A plan to set up a dedicated tri-service command for cyber security in India is being deliberated upon by the Ministry of Defence (MoD), three years after it was submitted to the MoD in October 2013 by the then Chairman, Chiefs of Staff Committee, Air Chief Marshal N.A.K. Browne.
The command for cyber security was to be manned by senior personnel from the three services (Army, Air force and Navy) on a rotational basis and was jointly approved by the senior officials of the three services before being forwarded to the MoD. However, there is a bureaucratic delay in executing the plan, thanks to the babus at MoD.
Official sources said that the need for a separate command for cyber security was felt after Chinese hackers broke into a dozen computer systems installed at the headquarters of the Eastern Naval Command in Visakhapatnam in 2012 and stole critical information, the content of which was never made public.
The hacking had taken place between December 2011 and January 2012, following which the Navy instituted a Board of Inquiry (BoI) against some officers whose computers were hacked. “The babus at MoD have never taken the threat from cyber attack very seriously. Only God knows where the file related to the setting up of the separate cyber security command is gathering dust. Despite an ever increasing number of cyber espionage incidents against our critical institutions, the MoD has been very laidback in its response to this threat,” a senior official with the Army, who is familiar with the plan to set up this cyber security command, said.
Earlier this year, a Pakistan-based cyber militant group targeted personnel in the Indian military and stole 16 gigabytes worth of data that included scanned pictures of passports, photo IDs, tax-related information, salary slips and strategic and tactical documents related to the Army from at least 160 Indian military officers, non-military attaches and consultants stationed across India and other parts of the world.
In another cyber attack that originated from Pakistan in 2012, but was first detected in February 2016, information stored in the computer systems of individuals working with the top leadership of the Indian military and the Ministry of External Affairs, including officials based at Kazakhstan and Saudi Arabia embassies, were stolen by the officials.
“We are very much behind in tackling foreign based hackers despite having an expansive reservoir of highly trained manpower that are mostly working in the private field. We are nowhere in comparison to China when it comes to Cyber Warfare and Cyber Security. The main reason behind this is the lack of seriousness on the part of the government regarding cyber warfare,” the official added. The National Cyber Security policy, which was released in July 2013, had called for an exhaustive policy to deal with issues related to cyber warfare and cyber crime, but all the recommendations, and exhaustive ideas that were included in this 10-page policy, remains confined to the books. Speaking to The Sunday Guardian, Nitin Wakankar said the dedicated command for cyber security was not yet operational. When asked when it would be operationalised, Wakankar said that “it was difficult to say that right now”.