From NEET/CBSE to JLR and PSLV, our cyber vulnerabilities are outpacing cyber defences; Time to course-correct

Indians demonstrate the correctness of Murphy’s law repeatedly: if something can go wrong, it will. If it, miraculously doesn’t, we will find new ways to screw things up.

While this is an unflattering view of the average Indian’s (and officialdom’s) chalta-hai attitude, let us step back and ask a different question: what is the single thread (apart from our own follies) that may (or may not) connect the NEET paper leaks, the CBSE exam paper mess (and denial-of-service attacks on the portal), the sudden appearance of the Cockroach Janta Party a few weeks ago, the Bangladesh and Nepal street protests of 2024 and 2025 that sent two incumbent governments packing, the crash of a Tejas aircraft during an airshow in Dubai last year and the endless delays in the delivery of engines for the Tejas programme by GE, the death of India’s first Chief of Defence Staff in a helicopter crash in 2021, and the failure of two PSLV launches - both carrying critical security and surveillance satellites - in two consecutive years? We can add to the list the US targeting of Gautam Adani, India’s richest individual, in an alleged victimless crime (now settled out of court), the short-selling of Adani stock following a negative report by Hindenburg Research on the group, followed in due course by the massive general selling of Indian equities by foreign institutional investors, and the cyber-attack on Jaguar Land Rover (JLR), the only India-owned car company in the UK. JLR lost millions of pounds due to this cyber-attack, and one wonders why only an Indian-owned company was chosen for this honour.

You don’t have to believe in conspiracy theories too much, but we must acknowledge one reality: India’s rise will be more contested than the rise of any country, with both America and China keen to slow it down. We didn’t even need to imagine this as Christopher Landau, US deputy secretary of state, made it crystal clear at this year’s Raisina Dialogue. He said in so many words that the US won’t facilitate India’s rise as it does not want to repeat the mistakes it made with China. Translated, this means the US could do a lot to impede our rise – as it did by imposing mindless tariffs and secondary sanctions on India last year under the guise of tackling Russia’s aggression in Ukraine.

One cannot speculate where, or in which of the incidents above, foreign parties may have had an active hand in embarrassing India – though, one must admit, we have an innate ability to mess things up without any external help – but there is an unstated linkage here. Even if the US or China had nothing to do with some or all of these failures, they will at least be secretly happy about it. In any case, any direct attempt to damage India will be done with the help of third parties, which gives them plausible deniability. They can then pretend to help us out of our trouble and force us to compromise in some area or the other.

There is a novel to be written about how the US Deep State, in a wink-and-a-nod relationship with China and some of its puppet states (Pakistan comes to mind), now has a strong reason to actively damage India’s growth story.

I would begin the novel sometime in 2019, at the basement of the CIA headquarters, where a deeply anti-India senator, some unnamed deputy directors of the CIA and FBI, a George Soros or Ford Foundation representative, and a publisher of one of the big media houses, all gather to discuss India and how it may pose a future threat to US hegemony. The idea would be to separately and collectively, with plausible deniability, do what they need to do to undermine India’s growth story, and, even more specifically, damage the credibility of the Modi government through subtle information warfare.

Reason: not only does the US not want India to become a future economic and military challenger, but its civil society and evangelical organisations are deeply antagonistic to Hindu India. If not a balkanisation of India, they would like an enfeebled India, run by a weak coalition government which can easily be manipulated by various NGOs and arms of the extended US Deep State. The fictional 2019 meeting was prompted by the big Modi win in the 2019 Lok Sabha elections, which the western media thought was unlikely to result in yet another majority government, but turned out differently. Now that the third Modi government is a coalition, the games have begun.

The consensus in this fictional Deep State strategy meeting would have been the following:

One, we (the “we” here and below refer to a hypothetical US Deep State group plotting to undermine India) must cut the ground from under the Modi government by both creating civil confrontations on the street, and by backing opposition politicians. The 2019 farm protests, the anti-CAA agitations, and the anger generated over the current NEET and CBSE failures are cases in point. These protests do not lack real reasons for street protests, but they can also be financed and instigated from abroad. Enter foreign support for all these protests, and the Cockroach Janta Party, to fan youth unrest.

Two, “we” must arrest India’s military rise and (if possible) prevent it from becoming too self-sufficient in most high-tech military hardware, especially in areas like fighter aircraft and engines. The modernisation of the military and creation of theatre commands was delayed when the first Chief of Defence Staff (CDS), Gen Bipin Rawat, was killed in a helicopter crash in 2021. And even five years later, theatre commands remain on paper. They are still to be implemented even though another CDS has completed his term in office. As for expansion of the Tejas fleet, we know that it is the US that has caused all the delays by holding back on engine deliveries. It is a big worry that we continue to rely on US GE engines for so critical a programme.

Three, “we” must interfere with India’s advancement in frontier technologies. The failures of two critical PSLV launches could well have been the result of Trojans – in the same way the Stuxnet was introduced into the Iranian nuclear programme’s systems to delay it. It is worth recalling that ISRO’s S Nambi Narayanan was arrested in the 1990s on false charges of spying for Pakistan, when the entire case was probably orchestrated by external powers in order to delay advances in India’s cryogenic engine programme with space applications. The PSLV failures fall into the same pattern of inimical forces seeking to slow down our ability to run our own space-based surveillance. The possibility of mala fide hacking of the NEET exam papers and CBSE fiascos cannot be ruled out. But one must also point out that we are equally capable of shooting ourselves in the foot.

Four, “we” must make the Indian neighbourhood hot for India so that its focus remains on securing its own internal security and the neighbourhood. While Pakistan can always be relied on to remain hostile to India, the challenge is to make Bangladesh and Nepal also part of the hostile caucus of inimical neighbourhood powers. This is what has partially come to be, even as the Indian response is yet to be fully formulated.

Five, “we” must use every opportunity to run down India’s growth story, and help this story stick by shifting western capital out of India in the medium term.

But here’s the point: There are enough ingredients in the list of Indian failures or challenges to make a convincing spy thriller, but we would be wise to treat all these as our problems, ours to fix, and not the doings of dangerous friends-cum-foes – though that may well be the case in some areas. The only way to rise is by fixing our own weaknesses, not blaming others for it.

The first place to fix things is cyber space. In all those Indian failures mentioned above, a lot of the damage could have been done through cyber-attacks, and in some cases, it is obviously so – as it was with the denial-of-service attacks on the CBSE portal in the last few days.

Indian infrastructure is too digitally exposed and vulnerable to cyber threats right now, and this is what we can never allow to fester in the age of artificial intelligence, and Anthropic’s Mythos, which can (reportedly) expose cyber vulnerabilities very quickly, leaving little time to build patches to cover the holes. Many of those failures listed above would have a cyber vulnerability component, whether it is the exam paper leaks or PSLVs. Time to build our cyber defences (and offences).

And yes, building cyber defences must be accompanied by cyber offence capabilities, for sometimes when the culprit (or country) is known, the only deterrence will be the ability to strike back.

Our ability to defend our digital vulnerabilities has been outpaced by our explosive digital growth. It should be Priority No 1 this year. Maybe, just maybe, we should declare a cyber emergency without causing undue panic.

Comments

Post a Comment

Popular posts from this blog

Preparing for the worst-case scenario with the US

  The other day, US Commerce Secretary Howard Lutnick suggested in a podcast with a Sri Lankan venture capitalist that India lost the possibility of a quick trade deal with the US because Narendra Modi did not call Donald Trump during the time window allotted to him for signing up.  This may at least be partially true, but it is ridiculous nevertheless. A trade deal, where diverse interests and multiple concerns have to be reconciled, is not like a real estate deal between two people where one party or the other can set a take-it-or-leave-it deadline. A trade deal is signed by two nations (or trading blocs) and not between an individual and a country.  It is true that the US’s allies have done so, signing up with Trump by agreeing to his absurd conditions. But these deals are unlikely to stand the test of time. For example, the European Union (EU) agreed to buy $750 billion of US energy and invest $600 billion in the US by 2028 - which is just two years away - but how i...
Read more

After 2 mega trade deals, reforms must be sold to the people by Modi. Reform by stealth is not an option

If 2026 is to go down as India’s next 1991, when the country reformed massively out of fear of external bankruptcy, the current set of reforms have to be sold to the people. They cannot any more be sneaked in by stealth.  Several reasons why. First , with two major trade agreements under the belt (there is still some time to go before they get formalised), one with the European Union and another with the US headed by a temperamental Donald Trump, the competitive scenario for our agriculture, business and services is going to change dramatically. Unlike smaller free trade deals signed earlier, these two mega-deals will have both winners and losers. There will be political costs to pay if the government is not proactive in addressing the concerns of those who think they will lose. Second, our successful software services companies, till recently one of the best avenues for high-quality jobs, will face a crunch as artificial intelligence-based platforms (like Anthropic’s Claude Cowor...
Read more

Beyond WaPo angst: Why journalists need to abandon hubris and look within

It was a sad day for journalists when one of the world’s most iconic newspaper brands, The Washington Post (WaPo) , announced on 5 February that it would be sacking a third of its staff . It would be closing down its sports and books sections, and downsizing its international and local news coverage.  But it was a sadder day when journalists expressed outrage, believing themselves to be immune from economic pressures. Unlike workers in other sectors, journalists believe that they are doing something nobler and more saintly. The headlines say it all. The Guardian quoted a former WaPo executive editor as saying that it was a “bloodbath”. So did “ The Independent” . The Atlantic went one step further, and called it “ The Murder of The Washington Post ”. Gerry Shih, a former New Delhi Bureau Chief and till recently the Jerusalem bureau head of WaPo , was more sober in his comment. In a post on X, he said: “It was a privilege to be a Post correspondent, roaming the world the last 7+...
Read more