dependence should not be viewed as technological nationalism. It is strategic logic. A nation that cannot guarantee the integrity of its communications in a crisis, that stores its citizens' most sensitive data on servers beyond its sovereign control, and that deploys critical infrastructure running on hardware with uncertain credentials has accepted a permanent structural vulnerability that no software security solution can fully remediate.

The priorities for building sovereign digital capability must include:

  • Accelerated development of India's indigenous semiconductor design and fabrication ecosystem under the India Semiconductor Mission.
  • Development and procurement of trusted indigenous telecommunications and network equipment for critical and government networks.
  • Creation of sovereign cloud infrastructure physically located in India, governed by Indian law, and operated by entities free of foreign government obligations.
  • Establishment of secure Indian operating systems, cryptographic standards, and communication protocols for defence and strategic government use.
  • Systematic development of domestic cybersecurity platforms, threat intelligence capabilities, and indigenously developed security tools.
  • Regulation of the app ecosystem requires each application to comply with minimum cybersecurity standards and mandates that every device connecting to any network meets minimum cybersecurity certification norms.

Technology Agnostic Policies and Procurement Reform

India's strategic technology policies, procurement frameworks, and regulatory structures must be explicitly designed to be technology-agnostic, vendor-neutral, and future-adaptive. The pace of technological evolution in the cyber domain renders rigid, technology-specific frameworks obsolete almost before they are implemented. Governance structures built around specific platforms, vendors, or technological paradigms create strategic rigidity and commercial binding that undermine security without compromising.

Procurement philosophy for technology must shift from lowest-cost commodity acquisition to strategic capability acquisition, evaluated based on security architecture, supply chain integrity, sovereign control provisions, technology transfer obligations, and long-term support independence. The Defence Acquisition Procedure under revision must cater for this or be supplemented by an equivalent framework for critical civilian digital infrastructure that applies analogous strategic scrutiny.

Regulatory frameworks governing telecommunications, data centres, cloud services, apps, APIs, and digital platforms must be built around results-oriented security requirements rather than specific technical prescriptions, enabling them to remain relevant through successive generations of technological change. Specifications must meet global benchmarks but be made in India and evaluated and certified by Indian labs.

Accelerating R&D: India Cannot Afford Decades-Long Innovation Cycles

The speed of capability development in cyber and digital warfare technologies has compressed strategic lead times from years to months. India's traditional research and development timelines, characterised by long gestation periods, sequential funding cycles, and inadequate industry-academia-defence integration, are structurally misaligned with this operational tempo.

India must create rapid cycle innovation mechanisms within its defence and national security R&D ecosystem. This requires:

  • Dedicated national cyber research centres with direct operational linkage to DCyA, Service Cyber Organisations, CERT-In, and NCIIPC.
  • Systematic engagement with the Indian startup ecosystem for rapid prototype-to-deployment pathways in cybersecurity applications.
  • Mission-oriented R&D programmes with defined operational objectives, time-bound deliverables, and performance-linked funding.
  • Structured mechanisms for translating academic research in AI, quantum computing, and cryptography into deployable national security capabilities at operational speed.

Legislation for the Cyber Age: Laws That Govern, Not Constrain

India's legal framework remains fragmented and, in several respects, incomplete in the face of the strategic threat environment. The Information Technology Act, despite amendments, was not designed to govern the full spectrum of modern cyber conflict, cognitive warfare, or supply chain security obligations. The Digital Personal Data Protection Act 2023 represents important progress on data governance, and CERT-In's 2022 directions on incident reporting strengthened operational frameworks. However, significant legislative gaps remain regarding state-sponsored cyber operations and response mechanisms, as well as critical infrastructure liability.

Comprehensive, forward-looking cyber legislation must address:

  • Attribution and response frameworks for state-sponsored cyber operations.
  • Mandatory security standards and liability frameworks for critical infrastructure operators.
  • Supply chain integrity requirements for hardware and software used in sensitive government and defence systems.
  • Data localisation obligations calibrated to genuine sovereignty imperatives.
  • Legal frameworks governing offensive cyber operations, digital deterrence, and escalation management.
  • Robust privacy and data protection provisions that build citizen trust in India's digital public infrastructure.

Roles and Responsibilities: A Nation-Wide Response Architecture

The Central Government: Setting Standards and Enabling Capability

At the Centre, the imperative is to translate strategic intent into operational architecture not merely by issuing advisories and policies but by creating the institutional machinery, funding mechanisms, legal frameworks and inter-agency coordination structures that enable coherent national action.

Cybersecurity needs to be treated as a national security priority at the highest political and institutional levels rather than as a secondary domain delegated entirely to the technology ministry. The NSCS’ digital security mandate must be operationalised with the same seriousness of purpose applied to conventional military preparedness.

State Governments: The Critical Last Mile

State governments are simultaneously among India's most significant digital infrastructure operators and among its most attractive cyber-vulnerable ecosystems. State-managed power distribution networks, police communication systems, land records databases, health information systems and citizen service platforms constitute a vast array of potentially exploitable entry points into India's national digital ecosystem.

State Cyber Security Operations Centres, aligned with the national framework but operationally responsive to state requirements, are not optional features. They are operational necessities. State governments must be empowered with funding, technical assistance, and standardised frameworks to build genuine cyber resilience across their digital infrastructure. The Centre-State relationship in cybersecurity must evolve from a directive model to a collaborative partnership for capability-building.

Industry: Security as a Strategic Obligation

India's private sector, which owns and operates the overwhelming majority of the nation's critical digital infrastructure, bears a strategic responsibility that extends beyond commercial risk management. Banks, telecommunications providers, logistics networks, power distribution companies, healthcare systems and digital platform operators are not merely businesses. They are components of national critical infrastructure whose failure in a coordinated cyberattack would generate consequences indistinguishable from an attack on state systems.

Industry must internalise security by design principles across all digital products and services, invest in operational technology security with the same rigour applied to information technology, participate actively in national threat intelligence sharing frameworks, enforce supply-chain security standards and support the development of indigenous cybersecurity capabilities through procurement preference, investment, and technology collaboration with Indian developers. India possesses some of the finest cybersecurity talent and technical competence in the world and Indian industry must leverage it.

Law Enforcement: Capability for the Digital Crime Environment

India's law enforcement architecture, from state police cyber cells to the National Investigation Agency (NIA) and Central Bureau of Investigation (CBI) technology crime units, requires systematic capability enhancement calibrated to the sophistication of the threat environment. This encompasses advanced digital forensics capabilities across state and central agencies; AI-assisted threat detection and network monitoring systems; structured coordination mechanisms that enable rapid joint operations across jurisdictional boundaries; dedicated capacity for investigating and attributing state-sponsored cyber intrusions; and international law enforcement partnerships for coordinated responses to transnational cyber threats.

The cybercrime investigation capability gap between India's major metropolitan centres and its smaller cities, towns, and rural areas represents both a law-enforcement vulnerability and a national-security risk. Equalising this distribution of capabilities must be treated as a national priority.

Citizens: The Nation's First Line of Digital Defence

In the cyber domain, India's over one billion internet users are not merely passive beneficiaries of government-provided security. They are simultaneously the most numerous potential victims and the most important line of active national defence. Citizens who can recognise phishing attempts, verify information before sharing it, protect personal data, identify deepfakes, and practise basic digital hygiene constitute a formidable collective security asset.

National digital literacy programmes must be elevated from the status of government schemes to a strategic national priority on par with physical fitness or civil defence preparedness. Schools, employers, community organisations, and the media all have roles to play in building a digitally resilient citizen. The Cyber Swachhta Kendra model offers a foundation. What is needed is a programme of genuinely national scale, continuity, and strategic purpose.

Server infrastructure inside a modern data centre

Server infrastructure inside a modern data centre. | Economic Times.

The Choice Before India

India stands at a strategic inflexion point in the digital domain. The transformation of cyber operations from peripheral inconveniences to central instruments of strategic competition has outpaced the adaptation of governance structures, industrial capabilities, and public consciousness. The adversarial ecosystem arrayed against Indian interests, characterised increasingly by the convergence of Chinese technological capability and Pakistani strategic motivation, is not static. It is expanding, accelerating, and deepening its penetration into India's digital landscape.

The window for resolute action is open, but it will not remain so indefinitely. With every passing year without the establishment of a coherent national cybersecurity architecture, adversaries deepen their mapping of India's critical systems. Every procurement cycle that prioritises cost over supply chain integrity embeds another potential vector of compromise into India's infrastructure. Every month of delay in building sovereign digital industrial capability is another month of structural vulnerability that no software patch can remediate.

The strategic choices before India are not primarily technical. They are choices of national will, institutional priority, and resource allocation. Building a digitally sovereign and cyber-resilient India requires investment at a scale commensurate with the threat, governance reform at a pace commensurate with the adversary's speed of adaptation and a national consciousness that recognises the digital domain not as a sphere of commercial opportunity alone, but as a theatre of strategic contest where India's sovereignty, prosperity, and democratic resilience are actively at stake.

India's rise as a great power in the 21st Century, will be built or undermined in the digital domain, as much as on any conventional battlefield. The nations that will define the geopolitical order of the coming decades will be those that secured their digital ecosystems, built sovereign technological capabilities, and cultivated societies resilient enough to function and fight under sustained digital pressure.

A secure digital India is not merely a technology project. It is the foundational infrastructure of sovereignty itself.

The foundation architecture of India's digital future, trusted, sovereign, resilient, and strategically independent, must be built now, with the promptness that a clear and present strategic challenge demands. The decision rests with those who hold the levers of national power, industry leadership, and institutional authority. The responsibility rests with all of us.

In this rapidly evolving geopolitical environment, India’s digital ecosystem is no longer merely an engine of economic growth. It is a significant national asset operating within an increasingly contested global technological order.

[The article is exclusive to NatStrat. The views expressed by the author(s) are personal and do not necessarily reflect the views of the organisation.]

References

Note on References: All threat intelligence citations draw from publicly available reports by accredited cybersecurity research firms. Attribution of cyber operations to state actors reflects the assessments of these independent researchers and does not constitute official attribution by the Government of India. Statistical figures are drawn from the most recent available data as of the date of publication; readers are advised to verify current figures against live NPCI, TRAI, and MeitY data sources.

A. Threat Intelligence and Adversarial Landscape

  1. Recorded Future Insikt Group. "China-Linked Group RedEcho Targeting India's Power Sector" (28 February 2021). Documents Chinese state-sponsored RedEcho group targeting ten Indian power sector organisations, including Regional Load Despatch Centres, from mid-2020, coinciding with the Galwan Valley crisis. Available: recordedfuture.com
  2. Symantec / Broadcom Threat Hunter Team. Reports on ShadowPad trojan campaigns against Asian power grid infrastructure (2021–2023). Documents APT41-linked activity that overlaps with campaigns targeting India's power grid. Available: symantec.com
  3. BlackBerry Threat Intelligence. "Transparent Tribe Targets Indian Government, Defense, and Aerospace Sectors Leveraging Cross-Platform Programming Languages" (May 2024). Documents APT36/Transparent Tribe operations against the Indian government, defence, and aerospace from late 2023 to April 2024. Available: blogs.blackberry.com
  4. Arctic Wolf Labs. "Transparent Tribe Targets Indian Government, Defense, and Aerospace Sectors" (May 2024). Independent corroboration of APT36 campaigns, including new Golang-based espionage tooling. Available: arcticwolf.com
  5. CYFIRMA Research. "APT36 Phishing Campaign Targets Indian Defense Using Credential-Stealing Malware" (June 2025). Documents continued APT36 operations using NIC-spoofing PDF lures against Indian defence personnel. Available: cyfirma.com
  6. NUS Lee Kuan Yew School of Public Policy, China-India Brief #230. "From the Border to Cyberspace: Investigating the Post-Galwan Escalation of Chinese Cyber Attacks Against India." Provides a thorough timeline of Chinese cyber escalation following Galwan, including the October 2020 Mumbai power outage and targeting of vaccine IP. Available: lkyspp.nus.edu.sg
  7. US Department of Justice. Indictment of APT41 members (September 2020). Formal documentation of APT41 capabilities and state nexus, including campaigns targeting Indian financial and infrastructure targets. Available: justice.gov
  8. Zscaler ThreatLabz. Analysis of Transparent Tribe Linux-targeting campaigns (September 2023). Documents novel use of Linux desktop entry files as attack vectors by APT36. Available: zscaler.com

B. Digital Infrastructure and Statistical Data

  1. National Payments Corporation of India (NPCI). Monthly UPI Product Statistics (ongoing). Source for UPI transaction volumes: 21.63 billion in December 2025; approximately 20.4 billion in February 2026. India is the world's largest real-time payments system by volume. Available: npci.org.in
  2. Press Information Bureau, Government of India. "UPI Completes 10 Glorious Years: Emerges as World's Largest Real-Time Payments Platform" (April–May 2026). Documents 24,162 crore UPI transactions in FY2026 and ₹314 lakh crore in transaction value in FY2025–26. Available: pib.gov.in
  3. Kepios / DataReportal. Digital 2026: India (October 2025). Source for internet users: 1.03 billion in October 2025 (70% internet penetration); 500 million social media user identities (34.1% of the population). Available: datareportal.com
  4. FICCI-EY Media & Entertainment Report 2025. Source for India's social media user base reaching 500 million in 2025 and 880 billion hours spent on social platforms, a 10% year-on-year increase. Available: ey.com
  5. Internet and Mobile Association of India (IAMAI) / Kantar. Internet in India Report 2024 (January 2025). Documents an active internet user base of 886 million in 2024, with a projected crossing of 900 million in 2025. Available: iamai.in

C. Frameworks: Policy, Legislative, and Governance

  1. Ministry of Electronics and Information Technology (MeitY). Digital Personal Data Protection Act 2023 (DPDP Act). India's primary data protection legislation. Available: meity.gov.in
  2. CERT-In (Indian Computer Emergency Response Team). Directions on Information Security Practices, Cyber Incidents, Reporting and Other Related Matters (April 2022). Establishes mandatory incident reporting timelines and cybersecurity obligations for Indian organisations. Available: cert-in.org.in
  3. India Semiconductor Mission. Official programme documentation. Covers India's stated priorities for indigenous semiconductor design, fabrication, and ecosystem development. Available: indiastack.gov.in/ism
  4. Ministry of Defence. Defence Acquisition Procedure 2020 (DAP 2020).The document under revision. The reference framework for defence procurement that the article recommends supplementing with an equivalent for critical civilian digital infrastructure. Available: mod.gov.in
  5. National Cyber Security Policy 2013. India's foundational cybersecurity policy document, cited as context for governance, leaves gaps that the article recommends addressing through updated legislation and an apex authority. Available: meity.gov.in

D. Strategic and Academic Literature

  1. Observer Research Foundation (ORF). "Chinese Cyber Escalation Against India's Electricity Grid Amidst the Boundary Crisis" (2025). Analyses the PRC's use of cyber operations as an asymmetric instrument during the LAC crisis. Available: orfonline.org
  2. Malwarebytes Threat Intelligence. "China's RedEcho Accused of Targeting India's Power Grids" (March 2021). Provides an accessible overview of the Recorded Future findings on RedEcho operations. Available: malwarebytes.com
  3. Haltdos Security. Analysis of Chinese cyber operations against the Indian power grid in the context of the Galwan crisis (2022). Documents the October 2020 Mumbai power outage and its connection to Chinese cyber activity. Available: haltdos.com

     

Related Articles