Foreign intelligence's activities in India discussion thread

Shajida Khan

Senior member
Dec 27, 2017
1,524
1,579
Seattle
On 27th there was a glitch in Air India servers and which led to the delay and cancellations of more than 130 air India flights and there after on 29th there was a glitch in IGI's immigration server.

Pattern tells that it was a cyber attack of denial of service ICMP type. First they targeted the air India servers made them the bots and later used them as bots to target immigration server at the air port after gaining access on the 27th itself. Looks like huge amount of data has been stolen from the immigration servers. Especially the passport numbers. Government is not telling the truth.

Chinese have this capability and also shows their foot print.
ICMP type? Care to elaborate what ICMP type here means? Also, Denial of Service (DoS) attack and stealing data are not exactly related.
 

screambowl

Senior member
Dec 19, 2017
2,293
1,063
switzerland
I know that. I'm asking how did yuu conclude the MSS is behind it. Any references?
The pattern tells it. Getting their hands on such a powerful ied is not possible without order from highest ranks of their cadre in India. And why the same day when Masood Azhar was declared as global terrorist. It's worth thinking. Chinese are responsible for this, there is no doubt.

ICMP type? Care to elaborate what ICMP type here means? Also, Denial of Service (DoS) attack and stealing data are not exactly related.
When you carry out distributed DOS process through ICMP pings. That is ICMP flood.

Normally hackers use this to distract the staff and later carry out DOS to shut down the data base which reveals the username , passwords, and other IP addresses in the process. Then place a man in middle, which may go undetected when everything is slowed down by DDOS.
 

Shajida Khan

Senior member
Dec 27, 2017
1,524
1,579
Seattle
Okay first things first. AirIndia does not own any dedicated infrastructure for Passenger on boarding, check-in etc. These services are provided by a MNC called SITA.

Home | SITA
When you carry out distributed DOS process through ICMP pings. That is ICMP flood.
ICMP is a layer 3 protocol (OSI model OSI model - Wikipedia, its not always followed completely but it gives a hint at the design of the network stack of modern services), meaning it is a network layer protocol to manage an IP network. Things like host to host routing. Route configuration/advertisement etc. The Ping flood you are talking about was an ancient network level attack which will never work now. Why? because modern system have a lot of processing offloaded to hardware for IP stack. Secondly, the only other way it can have some impact is by bandwidth exhaustion. Now, if that is to happen, it will impact not only specific servers but almost all the hosts in that physical network. On an airport, all the air terminals for checking in customers share this physical network.

Normally hackers use this to distract the staff and later carry out DOS to shut down the data base which reveals the username , passwords, and other IP addresses in the process. Then place a man in middle, which may go undetected when everything is slowed down by DDOS.
If you can actually DOS a DB server (hosted in a private server in a private network), you.... won't bother with ICMP flood. Modern day data centers have automated systems (Intrusion detect systems) to react to ping flood or port scans. So no, no staff will be involved in it. To carry out a man in the middle for a DB server, you will need to do something like ARP poisoning. Now the network where DB servers are hosts are isolated. So again, it will fail. These network layer attacks won't work any longer with a half way decent network design.


Finally leaving all this network engineering consideration.... here is a bigger point :-
SITA provides services to not only Air India but also other airlines too. Modern day application architecture does not run servers on per customers, that is wasteful. It serves multiple customers off the same application OR off the same servers. Its called a multi-tannet architecture and it is industry standard. So, if SITA were to be hit by a network level attack like ICMP - Echo flood OR a DOS attack, you would have seen much wider outage of services.


------------------

In conclusion, I could have agreed that this was a DOS attack involving a some vulnerability specific to application used by Air India but if you argue that such attack involved a network layer attack like a Ping Flood with no consequences to other airlines? And that too in this day and time? Surely you must be joking.
 
Last edited:
  • Like
Reactions: screambowl

screambowl

Senior member
Dec 19, 2017
2,293
1,063
switzerland
Now, if that is to happen, it will impact not only specific servers but almost all the hosts in that physical network. On an airport, all the air terminals for checking in customers share this physical network.
This is the reason they were able to enter the immigration desk servers. Let me tell you that, Air India is a full service airline like jet airways and and not just air India many flights operated by air India along in connection with other airlines were delayed as well, this is the reason 155 flights were delayed, it does not have to be an air India aircraft.

SITA provides services to not only Air India but also other airlines too. Modern day application architecture does not run servers on per customers, that is wasteful. It serves multiple customers off the same application OR off the same servers. Its called a multi-tannet architecture and it is industry standard. So, if SITA were to be hit by a network level attack like ICMP - Echo flood OR a DOS attack, you would have seen much wider outage of services.
And why should all the terminals be offline and all customers should suffer? Last year also there was a glitch in SITA's data center in Atlanta and it affected all the customers. This time it affected only the Air India. This prove the point that attack was only for Air India.

It's time taking but not tough to search where the Air India database is present.



If you can actually DOS a DB server (hosted in a private server in a private network), you.... won't bother with ICMP flood.So no, no staff will be involved in it. To carry out a man in the middle for a DB server, you will need to do something like ARP poisoning.
It does not have to be necessarily ICMP flood , I said it is similar to ICMP flood type. Good research though!

There is no need to DoS to place a man in middle, or steal data, only a fool would do, it's time waste. What I meant was, when you have carried out DDOS, then system is compromised and slowed down. There are many ways you can enter the data base, and change the destinationMAC address on the packet, or the dest IP by breaching the tunnel. Obviously the data collected would be encrypted by TLS/SSL but brute force is always there to decrypt.
 

screambowl

Senior member
Dec 19, 2017
2,293
1,063
switzerland
Now the network where DB servers are hosts are isolated. So again, it will fail. These network layer attacks won't work any longer with a half way decent network design.
And who told you it's a network layer attack? Chinese have ability to carry out application layer DDOS aswell
 

Shajida Khan

Senior member
Dec 27, 2017
1,524
1,579
Seattle
And why should all the terminals be offline and all customers should suffer? Last year also there was a glitch in SITA's data center in Atlanta and it affected all the customers. This time it affected only the Air India. This prove the point that attack was only for Air India.
The reason is because you mentioned a Network Layer attack (what you call a ICMP-type). Ping Flood or any ICMP flood or any ICMP based attack is essentially a network layer attack. If you attack network layer, you attack AT LEAST one host (which may even be a VM). Modern applications are multi-tannet. Meaning, applications for various users (for example Air India, etc) will be running on the same host. Why? To maximize resource utilization. So if they were disrupting network ie in the end disrupting hosts it would have hit quite a few other airlines as well.

Notice, this is different from a Application Layer glitch or attack. If they were targeting a specific application, specific for a particular user like Air India, it will not impact other users. It does not involve compromising network layer. Heck you don't want to touch network layer because that may set off an IDS.

This is why I asked specifically about why you specifically mentioned ICMP. ICMP flood or "ICMP flood - type" (I am assuming you mean any network flooding attack). "ICMP type" means you want to bring down a host or an entire network --disconnect, exhaust bandwidth. Since multiple applications run on the same hosts, heck these days same application serves multiple users, this kind of attack is too broad to target one user.

What I meant was, when you have carried out DDOS, then system is compromised and slowed down. There are many ways you can enter the data base, and change the destinationMAC address on the packet, or the dest IP by breaching the tunnel. Obviously the data collected would be encrypted by TLS/SSL but brute force is always there to decrypt.
Errr.... What you are describing (changing destination MAC address) is what is called ARP (Address Resolution Protocol) poisoning. To do this, you need to have access to the private network in which DB servers are hosted. Which is roughly why this won't work.

Lastly, brute forcing TLS? Well unless a company like SITA is choosing really weak cyphers or making some stupid key management mistakes no one can brute force a AES-256 encrypted data. It does not happens. Even with ALL the resources of China, US and Russia combined. The key-space is simply too big. Lastly, libraries implementing TLS, (OpenSSL etc) are standard, so no it is not possible to compromise them.

What would have been believable was an application vulnerability.... Its strange you are focusing so much on network and network stack vulnerabilities which are simply non-existent these days. I highly doubt that what you described is a realistic scenario in 2019. May be 1999 or even 2003 or so but now? Why? Because if such an issue existed, it will more than Air India which will be affected, it will be entire Internet infrastructure going down. The scope will be global if someone can simply brute-force TLS.
 
Last edited:

screambowl

Senior member
Dec 19, 2017
2,293
1,063
switzerland
The reason is because you mentioned a Network Layer attack (what you call a ICMP-type). Ping Flood or any ICMP flood or any ICMP based attack is essentially a network layer attack. If you attack network layer, you attack AT LEAST one host (which may even be a VM). Modern applications are multi-tannet. Meaning, applications for various users (for example Air India, etc) will be running on the same host. Why? To maximize resource utilization. So if they were disrupting network ie in the end disrupting hosts it would have hit quite a few other airlines as well.

Notice, this is different from a Application Layer glitch or attack. If they were targeting a specific application, specific for a particular user like Air India, it will not impact other users. It does not involve compromising network layer. Heck you don't want to touch network layer because that may set off an IDS.

This is why I asked specifically about why you specifically mentioned ICMP. ICMP flood or "ICMP flood - type" (I am assuming you mean any network flooding attack). "ICMP type" means you want to bring down a host or an entire network --disconnect, exhaust bandwidth. Since multiple applications run on the same hosts, heck these days same application serves multiple users, this kind of attack is too broad to target one user.


Errr.... What you are describing (changing destination MAC address) is what is called ARP (Address Resolution Protocol) poisoning. To do this, you need to have access to the private network in which DB servers are hosted. Which is roughly why this won't work.

Lastly, brute forcing TLS? Well unless a company like SITA is choosing really weak cyphers or making some stupid key management mistakes no one can brute force a AES-256 encrypted data. It does not happens. Even with ALL the resources of China, US and Russia combined. The key-space is simply too big. Lastly, libraries implementing TLS, (OpenSSL etc) are standard, so no it is not possible to compromise them.

What would have been believable was an application vulnerability.... Its strange you are focusing so much on network and network stack vulnerabilities which are simply non-existent these days. I highly doubt that what you described is a realistic scenario in 2019. May be 1999 or even 2003 or so but now? Why? Because if such an issue existed, it will more than Air India which will be affected, it will be entire Internet infrastructure going down. The scope will be global if someone can simply brute-force TLS.

You are spoiling my thread ma'am by picking up one word and talking randomly even when I mentioned ICMP type which does not mean ICMP, it could be transport layer, application layer, network layer, l1 or l2....etc. And when hackers attack they don't really find the key, they attack the system which generates the key ;) This all takes a couple of days to prepare and few hours to implement

On that day, they faced a DDoS attack and later when their system were compromised , immigration system crashed after few days. The pattern is clear. Obviously they will not tell you how and who.

This is how chinese carry out cyber warfare.
 

Shajida Khan

Senior member
Dec 27, 2017
1,524
1,579
Seattle
You are spoiling my thread ma'am by picking up one word and talking randomly even when I mentioned ICMP type which does not mean ICMP, it could be transport layer, application layer, network layer, l1 or l2....etc.
Janaab, when I say apple I usually do not mean orange, but whatever floats your boat. Fair enough, dil par mat lein.

And when hackers attack they don't really find the key, they attack the system which generates the key ;) This all takes a couple of days to prepare and few hours to implement
I have done enough pen-testing to know what are key generating weakness. Honestly, if you claim that any half way decent MNC cann't manage key generation then you should stop trusting EVERY business on internet. That includes your banks, google, Gmail, Facebook and what not. Key security is involved but in 2019 it is not exactly a rocket science or an arcane art.

On that day, they faced a DDoS attack and later when their system were compromised , immigration system crashed after few days. The pattern is clear. Obviously they will not tell you how and who.
Well.... we humans are weird animals. We see patterns in stars and faces in clouds. Anyways.

I will leave this thread with this much : We have real problems, but ISI and MSS is not popping behind every pillar and post. Seriously! If my brother --for instance-- had stomach ache its probably that 3 days old biriyani he ate like a pig, not MSS and ISI trying to sow the seeds of communal disharmony in my family! Honestly, India is not that big on at least China's agenda. And Pakistan is a spent cracker.
 
  • Like
Reactions: screambowl

screambowl

Senior member
Dec 19, 2017
2,293
1,063
switzerland
I have done enough pen-testing to know what are key generating weakness. Honestly, if you claim that any half way decent MNC cann't manage key generation then you should stop trusting EVERY business on internet. That includes your banks, google, Gmail, Facebook and what not. Key security is involved but in 2019 it is not exactly a rocket science or an arcane art.
That is true, you are only lucky to have not been targeted. Who knows who's system is a part of bot network? When hillary's email can be leaked, Microsoft active directory and outlook web app can be accessed, chinese could steal data from european space agency and the attacker can remain for months stealing the data then a lot of things are possible, you know it very well as you seem to be from computers background.

Ma'am I have agreed to most of your points whatever you have written, but some how somewhee things don't add up at lest for me. I see pattern because only Air India was targeted and immediately after that immigration desk, this is nowhere a coincidence. This means that the hackers did proper reconnaissance and geology of the organization. We can't rule anything out in this volatile scenario. please do more research regarding this.

I will leave this thread with this much : We have real problems, but ISI and MSS is not popping behind every pillar and post. Seriously! If my brother --for instance-- had stomach ache its probably that 3 days old biriyani he ate like a pig, not MSS and ISI trying to sow the seeds of communal disharmony in my family! Honestly, India is not that big on at least China's agenda. And Pakistan is a spent cracker.


And I don't blame everything on ISI and MSS or others, but only few issues. What I blame is there are loop holes which can be utilized by foreign intelligence in our society. And such loop holes are more in number in India. If you compare the vulnerability of Pakistani society or the Chinese or even the British and Americans, it's easy to sabotage Indian political system, institutions, unis and society than theirs. And it's a fact!

And this is proven by the intelligence report of IB which was leaked. It said that NGO's and few institutions were responsible for slowing the Indian GDP growth rate by 2-3% every year. This is huge!

That's why I have a dedicated thread for this.

I have a request that please do analyse and if you feel anything should be on this thread please contribute. There should be computer experts contributing as well :)
 

Golden_Rule

Boundless Seeker
Dec 6, 2017
962
634
USA
An intelligence blog which stopped with Part 1. The ‘agent’ now claims to keep truth alive and to be living in safety.

OF CONSPIRACY THEORIES AND HOW IT RAINED ONE NIGHT
TUESDAY, MAY 29, 2012

The new Innings
Have had a lot of events forcing me to stay away from this blog and publish the truth, in fact, I had to even bring down my first post due to certain difficulties. Thank you all of you for visiting this place and keeping the truth alive.

I promise to deliver the further parts of this “three funerals and a wedding” in the next few months, now that I am living in safety and there is no further threat to my near and dear ones. I do hope that fellow Indians will stand be me.
Thank You
POSTED BY EX INDIAN INTELLIGENCE

Playing with a nation’s choices

Part 1 : Three funerals and a wedding

Prologue

I was part of various analysis teams of Indian intelligence agencies during the 80’s and 90’s and now live a anonymous life in a distant land. What I am going to propagate over a 3 part series in the next few days might seem very farfetched and even fantastic to most people and many conspiracy theorists might gleefully accept it as vindication for whatever they have been screaming from rooftops for quite some time now. My attempt though is neither to please any one nor to prove someone else wrong or right; it is just to come out with the truth as we perceived it. Most of the theory that I am going to put forward in part 1 is the work of us 5 people in 1991 while analyzing all the intelligence inputs over the years in connection with the assassination of former Prime Minister Mr. Rajiv Gandhi. We in the intelligence parlays termed it as “the Rajiv brief”. Most conclusions that we had come up with were unanimous and unequivocal. I must hasten to add that many parts of this so called “the Rajiv brief” were also part of an earlier analysis done in the mid 80’s by another team investigating the conspiracy angle to Mrs Indira Gandhi’s death. Theoretic overlapping in terms of evidences, intelligence briefings and logical conclusions between these two analysis reports might be common, but there are also significant points of divergence in both of these reports and since I have been privy to both I would suggest that the number of points of convergence between both sets of analysis far outnumber the differences. Sometime in the middle of 1992 we were suddenly asked to debunk the whole theory and change our line of thinking by powers that be, and we had to let go of a “very strong” case that we were building then. Of the core group of 5 analysts who were working on that case, 3 are no more (all died of normal causes) and 2 of us are still living anonymously without being in touch with each other. This is my attempt (after almost 2 decades) to complete “the Rajiv brief” and take it to its logical conclusion with the benefit of hindsight. I must warn though, that this is at the end of the day, just a theory based on intelligence inputs and field analysis built on a very plausible premise. It is an attempt to fill in the blanks between the “if’s” and “buts” of history with the luxury of retrospective intelligence.

The Theory: Five people four scenarios and three events

Mrs Sonia Gandhi is today the most powerful person in India and probably one of the most powerful women on earth. Elections 2009 have only reinforced her power. How did she end up becoming the most powerful person in India? This is the story of that ascendancy. Five people, four scenarios and three events stood between Mrs Sonia Gandhi and her destiny. Over the next few pages I am going to explain those scenarios through the eyes of a former intelligence analyst.

Scenario 1: The Rajiv-Sonia marriage

At the outset there is nothing more than just another love story to Mr Rajiv Gandhi’s romance with Miss Antonia Albina Maino in the mid 1960’s. Any suggestion that there were characters in the Cambridge university campus that not only hooked them up but also nurtured the famous romance is too farfetched. But having said that, let us consider some of the London tabloid reports of that time which variously suggested Rajiv was “constantly influenced” by a couple of students of European origin (I would not take names and let researchers do some hard work) and that at least one of those students was later absorbed by the Vatican’s intelligence wing. It would also be farfetched to speculate on Indian intelligence requesting the help of MI5 to analyze the Rajiv-Sonia romance, at least am not aware of any such report ever being filed. All these rumours and theories have done their rounds in the intelligence quarters of Delhi, especially during 1991-1992, but then we are rushing ahead of time so we shall deal with that later. I would now present as to what intelligence agencies actually did, which was very little, and let people draw their own conclusion.

Background

Post World War 1, Turin was a hub of political activity. Communism was at its peak in Europe and many left leaning socialist organizations were dabbling with the Marxist ideology and as a counter balance to that the fascist forces were emerging as an attractive alternative to many Catholics of Italy, and Turin was no exception. The small village of Orbassano near Turin mainly composed of orthodox Roman Catholic families and they all dreaded the arrival of communists on their shores and decided to join hands with the fascists lead by Mussolini. Paolo Maino was one of them. Indian intelligence gathering techniques are never given their due credit, but we have done some first rate jobs which have never been acknowledged and Mrs Sonia Gandhi’s background check was one of them. It was found that after the end of Second World War when many fascists were purged, Paolo Maino was protected by the church and no less than the Vatican itself intervened in his case and all papers pertaining to him were there by transferred to the Vatican! It was furthermore established that one of the more mysterious uncles of Paolo Maino worked for the super secret intelligence organization of the Vatican, the Opus Dei. Paolo was a construction contractor and had little savings; he could not entirely afford the educational and other expenses of his children. This mysterious uncle; who was working for the Opus Dei and whose name had been deleted from all the intelligence files; sponsored Antonio Albina Maino’s education in Cambridge in the 1960’s.
During her stay in Cambridge Miss Antonio took an “unusually high degree” of interest in the activities of groups concerning students of Indian Diaspora much before she met Rajiv. In fact, their first meeting took place in the presence of other Indian origin students and not in a Greek cafe as widely reported later. But throughout all of this she continued her association with the church and its activities and was in constant touch with “certain sections of the Vatican” which were previously also associated with the fascists. When Indian intelligence officials later questioned one of Miss Antonio’s close associates during her stay in the Cambridge, he described her relationship with the Vatican as akin to “umbilical cord”. All of these titbits were filed by many field officers of various intelligence agencies over a period of years but most analysts in the intelligence parlays of India termed them as “innocent” at worst and “needs evaluation” at best. Of course one can always concede that the analysts of that era lack the luxury of retrospective analysis as we do have now, there was definitely some lax attitude shown by these analysts in trying to decipher these events. Thus one day in 1968, after 3 odd years of courtship Mr. Rajiv Gandhi and Miss Antonio Maino; the daughter of former Fascist soldier, Paolo Maino; were married in Delhi. Miss Maino then became Mrs Sonia Gandhi for all intentions and purposes and the stepping stone to her destiny was covered with roses.

Scenario 2: Event 1, June 23rd 1980

The first player in the political theatre to have been eliminated and also the most important first link to the series of events that led to the present dispensation in the corridors of Delhi. Circumstantial evidence in the June 23rd 1980 Sanjay Gandhi air crash near Safdarjung airport points to foul play but let’s not get sucked into those futile arguments that have been raging ever since. Just suffice it to say that the single-member enquiry commission headed by Mr M L Jain which was formed to study the circumstances that lead to the plane crash has never submitted any report what so ever to the government in 3 decades. Now isn’t that fishy?

Background

Anybody who is aware of the 70’s brand of politics in India would know that Sanjay was the most important political centre, around whom most of the power was concentrated and dispensed with. Many even believed that Sanjay wielded more power than Indira Gandhi herself. It thus became pertinent for most intelligence agencies concerned with India’s affairs to have a thick case file about Sanjay Gandhi and his activities. There were some widely debunked theories of the junior Gandhi leaning towards CIA and Mrs Gandhi not being in agreement with his ideas, I do not know the origin or the veracities of these hypotheses so I would not make any comment either to encourage or discourage them. The 1960’s and 70’s Delhi was a hub of international espionage (like any other capital of any other country) because most intelligence agencies (including CIA & KGB) of that era depended on HUMINT or human intelligence officers to gather intelligence rather than satellites and drones of today. Every other day there would be speculation in the media circles of a certain politician or a certain bureaucrat working in tandem with a certain foreign intelligence agency; I would be lying if I claimed that all these speculations were wrong, in fact there were quite a few surprises in the “official” list that the Indian intelligence agencies maintained, but that is a completely different subject altogether. Coming back to Sanjay Gandhi and the interest that he generated in foreign as well as Indian intelligence circles, one thing is clear, he never worked or had any relationship with any of the foreign intelligence agencies and that much I can vouch for, but the same cannot be said about his continuous indulgence and interference with the local intelligence agencies. He always used and had his men in various wings of Indian intelligence agencies. Amidst all of this originated the “Russian hypothesis”.

There is no agreement as to when the real “Russian hypothesis” came into being, some argue that just prior to emergency in 1975 the Soviets sponsored this study because they had prior intelligence that emergency would be imposed on India, while still others argue that its origin was sometime during the Morarji Desai regime. I for one tend to agree with the former because it is a known fact that Soviets were consulted by Mrs Gandhi about emergency. Another reason to support the 1975 theory is that a secret meeting of the dreaded VKR had taken place in Delhi in the summer of 1975 (VKR = Voennaya Kontra Razvedka) and it had baffled many Indian intelligence officials as to why VKR (Russian counter intelligence wing) would meet in India. After the imposition of emergency and the awareness about Mrs Gandhi’s soviet consultation, intelligence circles widely accepted the theory of VKR meeting in Delhi as a part of that Indo-Soviet collaboration on emergency until the emergence of the “Russian hypothesis” and the eventual demise of Mr. Sanjay Gandhi. KGB had strong presence in Delhi and across India in the 70’s and many left-leaning analysts openly and covertly co-operated with KGB and other Russian intelligence agencies. One such “analyst” was part of the team that had produced the “Russian hypothesis” and he later (in 1979) leaked parts of that document to Indian intelligence and that is how the jigsaw puzzle was cracked. In the hypothesis it was concluded that Mr Sanjay Gandhi was west leaning and a capitalist and would eventually side with the CIA, although there was no universal agreement about these conclusions amongst the team that had produced the “Russian hypothesis” most of them did agree to some extent of those conclusions. It was our belief that the Soviets had decided not to take any action, mainly because of the fact that it was unlikely of KGB and even more unlikely in the case of VKR to remain quiet for more than a few months after having reached a conclusion. This is when Opus Dei comes into picture. It is a well known fact that Opus Dei and parts of Russian intelligence had always collaborated on certain matters. Exactly how or when did Opus Dei come into the possession of “Russian hypothesis” is merely in the realm of speculation but what is incontrovertible is that the Vatican intelligence did have enormous influence on Josef Stavinoha, the man who was heading VKR at that time and thus KGB in active collaboration with Opus Dei decided to act on the “Russian hypothesis” sometime in March 1980. As a direct result of that, June 23rd 1980 happened as an accident.

Continuum

After the sudden demise of Mr Sanjay Gandhi, there was the question of two other people, the very political wife Mrs Maneka Gandhi and son Mr Varun Gandhi which had to be dealt with by the Gandhi family. While there is no denying the fact that Mrs Indira Gandhi and her daughter in law Mrs Maneka Gandhi had a less than cordial relationship (which was more accentuated after the arrival of Rajiv’s family, as per some household sources of the family) and usually had typical “saas-bahu” war of turfs, but what is also irrefutable is the fact that Mr Varun Gandhi was Mrs Gandhi’s favourite grandson and she simply doted on him. What exactly transpired and who facilitated the events are all debates of speculation for the tabloid media, but one thing is certain, both the widowed mother and son were completely sidelined and almost ceased to exist as far as the Gandhi family is concerned after ceremoniously being thrown out of the Prime Minister’s residence.

Scenario 3: 1984, the assassination of Mrs Indira Gandhi

It was one of those events in the young life of a nation that can be termed as a defining moment in history. At the outset it was a clear case of Khalistani fundamentalists avenging operation blue-star, but there were many characters at the periphery and many events preceding it which raised many an eyebrow in the intelligence communities of the world. This was also that one colossal event that catapulted the young Mr Rajiv Gandhi, a novice in politics, to the highest seat of power in South Asia and Mrs Sonia Gandhi was now the next in the line of succession by the virtue of being his wife.

Background

It is a historically well known fact that the Khalistan movement was nurtured by ISI and certain elements in Pakistan. Also well recorded are the initial reactions of some western countries like Canada who almost directly hobnobbed with the Sikh separatist leaders only to abandon them when the movement became increasingly violent. Tacit support of US and British intelligence agencies to the Khalistan intelligentsia was also much speculated upon those days. But what was a lesser known fact in the media and a matter of puzzling debates in the intelligence circles was the interest shown by the Vatican in the Khalistan movement. In 1980-81 Vatican had an open channel of discussions with certain groups of the so called “intellectuals” who were known sympathisers of the Sikh separatist movements. This interest and interactions continued well into the early 80’s and were explained as the “right of Vatican to have an interest in other religious organizations”. At the height of Khalistan movement just after operation Blue Star, many reliable Indian intelligence sources had given “definitive” information about Opus Dei funding parts of operations of Sikh separatists outside India!

After operation Blue Star there were many intelligence inputs about the threat to Mrs Gandhi’s life including some specific inputs about people in the core inner circle of Mrs Gandhi’s security system being vulnerable. Yet no action was taken, why? The assassination of Mrs Indira Gandhi was a massive intelligence failure to say the least and yet no major enquiry was ordered to decipher the conspiracy theory, why? Sections of KGB and other Russian intelligence agencies had given a specific timeframe regarding “action” and yet their advice went unheeded, why? Soviet sources, in informal briefings had warned about certain western intelligence agencies being in cahoots with Sikh separatists and yet those warnings were disregarded, why?

A part of the answer to those questions can be explained as plain incompetence as usual. May be one can also argue that we now have the power of hindsight which we lacked then. But definitely there is a part of the answer to that question which is more complex and only takes my theory forward to its logical conclusion. It is not as if we did nothing, security experts and Intelligence aficionados gave at least 2 formal specific presentations to Mrs Gandhi on 2 different occasions about the need to re-haul the entire security apparatus around her. But on both these occasions apart from Mrs Gandhi’s nonchalance we met with the biggest resistance from one particular member of her core team. He was a very powerful member of what was then known to the media as “kitchen cabinet” and had also been described as a “power broker of the highest degree” by many media houses and visiting dignitaries. There was no reason to suspect any mal-intentions in him, as he was also known to be very close to Mr Rajiv Gandhi (unlike some members of the “kitchen cabinet” who had a turf war with the junior Gandhi). Post assassination there was a bit of a stir in the media about the same gentleman followed by hush-hush events. We in the intelligence were also surprised to know about his strong linkages with certain Western intelligence agencies. Nothing really happened after that for quite some time and Mr Rajiv Gandhi only restored the same gentleman back in his team with full honours and the whole episode was laid to rest. But the biggest revelation to the intelligence wings came a little later (and was not accorded much importance at that time). Unlike media perceptions that the said gentleman belonged to the Rajiv Gandhi coterie and to the “kitchen cabinet”, he actually owed both his positions and his re-instatement into the inner circles of power after the assassination of Mrs Gandhi to a certain Mrs Sonia Gandhi!

Scenario 4: 1991, the assassination of Mr Rajiv Gandhi

When Mr Rajiv Gandhi was assassinated in Sriperumbudur on 21st May 1991, it did come as a shock to the intelligence community in India but it would be false to suggest that we had absolutely no clue about it. Tamil Tigers animosity towards Mr Rajiv Gandhi was by no means a universally accepted fact in the intelligence circles and yet there were “elements” in the establishment who had assessed the risk factors from time to time. Many analysts had pointed out way back in 1985 (when Rajiv first tried to establish channels to tigers) the unpredictable nature of the leadership of LTTE and their perceived closeness to “certain” European and Western intelligence agencies. Mr Rajiv Gandhi was more influenced by a section of foreign policy analysts and he paid little heed to whatever little reservations the Indian intelligence agencies had vis-à-vis Tamil Tigers. I must confess that intelligence community in India did not really cover themselves in glory in this whole episode, because it might come as a surprise to most readers to know that we had threat perception for Mr Rajiv Gandhi from many other quarters like Sikh separatists, Islamic (Pakistani funded) militant groups, Chinese sponsored mercenaries and even rogue KGB agents, but had very few inputs and analysis about Tamil Tigers! That was a grave error to say the least. Due to myriad intelligence inputs and even more complex analysis the enquiry following the assassination was mired in many ideas and was muddled in too many complexities.

Background

The Rajiv Gandhi era was defined by two major geo-political changes in India and South Asia;

· Pakistan’s involvement with separatist groups in Kashmir and the birth of Islamic terrorism in the valley
· India’s direct mediation in Sri Lanka vis-à-vis Tamil issue

Both these geo-political affairs in South Asia had linkages to Western intelligence agencies at some point or other. It is a well known fact that CIA did help Kashmiri terror outfits in the initial years ostensibly to decrease Soviet influence in the region and also because US intelligence establishments were day dreaming about controlling all forms of Islamic extremist organisations from Afghanistan and Central Asia to the Middle-East and Western Africa. The results of those ill-fated forays have been disastrous as we have seen today, but that is a different story for some other time. Lesser known fact is the support to LTTE by many European intelligence agencies including MI5 & NIS (Norwegian Intelligence Service). Thus, although Mr Rajiv Gandhi considered Mr Vellupali Prabhakaran as a personal friend, the LTTE leader was more under the influence of many other intelligence organisations than India which should have been his natural ally. If the Western intelligence agencies wanted to eliminate Mr Rajiv Gandhi (for whatever myriad reasons) they had 2 very plausible ways to achieve their hit; Islamic Terror outfits in Kashmir and LTTE; apart from many other difficult options. LTTE having assassinated Mr Rajiv Gandhi unilaterally can be ruled out for all practical purposes as it was too much under the influence and control of many agencies and also it would have needed a thorough assurance that its own organization would not be eliminated following the assassination. Mr Prabhakaran, whatever else he was, was a practical man with very sensible ideas to survive for a long term struggle for Tamil Elam. He would have realized at the very outset that eliminating Mr Rajiv Gandhi could become an existential threat to LTTE itself. He had the precedence of the Khalistan movement being crushed following Mrs Indira Gandhi’s assassination and the might of IPKF, which had almost managed to destroy about 80% of LTTE.

Mr Prabhakaran apart from being Tamil was also a catholic and there is a theory that the Vatican had helped LTTE in the initial phases to establish a “catholic” land in the Northern parts of Sri Lanka independent of the “Buddhist” Sinhalese regime. I have many intelligence inputs to confirm these linkages between the Vatican and the LTTE. Norway which had always played a role in the Sri Lankan peace process had a commanding influence over LTTE, especially over the northern faction of LTTE comprising Prabhakaran and co. Norwegian intelligence or NIS had not only given financial assistance but also had provided military training and logistical support to many northern LTTE command groups. I must state here that the western part of LTTE led by Karuna and co was less under the influence of these organisations and was more open to collaboration with India. There was also an unconfirmed report that Karuna was against the whole plot to assassinate Mr Rajiv Gandhi and had even tried in vain to contact Indian intelligence agencies about the impending attack. NIS and other Scandinavian intelligence agencies in the 80’s and early 90’s were also heavily under the influence of Opus Dei and other intelligence establishments of the Vatican. There were many reasons for this, primary being the fact Norway’s borders with Soviet Russia and the Opus Dei’s final plans to liberate the orthodox Russian church from the communists. Finally, we have very strong intelligence inputs about NIS having given the final order of a “hit” on Mr Rajiv Gandhi and also the requisite assurance of “no-attack” from India on LTTE in any eventuality. Thus Prabhakaran decided to assassinate Mr Rajiv Gandhi despite internal opposition and many apprehensions. What is even more curious was the timing of attack (which was also a pre-condition by the Norwegian controllers of LTTE as per many intercepts of Russian intelligence revealed to India much later). It was as if someone wanted to influence the ensuing general elections in India by assassinating a tall leader (they had the precedent of 1985 elections following Mrs Gandhi’s killing). But, they only partly succeeded in that as congress could not get a majority on its own which was partially due to the fact that a part of those elections were held before the event and partially due to the changed political scenario of India in the beginning of the 90’s.

The Analysis

After the assassination many intelligence teams were working on many number of theories and officially SIT (special investigation team) was formed to fast track the whole process and at least theoretically all these intelligence teams were supposed to be working under the aegis of the SIT. We were a group of 5 analysts working on the conspiracy angle (there were other groups of people also working on many conspiracy theories) leading up to the assassination. This is when we first stumbled upon the theory of the Vatican’s interest in India’s 1st family (the Gandhi family), which was earlier researched by a team previously working on the killing of senior Mrs Gandhi. Layer by layer we were gathering all the previous inputs and seemingly farfetched hypothesises put forward by many people in the past. Most of the inputs that I have talked about till now throughout this paper (part 1) were discovered and analysed during those 6 months when we worked together in that team. Mr P. V. Narasimha Rao was the Prime Minister of India then and he had made it a point to get all the reports on the Rajiv Gandhi assassination case delivered to him directly (with no intermediaries) at regular intervals. I remember it correctly, when we had sent our detailed analysis report with all the relevant intelligence inputs to the PMO on a Thursday afternoon. The report contained all the various theories that we had suggested but we had not reached any conclusions.

The first time it’s a chance, the second time it’s a coincidence and the third time it’s a pattern. I guess it was just a matter of time before we would reach the conclusion that the sole beneficiary of all these scenarios and events was the one and only Mrs Sonia Gandhi, the widow of Mr Rajiv Gandhi. How 3 events (assassination & “unnatural” deaths of the three Gandhis) and the 4 scenarios involving 5 people who were either eliminated or completely sidelined leading to the final destiny of Mrs Sonia Gandhi is really a fascinating story. On Monday morning our team was dismantled, we were asked to work on another theory of CIA’s involvement with the LTTE and about understanding the financial structuring of the Tamil Tigers and we were told in no uncertain terms to abandon our “farfetched” theories and to work on more “realistic” aspects that would provide more tangible results.

After that we never mentioned about “the Rajiv brief” or about what had happened in those 6 months. But I have been keeping track of events since then. One important loophole about the theory as explained till now would be the reluctance of Mrs Sonia Gandhi to accept the position of power after the 1991 elections. I would like to deal with the post Rajiv era in part 2 when I will hopefully explain all of those issues. I have formulated my own set of theories and have reached my own conclusions, but they will be elaborated upon in the next 2 parts of this treatise.
 
  • Like
Reactions: screambowl

screambowl

Senior member
Dec 19, 2017
2,293
1,063
switzerland
NEW DELHI: An Intelligence Bureau report has accused "foreig ..

Read more at:
Foreign-funded NGOs stalling development: IB report - Times of India ►

I was talking about this, it's from 2014 but that what IB claims about NGO slowing down Indian economy. Yes there were some other NGO's too who spoke against the GMO aswell, but in good disguise they also did very dirty work.

There after some activists protested and spoke against this report, specially greenpeace.

By the way this greenpeace is the same organization, whose ship was sunk by French intelligence in Australia ;)
 
  • Informative
Reactions: Gautam

screambowl

Senior member
Dec 19, 2017
2,293
1,063
switzerland
Not very far when our Media will highlight that what ever happened in SL has Indian hand to it and speak for pakistan and china. I always say, India has more loop holes than Pakistan, or anyother country. India will win on ground but will lose to psyop, if this kind of work continues. I&B ministry has to really work very hard to take actions with proper evidence.
 

Notsuperstitious

Well-Known member
Dec 31, 2017
413
551
India
What about the Trump model - colluding with foreign powers in broad daylight (or in case of Pappu, he visited the Chinese ambassador at night) deployed by congress? That can be posted here or in the politics thread?
 

screambowl

Senior member
Dec 19, 2017
2,293
1,063
switzerland
What about the Trump model - colluding with foreign powers in broad daylight (or in case of Pappu, he visited the Chinese ambassador at night) deployed by congress? That can be posted here or in the politics thread?
Congress functions as company, they are all mafia people. Chairman is Sonia and vice Chairman is Pappu , other stake holders are priyanka and Vadra. Its a firm which only sees business through forming government and can get corrupted or corrupt anybody. They can go to any level even conspiring with foreign intelligence to get back the hold. :)
This discussion can be continued in political thread, but if there are refrences or pattern which can lead that they have conspired with the foreign intelligence against the state then can be put here.
 
  • Like
Reactions: Notsuperstitious

screambowl

Senior member
Dec 19, 2017
2,293
1,063
switzerland
New Delhi: An Indian Army clerk, posted in an infantry battalion in Madhya Pradesh’s Mhow, has been arrested in a joint operation by the Intelligence Bureau, Military Intelligence and Police.
The clerk was caught while allegedly supplying information to Pakistan.
He is suspected to have been virtually honeytrapped by enemy intelligence agencies. A probe is on.
Further details are awaited.
Indian Army clerk caught while allegedly supplying information to Pakistan; likely to have been honeytrapped | India News

..........................................

such a shame!
 

screambowl

Senior member
Dec 19, 2017
2,293
1,063
switzerland
There are many like him who have served at various prominent positions

Former R&AW Officers Accuse Ex-VP Hamid Ansari Of ‘Damaging Intelligence Operations’ In Iran; Ask Modi To Take Action
Former R&AW Officers Accuse Ex-VP Hamid Ansari Of ‘Damaging Intelligence Operations’ In Iran; Ask Modi To Take Action


Former intelligence officers of the Research and Analysis Wing (R&AW) have reiterated serious allegations against ex-Vice President Mohammad Hamid Ansari, accusing him of “damaging R&AW operations” while he was serving as India’s Ambassador to Iran between 1990 and 1992, reports Sunday Guardian.
They now want Prime Minister Narendra Modi to become involved in the matter, telling him in their complaint that Ansari passed on information about R&AW’s intelligence operations in Iran to Iranian authorities and the Iranian intelligence agency SAVAK, with the latter on four occasions abducting Indian diplomatic personnel.
The former R&AW officers assert that Ansari shirked his duty towards the nation when these incidents occurred by not revealing the full extent of the involvement of SAVAK to the Indian government.
It is also alleged that after he got to know that Indian Intelligence were maintaining a watch on the activities of Kashmiri youths who were travelling to Qom, Iran and receiving arms training, Ansari forwarded the information about the same and the name of the officer handling it to the Iranian Foreign Office who then gave it to SAVAK.
The officer in question was taken into captivity by the Iranian Intelligence following this.
These allegations were first made back in 2017, when the Intelligence officers first tried to get Modi to take action in the matter.



Ansari had joined the Indian Foreign Service in 1961 and served in Iraq, Morocco, Belgium and Saudi Arabia.
He also served as the Indian Ambassador to the UAE (1976-1980), Australia (1985–1989), Afghanistan (1989–1990), Iran (1990–1992), and Saudi Arabia (1995–1999).
After his Iran posting, he served as the Permanent Representative of India to the United Nations from 1993 to 1995.
This is not the first time that R&AW’s capabilities to gather intelligence were blunted. From the alleged revelation of R&AW operations in Pakistan by an Indian PM to a Pakistani dictator to Gujral Doctrine by former PM Inder Kumar Gujral, the foreign intelligence agency has faced many impediments which were created to stop it from doing its mandated job.
It was Gujral Doctrine which led to the closure of all R&AW’s special operations desk in Pakistan as Gujral believed that India should respect territorial integrity and sovereignty of its neighbouring countries. Once Pakistan station was shut down, R&AW lost its ability to gather credible intelligence inputs from a nation which had remained hostile to India ever since its formation in 1947.
In her book Fighting to the End: The Pakistan Army's Way of War, American political scientist C. Christine Fair argues that “The ‘strategic culture’ of the Pakistan army is essentially unremitting hostility against India. The Pakistan Army believes that it is locked into a permanent, existential, civilizational battle against India.”
Gujral Doctrine was also responsible for the massive intelligence failure during the Kargil War as India had lost its eyes and ears due to a doctrine which was blamed by the media and intelligence analysts as being unrealistic in nature in the changing geo-political scenario.

Ex-R&AW officer claims former VP Hamid Ansari exposed operatives in Iran, accuses him of endangering lives | India News
 

screambowl

Senior member
Dec 19, 2017
2,293
1,063
switzerland
Pakistan using 'jathas' to recruit Sikhs for pro-Khalistan stir against India: Report

Pakistan using 'jathas' to recruit Sikhs for pro-Khalistan stir against India: Report- News Nation
Ahead of the meeting between officials of India and Pakistan over the Kartarpur corridor on July 14, a report reveals how Islamabad is allegedly recruiting Sikhs for its pro-Khalistan drive against New Delhi. According to a report published by The Hindustan Times, the Indian intelligence agencies have unmasked the conspiracy, where Pakistan is using ‘jathas’ or pilgrimage groups of Sikhs travelling across border for its ‘recruitment’ drive. It comes after Indian officials arrested a suspected Pakistani spy near military facilities in Punjab last month. It was during the interrogation of one Sukhwinder Singh Sidhu that agencies got to know about the pattern of spy recruitment.
Sidhu was arrested in Punjab’s Faridkot for allegedly spying for Pakistan’s ISI. According to media reports, Sidhu, a resident of Moga used to pass on secret military information to the ISI via WhatsApp. In fact, Singh was arrested from the vicinity of an army installation, the media reports said. The suspected spy had gone to Pakistan in 2015 for a pilgrimage. It was during this pilgrimage that Singh came into contact of some Pakistanis. According to officials, Singh used WhatsApp to pass on information.
The HT report also added that many such ‘spies’ have been arrested in 2009, 2012 and 2013. There are around 18 Sikh shrines in Pakistan. They are located in Lahore, Sheikhpura, Nankana Sahib, Narowal and Hassan Abdal near Rawalpindi, the HT reports said. The Pakistani agencies have been actively working for what is being promoted as ‘2020 referendum’ on Khalistan.
Earlier in June, two men for Gujarat’s Kutch region were arrested in a joint operation by the Anti-Terrorist Squads (ATS) of Gujarat and Uttar Pradesh on suspicion of spying for the Pakistani intelligence agency ISI. Based on the information obtained by the Uttar Pradesh ATS, two men were held from different parts of Kutch district of Gujarat, said a senior official of the ATS. The district borders on Pakistan. The UP ATS had last year claimed to have busted an espionage racket which targeted army units and arrested 11 persons.
On July 14 , India will try to resolve differences with Pakistan on issues relating Kartarpur corridor when the two sides hold talks on its implementation, the External Affairs Ministry said. "There are differences... We will try to resolve the differences in the meeting," Spokesperson in the Ministry of External Affairs Raveesh Kumar said during a media briefing. The first meeting to finalise the modalities for the corridor took place on the Indian side of the Attari-Wagah border on March 14. The July 14 meeting will be held on the Pakistan side of the Wagah border.





First Published: Monday, July 08, 2019 08:04 AM
 

screambowl

Senior member
Dec 19, 2017
2,293
1,063
switzerland
India’s Response to China’s Cyber Attacks

In a 2018 report to India’s National Security Council Secretariat (NSCS), an unprecedented 35 percent of cyber attacks against the country were attributed to China. Although such attacks have not generated a catastrophic impact in terms of damaged infrastructure, knocked down power grids and any related casualties, China’s cyber policy against India could undermine the country’s conventional power in a future military conflict.
Despite the risks India’s response has been one of restraint, or what might amount to turning the other cheek. While puzzling, such posture is not uncommon among countries embedded in enduring international rivalries. India’s defensive posture is a rational, albeit short-term, response to an ongoing series of cyber attacks, but its current efforts to ramp up cyber defenses would have a better, long-term deterrent capability if the country joined forces with other countries that China has targeted in Asia to bolster cyber cooperation against a common foe.


While China’s investment in cyber warfare began in 1997 in large part to offset its conventional weakness against the United States and Russia, the country now uses cyber operations to target its other rivals. That it focuses heavily on India is not surprising. The two are so-called enduring rivals, countries with a long history of militarized disputes that dates back to the 1962 Sino-Indian War. Most recently, in 2016, India entered Doklam territory in Bhutan, a plateau of strategic significance, to stop Chinese forces from constructing a road in the area. Today, India’s concerns also involve the sea. As China makes its move to dominate the South China Sea and expand its naval power, it is in India’s interest to keep international seas free.
For China there are undoubtedly even bigger concerns that motivate its cyber strategy. Regional dominance becomes difficult when your competitor is forging closer military cooperation with the world’s military hegemon. Whether it’s the joint U.S-Indo air forces exercises in 2018, the boost in U.S. arms sale to India over the past decade, or the annual bilateral Malabar naval war games in the Bay of Bengal that have become a trilateral exercise since Japan became a permanent partner in 2015, the expansion of India and the United States’ strategic partnership has resembled a counterbalancing effort to China’s growing influence in Asia.
Between 2010-2018, China’s main goal in targeting India was to gain access to sensitive information from the government and the private sector (over 55 percent of cases), followed by disruption of daily activities as was seen in 2010 when China’s use of Stuxnet worm to compromise India’s communication satellite led to the loss of TV signal for many. Intrusion with the use of malicious software such as Trojans to enter the target’s network or software program has been the most common form of method in cyber attacks during this time period. Such intrusions are particularly dangerous. They can remain dormant for a long time only to emerge at a later date.
India’s Restrained Response

At first, India’s somewhat muted response to China’s cyber attacks seems surprising. In the world of realpolitik where the balance of power is at stake, one might expect a counter threat or equivalent retaliation. Neither has happened.
At the 2012 Munich Security Conference, the clear takeaway was that India’s efforts to manage incoming cyber attacks were disjointed and not serious. To mitigate the crisis, the government was set on developing a preventive solution aimed at developing indigenous microprocessors and reducing the country’s imports of military software, which have accounted for nearly 70 percent of all such software. In 2012 there was also a proposal to create a command control center for monitoring critical infrastructure and responding to breaches.
Yet even these preventive attempts have been slow to materialize. In 2017 cyber security expert Rahul Tyagi explained that India continues to import most of its hardware from China, making it vulnerable to attacks. A CEO of a private defense company who spoke anonymously in 2018 dubbed the “Make in India” push as “virtually a nonstarter.” The country, according to Tyagi, needs more time and money to improve defensive cyber capability and can’t even contemplate using cyber as an offensive weapon.
While India’s handling of incoming cyber attacks has been lethargic, in the short term it could be considered a rational response to threat management. Restraint is a feasible policy due to the uncertainty connected to cyber attacks. Attribution remains a problem in the cyber domain, making escalation more risky. While attacks have been traced to hackers operating in China, the Chinese government has repeatedly denied responsibility for the actions. Unlike with the use of conventional weapons that are the domain of the country’s military, a government can deny its connections to hackers. In this context, the targeted country must proceed with caution.
There is also the question of how to respond to a cyber attack when a country lacks credible offensive cyber capability that it could use as a deterrent. Should it turn to conventional weapons? Such a move comes with high costs. The enemy might perceive a conventional response as too escalatory in proportion to a cyber attack and escalate the conflict even more, edging dangerously close to an all out war. After all, China’s cyber attacks have not created any damage to India’s infrastructure or resulted in casualties to justify a more provocative conventional response.
Relying on restraint as a strategy becomes even more critical when considering the broader political context in which the attacks take place. Countries that are embedded in a long-term rivalry and that also happen to have other enduring enemies — the case for India and its other rival Pakistan — simply cannot afford to escalate most of the crisis situations. Enduring rivals experience frequent militarized disputes. To manage resources effectively, they must prioritize the urgency of threats and exercise caution to avoid escalation on multiple fronts. By prioritizing conventional threats from Pakistani militants over cyber attacks from China, India has recognized the complexity of threat management.
Yet there is an inherent risk when the short-term strategy of restraint transitions into a long-term policy of buying time while hoping for the best. Restraint, when practiced for too long, can encourage the enemy to simply continue with more attacks. And this has the potential to seriously undermine national security. Consider, for example, the 2009 incident in which Chinese hackers stole classified intelligence from India’s military on missile systems as well as intel on India’s security situation in its various states. In case of a military conflict, such info might be used by the Chinese military not only to exploit systems’ weaknesses but also to identify an appropriate window of opportunity to strike when the country is most vulnerable politically. An even more worrisome scenario could involve using a sleeper worm that could be activated to infiltrate and damage military technology. The People’s Liberation Army (PLA) has long envisioned the use of computer-networked operations as critical to its success in the early stages of a conflict and a series of cyber attacks allows it to effectively gauge the weaknesses of Indian systems.
A Multination Cyber Coalition: A Defense Partnership for the Future
A robust response to this conundrum would be to make serious improvements in India’s cyber posture, as the country has recently started to do. The announcement in March of this year that India will have a Defense Cyber Agency that will rely on existing capability from the armed forces to better respond to cyber attacks is a promising start. But such an initiative may be insufficient to deter China given the meager spending devoted to cyber defense. Moreover, it is not entirely clear how relying on existing capabilities from the armed forces can limit attacks that have been undeterred by such capabilities. Part of the problem is that India is trying to go at it alone, aiming for an internal capabilities buildup that lags behind China’s investment in cyber weapons’ capacity to infiltrate defenses.
The country would benefit from leading an effort to create a multination cyber coalition (MNCC), a common defense partnership for countries in Asia at the highest risk of cyber attacks from China. Such countries could most likely include China’s other enduring rivals such as Japan. The MNCC countries would harness their collective cyber capabilities and knowledge to better identify and respond to cyber attacks. Such an initiative could resemble NATO’s approach to cyber defense more so than the Association of Southeast Asian Nations’ new efforts to develop cyber norms and confidence building measures in Asia Pacific. While countries are still responsible for their own cyber defenses, NATO supports its members by sharing real-time intelligence on threats and best practices for handling such threats. Investments in education, training, and exercises are key aspects to strengthening capabilities. The MNCC could offer similar benefits to its members as well as the opportunity to receive assistance from rapid reaction defense teams that could respond to more severe threats.
Creating such an initiative would be equivalent to bolstering countries’ deterrence by denial strategy simply by making it harder for China to achieve the key objectives behind its cyber attacks thanks to more robust defenses. The added benefit of the multinational approach is that it would discourage China from responding aggressively to any individual state that joins the initiative as embracing even more escalatory posture against all members could risk the kind of international crisis that might not be in China’s interest. Furthermore, the MNCC’s focus would be defensive in nature, leaving the development of offensive cyber capabilities for each state to pursue individually. This would improve deterrence by denial while reducing China’s likely negative reaction to what would be a defensive rather than an offensive initiative.
Leading the effort to establish a multination cyber coalition might be India’s best bet for developing a robust, long-term cyber prevention strategy for the future that promotes national security while concurrently reducing the possibility of conflict escalation.
Elizabeth Radziszewski is an Assistant Professor of Political Science at Rider University in New Jersey who also teaches in the Master’s program in Homeland Security at Rider.
Brendan Hanson and Salman Khalid are graduate students in the Homeland Security program at Rider University.

-------------------------------------------------------------------------------------------------------------------------
PS: Although this article is a bit provocative and favours a joint cyber module between India and US, which means presence of US in Indian world of cyber security and access to sensitive data but in a nutshell a lot of things said are true.