NEW DELHI — Amid media reports of a suspected cyberattack by a Pakistan-based group targeting the Indian government, some officials and analysts here are calling for progress on a proposed tri-service command on cybersecurity that is still pending approval by the Ministry of Defense.
The command would be led by the Indian army, air force and navy.
"India does not have adequate institutional and human resource capability to counter cyberattacks similar to the one by the Pakistan-based group," defense analyst Surya Kiran Sharma said.
Evidence of "an advanced persistent threat (APT) against Indian diplomatic and military resources" was first reported on March 7 by US-based cybersecurity solutions company Proofpoint.
Indian MoD officials would neither confirm nor deny whether their officials were targeted from Pakistan.
"The matter has come before MoD and is now being examined," spokesman Nitin Wakankar said.
Following Proofpoint's March 7 report, another security firm, FireEye, reported that on May 18 a Pakistani group registered a fake news website and sent spear-phishing emails to Indian government officials.
The emails referenced the Indian government's 7th Central Pay Commission, a topic of interest among officials.
A senior Indian Navy official, who spoke on condition of anonymity, noted that a proposal to set up a dedicated tri-service command for cybersecurity has been forwarded to the MoD after top officials with the Indian air force, army and navy approved the idea. But the plan has yet to be approved.
"A draft proposal for setting up a separate tri-command on cyberwarfare was prepared in consultations with the chiefs of the Indian air force, Indian army [and] Indian navy after Chinese hackers broke into the computer systems of the headquarters of the Eastern [Naval] Command in Visakhapatnam in 2012 where the homemade Arihant nuclear submarine was undergoing sea trials," the Navy official said.
In 2013, computer systems of the Defence Research and Development Organization were breached by Chinese hackers.
According to Sharma, India is ill-prepared for a cyberwar.
"India released its National Cyber Policy in 2013, which had the ambitious aim of creating 500,000 cyber warriors," the defense analyst said. "However, no significant work has been done on the provisions of the cyber policy. India is inadequately prepared to counter cyberwarfare, as is evident from the numerous attacks on national websites."