Cabinet of the Prime Minister, New Delhi, February 22, 2024
…’What’s the problem?’ growls the prime minister.
Sir, this looks like a formidable cyber attack. Even our secure network has been hacked,” the NSA said. “We can’t contact anyone.”
The office of the Prime Minister of India has turned into an island.
In a few minutes, it becomes clear that the PMO is not the only one to fall off the internet highway. The ministries of defence, interior, finance and the armed forces service headquarters have all gone offline. The government of India has been thrown back more than three decades. Even the phone lines don’t work.
An ominous feeling settles in the room. The prime minister walks back to his office, followed by the NSA. The chief secretary is in charge of physically convening the members of the Cabinet Committee on Security (CCS), the Chief of the Defense Staff (CDS) and the three heads of service for an immediate meeting.
“Could this be a malicious attack?” asks the prime minister.
“Unlikely,” replies the NSA. Beads of sweat appear on his forehead.
“That’s most likely.”
China had warned India since last year when the Prime Minister visited Bum La in Arunachal Pradesh and addressed the troops in Tawang. China had called this a serious provocation. Consequently, it increased military activity in its Western Theater Command (WTC) close to the border with India. According to intelligence reports received by the NSA in recent months, the activity appeared to be more than the regular exercises that the People’s Liberation Army (PLA) conducts regularly.
Convoys of all kinds of trucks are often spotted transporting supplies, ammunition and fuel on the various asphalt roads towards Lhasa (the headquarters of the Tibetan Military Command), and sometimes on the arteries connecting to the LAC1. Since 2020, the PLA has built robust and technologically advanced underground facilities (UGFs) to protect all aspects of its armed forces, including command and control systems, logistics, munitions and missile systems.
The UGF building program in the Tibet Autonomous Region (TAR), which started around 2012, has been upgraded and expanded. The deeply buried UGFs were traditionally intended to protect military assets from the effects of penetrating conventional munitions and nuclear attacks.
According to intelligence reports, after the confrontation with Ladakh in 2020, the PLA deployed electronic and cyber warfare units in TAR. Dual-use airports were upgraded for combat aircraft and drone flights. Huge communication towers had been erected. Blast pens or paved shelters for fighter planes were built. Numerous air defense and missile sites had been dug. But India had ignored these provocations.
On January 26, 2024, India invited the Dalai Lama to the Republic Day parade. China was furious and threatened to establish diplomatic ties with India. It rejected India’s claim that the Dalai Lama had been invited in his capacity as a spiritual leader along with the gurus of other religions.
Despite all the threats, the Prime Minister and the NSA were convinced that China would not go into all-out war with India and endanger its own economic growth. This view was also supported by the military establishment led by the CDS. Even in 2024, the Indian military stuck to the position it formulated in 2009: that China would not want to go to war with India because a stalemate on the ground would be considered a defeat.
And it would be a stalemate, they thought, because the Indian Army of 2024 was not the same as 1962. It was prepared to fight and the battle was hardened by decades of counter-terrorism on the Line of Control (LoC) with Pakistan. The Indian Air Force, with some 250-300 fighters from all bases at much lower altitudes, had many advantages over the PLA Air Force (PLAAF). It would cause it to send back thousands of body bags of PLA soldiers, destroying China’s reputation as a global power.
But was the Chinese army of 2024 the same as that of 1962? This was an awkward question with an unsavory answer. Since the Prime Minister was not in the habit of listening to unpleasant answers, no one asked this question. Perhaps no one knew that this was a question to be asked.
Despite ongoing studies on China, even in 2024, the Indian military was unaware of the war China had been preparing for. Traditionally, the Indian military believed that China was at least a decade ahead of Indian capabilities. Sanguine in this review, was clueless about the rapid transformation that had taken place nearby.
But if China has no intention of going to war with India, why would it carry out such a formidable cyber attack on the seat of government?
The NSA reviews its notes based on a recent intelligence report and relays to the Prime Minister what he knows about the PLA’s presence in TAR. The combat support forces (Rocket Force, Strategic Support Force and Joint Logistics Support Force) in the WTC have trained combat units to deploy and maneuver with them. The reported PLA convoys to TAR contain large numbers of unmanned vehicles – both combat and reconnaissance. A report notes the sighting of thousands of humanoid robots on military buses and trains to Lhasa.
“They will probably be used for combat support such as maintenance, preparation of ammunition, supplies, fuel and so on,” the NSA says in a slightly disdainful tone.
“Why did they launch a cyber attack on the PMO?” asks the Prime Minister. “Phishing?”
‘Hard to say. But it’s unlikely that a phishing attack would disrupt our networks. This seems to be something else.’
The CCS has now gathered in the conference room. Breaking protocol, the Chief of Staff (CAS) blurts out, “This is no ordinary cyber attack. The malware that has attacked us is extremely advanced. It has breached all of our firewalls. Our entire communications network has collapsed. We have been made blind and deaf.’
A chill runs through the conference room. The military and naval chiefs have similar reports to share. The naval chief is especially concerned. The navy has lost contact with the INS Vikrant battle group, which consists of two destroyers, four frigates, three submarines, fifteen fighter planes, eight helicopters, two long-range patrol aircraft and a number of smaller ships.
Seeing the prime minister’s questioning look, the NSA stoically explains, “Sir, if we’ve lost contact with them, it means they’ve lost contact with ground control as well. This can lead to accidents.’
The CAS interrupts. ‘It is a very serious situation. We deployed six aircraft for this exercise. All communication with them has been lost.’
The ground situation was equally dire. The troops deployed in the mountains had long lines of communication. These were now on alert. “Sir, for troops at 18,000 feet and above, communication is the lifeline,” the Army Chief of Staff (COAS) said. “We have an emergency in Ladakh. As you know, our soldiers face the PLA in certain places.”
Looking at the NSA, he adds: “In Ladakh, the PLA has also deployed a large number of unmanned and autonomous systems, including combat systems. If they get into mischief with machines, we won’t find out. Of course, our troops are trained and prepared for all eventualities. But communication with the head office is crucial.’
Despite the apparent calm in the room, the panic was palpable. The COAS comment was ominous, but it also contained a clue as to the motive for the cyberattack. The Chief Secretary was instructed to appoint the Director of the National Critical Information Infrastructure’s Protection Center (NCIIPC) operating under the National Technical Research Organization (NTRO), the Chief of the Defense Cyber Agency under the Integrated Defense Headquarters, and the National Cyber Call a Security Coordinator. who works directly under the PMO.
The messages are worse than expected.
“Sir, it doesn’t just look like a cyber attack. The internet in peninsular India is no longer working. Most DRDO labs, ISRO and the DPSUs do not have internet. We don’t know how much of the infrastructure has been affected yet,” the NSA said, running a hand over his forehead.
“It’s a major cyber attack,” said the prime minister.
After a minute of silence, the NSA added: “It appears that some of our submarine cables connecting us to the global internet have been tampered with. They may have been cut off.’
“But that is an act of war,” the prime minister tells the now silent hall.
The conference room turns into a makeshift war room.
“I need updates every half hour,” the Prime Minister declares and storms out.
Reprinted with permission from The Last War: How AI Will Shape India’s Final Showdown with ChinaPravin Sawhney, Aleph Book Company.