The cyber defence exercise comes after US experts found Chinese sleeper malware in Australia and Japanese networks as part of Quad cybersecurity cooperation.

New Delhi: With the cyberattack threat from China and other adversaries mounting by the day, the national security agencies, including the tri-services, are currently participating in a weeklong cyber defence exercise to test the resilience of India’s critical civilian and military infrastructure, officials familiar with the matter said on Saturday.

The cybersecurity exercises are being held under the aegis of the Defence Cyber Agency (DCyA) with other branches of national security participating in the effort to test the firewalls guarding India’s critical infrastructure. (Representative)

While the government is tight-lipped on this count, the cybersecurity exercises are being held under the aegis of the Defence Cyber Agency (DCyA) with other branches of national security participating in the effort to test the firewalls guarding India’s critical infrastructure.

The cyber defence exercise comes after US cyber experts found Chinese sleeper malware in Australia and Japanese networks as part of Quad cybersecurity cooperation.

“This malware is normally injected into the critical network and made to lie dormant for years. The bug is then activated by China any time it chooses to cripple the critical infrastructure or extract information,” said one of the officials cited above.

It is understood that the November 23, 2022, cyberattack on five servers of AIIMS in Delhi was engineered by China-based hackers and the cyber post-mortem of the attack showed that the malware or the bug to steal medical records was planted in the servers way back in 2014. On the military front, the 25-infantry division of Indian Army, based in Poonch, was cyber-attacked by the adversary during the Pakistani retaliation to the 2019 Operation Bander launched by the Indian Air Force (IAF) to destroy a Jaish-e-Mohammed terrorist training camp at Balakot in Khyber-Pakhtunkhwa on February 26. The Balakot operation was conducted by the IAF to avenge the killings of 40 CRPF troopers at the hands of a Jaish suicide bomber in Pulwama on February 14, 2019. The Pakistani retaliation to Balakot was launching of missiles at the Indian Army's brigade at Poonch on February 27, 2019.

Cybersecurity is also emerging as a key element of cooperation among Quad countries with the four leaders agreeing at Hiroshima this month to collaborate to enhance regional capacities and resilience to cyber incidents and threats. The Quad cyber challenge was held this year to promote cyber awareness and empower participants across the Indo-Pacific to protect themselves online.

The four countries have worked out the Quad joint principles for secure software and Quad joint principles for cybersecurity of critical infrastructure, and work is on to develop a framework for ensuring cyber security of supply chains and resilience. These principles are designed to strengthen regional defences against cyber threats to software supply chains, the digital economy, critical infrastructure, and services.

While the Indian national security agencies and tri-services network are protected by air gap and stand-alone servers, the Union government servers under the National Informatics Centre (NIC) are often cyber-attacked and compromised by India’s adversaries to glean confidential information and intelligence through planted malware. As the Indian economy expands in the digital dimension, security planners are reviewing the national networks to make them more resilient with stronger firewall architecture.