Indian Defence Review

Cyberspace vulnerability

The ancient Chinese strategist Sun Tzu, in his seminal work “The Art of War”, advises, “… use information to influence the adversary … by exploiting, even creating, vulnerabilities of the enemy, even while hiding (and not creating) one’s own vulnerabilities … to subdue the enemy without fighting”. While Sun Tzu wrote only of enemies, USA’s spying-snooping exploits the cyber and intelligence vulnerabilities of friends, enemies, allies and partners to subdue them to hegemony that will “shape a new century favourable to American principles and interests” and “make the case and rally support for American global leadership”⁴.

It is necessary to note that India’s cyberspace vulnerability would likely not have been revealed were it not for Edward Snowden’s courageous expose. With growing public anger that India’s cyber vulnerability was secretly exploited by U.S spying-snooping, India hurriedly issued its policy on cyber security. According to the National Cyber Security Policy-2013 (NCSP-2013) dated 02 July 2013, produced by Department of Electronics and Information Technology under the Ministry of Communication and Information Technology, “Cyberspace is vulnerable to a wide variety of incidents, whether intentional or accidental, manmade or natural, and the data exchanged in the cyberspace can be exploited for nefarious purposes by both nation-states and non-state actors. … The protection of information infrastructure and preservation of the confidentiality, integrity and availability of information in cyberspace is the essence of a secure cyber space.”  Also, “This policy therefore, aims to create a cyber security framework, which leads to specific actions and programmes to enhance the security posture of the country’s cyberspace.”. The NCSP-2013, sent to Cabinet Secretariat, PMO and Planning Commission among other addressees following USA’s brazen cyber-snooping, is admission of abject failure to protect India’s security and sovereignty. India’s belated acceptance of the possibility of “nefarious purposes by both nation-states and non-state actors” while at the same time playing down U.S spying-snooping as “scrutiny”, sadly reveals shameful servility.

U.S spying-snooping in India was perhaps only to gather information and intelligence, and cannot be termed cyber attack. Cyber attack, whether by nation-states or non-state actors, deliberately destroys, corrupts or renders useless or defective, critical or strategic military, economic or political systems. This has been authorized by U.S president Obama as Offensive Cyber Effects Operations (OCEO), to advance “U.S national objectives around the world”. Without doubt, countries like China, Russia, Israel, EU and some others which have strategic vision and cyber capability, have a defined cyber operations doctrine. Further, both USA and Russia have stated that they will interpret cyber attack on themselves as an act of war, which can attract military response. The reason for most countries objecting to U.S spying-snooping is that gathering information and intelligence, and gaining access into information systems, enables USA to very rapidly slip into OCEO at a time of its choice, crippling the target country’s military and government, and subdue it without firing a shot.

The U.S “Intelligence Community” consists of 16 spy agencies including NSA, FBI and CIA, and in terms of expenditures would be the fourth largest military after USA, China and Russia, according to SIPRI. Based on Snowden’s revelations, Washington Post reports⁵  that “The governments of Iran, China and Russia are difficult to penetrate, …”. By implication, such a well-funded and powerful spying establishment penetrating India’s government would be easy. USA’s super-surveillance combined with India’s political supineness and cyber incompetence, could make CMS a mere tool for furtherance of USA’s global ambitions.

Lack of strategic vision

India’s apologetic position regarding USA’s snooping, and the present lack of strategic vision and credible intelligence capability⁶ is exacerbated by its dependence upon foreign IT hardware, foreign IT security software and even system expertise.

This opinion is predicated upon the fact that, with the possible exception of India’s Armed Forces, Indian central and state governments and their agencies have purchased security software in the form of firewalls from international vendors, and contracted out sensitive system and database creation to foreign vendors which are closely connected with intelligence agencies. Such actions could only be because of ignorance, negligence or active complicity of the heads of these institutions.

Specifically, UIDAI Chairman Nandan Nilekani claims that the Aadhaar system is safe because it has “concentric rings of security”. It is shocking that a technocrat of his eminence, elevated to cabinet status, should be unaware of the risks of a hacker breaching every ring of security when each ring is compromised. UIDAI has contracted formation of its Central ID Repository and other critical work to U.S firms having intimate links with the U.S intelligence community³, but nevertheless falsely stated that it has not dealt with any foreign companies. It later denied access to its on-going contract documents with foreign companies, when called for under the RTI Act. Could this be interpreted as active complicity? NSA operatives would be smirking at Nilekani’s innocence.

Sovereignty

Sovereignty is complete power or authority over territorial and material assets, independence and integrity of political and economic policy, and ownership, control & jurisdiction over all national assets and properties. Today, data is the new property, the compromise of which is compromise of sovereignty. USA’s data mining in India is a threat and insult to India’s “sovereign secular socialist democratic Republic”.

While India’s Prime Minister takes an oath to abide by the Constitution and the laws, the President of India has a more onerous role, swearing to preserve, protect and defend the Constitution and the law. Therefore the President of India, thus far studiously standing out of the controversy, needs to recall his solemn oath and begin to voice his view and opinion on the issues arising out of Edward Snowden’s expose, including providing guidance to his government operating under the executive power of the Prime Minister and his cabinet.

With regard to protecting India’s sovereignty and political self-respect, President Pranab Mukherjee, needs to advise his government to demand (1) an explanation from USA for physical and cyber spying and snooping on India, (2) a guarantee that further physical and cyber spying and snooping will be stopped with immediate effect, and (3) a certificate from USA that all copies of data pertaining to India and Indian citizens mined so far will be irretrievably deleted.

It is worrying that BJP, the largest opposition party and contender for power in the 2014 general elections, has not raised the issue in Parliament nor expressed any serious objection to USA’s blatant assualt on India’s sovereignty. Perhaps the silence and shameful equivocation of India’s political-bureaucratic establishment stems from the fact that India’s bureaucrats and top politicians in the ruling coalition and the opposition, are in awe of America, or have personal assets in USA, or own off-shore assets which are in the knowledge of USA. Is India’s military top brass similarly compromised?

State of vulnerability

Intelligence can control systems and the people who control political and economic systems. NSA’s program code-named GENIE employs U.S computer specialists to break into foreign networks so that they can be placed under surreptitious U.S control. This enables access to personal and organizational data to control people.

India’s political class is unaware that their personal and party secrets are known to USA. The personal details and secrets of India’s judiciary, bureaucracy-police and military have undoubtedly been acquired and stored by U.S intelligence for future use. It is undoubtedly the same for the captains of Indian industry. The “foreign hand”, hitherto scoffed at as a product of overheated imagination, is a stark reality. Those who control India and guide its destiny are slaves to U.S diktat. It is a moot point whether India’s sovereignty as a democratic republic has been irretrievably lost.

USA has a history of effecting regime change in foreign countries by covert and overt means, in pursuance of its global domination policy. India has been a “problem” to USA because of the strong democratic traditions built by its founding fathers and its robust Constitution. But with the secrets of huge corruption, phenomenal greed and personal peccadillos of its bureaucrats and political class cutting across party lines, known to U.S intelligence, USA can have substantial influence on the outcome of India’s 2014 general elections.

To paraphrase Robert Jensen⁷, no matter who votes in elections and how they vote, powerful unelected forces set the parameters of political action. India, now in a politically fragmented condition only different in detail from India of the 18th Century, is vulnerable. Will a modern-day Robert Clive bribe, coerce, blackmail, threaten or otherwise influence modern-day Mir Jafars to bring the military boots of American empire into India? Only time will tell.