- Drashti Khatri and Mokshika Ostwal
Introduction
Imagine you arrive at your workstation in the morning and suddenly all the computer screens start turning red one by one, you have no clue what’s going on; hence you call up the IT department, astonishingly you discover that the IT hub’s system is also acting fishy. All your files, official as well as personal are being encrypted and then mysteriously you have been ordered to pay $300 in bitcoin to decrypt your files. Isn’t this daunting? This incident has happened with a shipping company named Maersk which lost half a million dollars. The act was allegedly performed by Russian state-sponsored hackers.
As the world is transforming into digital space especially, during the Covid times, cyberspace has become a new battlefield for nation-states. It has become a new potential defense mechanism for countries. But what is exactly cyberspace? Cyberspace is not only the Internet but also the space which it creates, which is impalpable in nature, where de-territorialized interactions between the citizens of nation-states take place without any element of distance.
The intense competition between governments is fueled by devastating cyber-attacks and data leaks. Chinese hackers steal American company secrets and digital consumer information, while Russian hackers meddle in their opponents' power systems and electoral affairs. Isolated countries like North Korea and Iran are now capable of destroying huge multinational corporations like Sony and Aramco. As a result, the more powerful a nation is in its cyberspace game, the more vital it becomes in the game of geopolitics.[1]
Just like other nations India has also been a victim of cyber attacks a number of times. Recently, more than 11.5 lakh incidents of cyber attacks were tracked and reported to India’s Computer Emergency Response Team (CERT-In) in 2021.[2]
Reports suggest that the number of ransomware attacks in India is up by 120%. Yet, India is ranked 10th on the Global Cybersecurity Index (GCI) 2020. India's ranking of 10th is a significant increase from the index's previous edition from 2018 when it was rated 47th.[3]
However, is India well-equipped for possible cyberattacks on its digital infrastructure? According to the reports, India is the 6th most affected country by ransomware attacks. For instance, a power grid breakdown was reported in Mumbai on 12th October 2020, in the middle of India's standoff with Chinese forces at the Line of Actual Control on the Indo-China border, which purportedly stopped trains on tracks, impacted hospitals, and effectively brought the city to a standstill. While the problem was resolved in less than two hours, Maharashtra officials first suspected sabotage and foreign participation. According to a study, malware has been leaking into Indian control systems used to manage energy supply as part of a Chinese cybe rattack against India. The cyber security company then traced the incident to a Chinese State-sponsored hacker organization known as "Red Echo." The intensity of the cyber-attack was said to be far more serious, and concerns have developed about the power outage is a warning, a shot across the bow to send a message to the Indian Government for pursuing its claims in the armed battle. However, the Indian government did not release any conclusive report against China, this incident highlights concerns around the cyber security of our nation.
As a result, depending on the severity of the situation, cyberspace permits nation-states to launch more subtle attacks against adversaries. States can carry out attacks that aren't substantial enough to justify physical retribution, as defined by international law but aren't severe enough to justify armed conflict. Jus ad Bellum establishes the legality of nation-states using military troops in response to provocation. When one state threatens the territorial integrity or political sovereignty of another, retaliation is justified, according to the law. The most dangerous weapon in the gamble of cyber politics is social media, which is used as an information warfare tool—a weapon of words that impacts the hearts and minds of an intended audience, and a weapon of mass disruption that can have repercussions on targets in the physical realm used by governments and hackers. For instance, Mr. Narendra Modi’s Twitter account getting hacked and the hackers tweeting about the legalization of bitcoin as a legal tender in India depicts the vulnerability of social media platforms.
Additionally, forthcoming political events and economic policies might spark espionage or retaliatory cyber actions. G20 conferences, for example, may be accompanied by espionage activities to ascertain the other countries' negotiating stances. Furthermore, political and economic strategies, such as China's Five–Year Plans, might give insight into future government priority areas, which may result in industrial espionage activities to attain these goals.
Conclusion
As the saying goes, “data is a new oil of the 21st century”, one cannot neglect the use of the internet and social media but, one can definitely use the internet and social media wisely so that the potential cyber-attacks can be prevented.
Measures like Establishing an International Cyber court, because of the growing number of cyber-attack accusations among different countries, as well as the complexities of technical attribution, it may be prudent to establish an independent international court or devise a method that will only deal with government-level cyber conflicts and that can be considered and respected by all parties involved. In such a court, one of the parties may present proof that they had been hacked, and the accused party could be allowed to argue for or against the attacks using expert views. Also limiting the use of self-driving cyber weapons are weapons that are operated automatically without the need for human intervention. Attacks are typically routed through systems in innocent underdeveloped countries, putting citizens’ information at risk with independent cyber weapons that have no consideration for national frontiers or humanity. Incorporating cyber-attack legislation into international law. Long-term goals for international entities should include establishing a binding agreement under the UN to combat cyber crime and developing a common code of conduct for countries operating in cyberspace.
Drashti Khatri and Mokshika Ostwal are second year students at SVKM's Pravin Gandhi College of Law, Mumbai.
(drashtikhatri88@gmail.com, mokshikaostwal11@gmail.com)
[1] Ben Buchanan (2020): The Hacker and the State Cyber-attacks and the new normal of Geopolitics Page- 9 [2] We regularly warn of impending threats, says Sanjay Bahl, DG, CERT-In- (Jan 16, 2022)- https://www.theweek.in/theweek/cover/2022/01/06/we-regularly-warn-of-impending-threats-says-sanjay-bahl-dg-cert-In.html#:~:text=Q%2F%20How%20many%20incidents%20of,of%20October%2015%2C%202021). [3] India breaks into top 10 countries on UN’s index measuring commitment to cybersecurity (Jun 29, 2021) - https://economictimes.indiatimes.com/news/defence/india-breaks-into-top-10-countries-on-uns-index-measuring-commitment-to-cybersecurity/articleshow/83962167.cms