When the battlefield shifted from mountains to mobiles, India’s cyber defences stood firm. Here’s why this victory matters beyond borders, writes Satyen K. Bordoloi.
During World War II, after the Germans had captured most of Europe, they launched the most concerted bombing campaign ever seen in the world. Day after day, night after night—at one time for 56 days straight, an already ravaged London was subjected to an endless barrage of German bombers that killed over 40,000 people.
The asymmetric warfare tested the mettle of Londoners. However, during the recent India-Pakistan conflict, post the gruesome Pahalgam bloodshed, India was bombarded with much more than what Londoners faced.
On May 6, as India and Pakistan teetered on the brink of war, I penned an article for Sify titled “Digital Siachen: Why India’s War With Pakistan Could Begin on Your Smartphone” (published May 8). The premise was stark but straightforward: modern conflicts are no longer fought solely with tanks and missiles but with lines of code and bots.
I warned that Pakistan, backed by state-sponsored hackers and transnational cyber militias, would weaponise the digital domain to cripple India’s critical infrastructure, spread disinformation, and erode public trust. A few days ago, Maharashtra Cyber officials confirmed that the prediction has materialised with chilling precision.
Between May 7 and May 10, Pakistan-allied hacker groups launched over 1.5 million cyberattacks on Indian targets. Yet, thanks to a robust cyber resilience, only 150 of these assaults succeeded—a 99.99% failure rate for the enemy.
This was a watershed moment in the history of global warfare, and beyond victory or defeat, it provides nations with a blueprint for preparing for the wars of tomorrow.
The Anatomy of a Cyber Siege: As I had mentioned in the article, beyond their conventional armed forces, Pakistan has a formidable cyber army (the first virus is reported to have been created by Pakistani brothers). It was demonstrated by the scale and sophistication of their unprecedented cyberattack. Orchestrated by seven Advanced Persistent Threat (APT) groups—including Pakistan Cyber Force, APT36, and Mysterious Bangladesh—the attacks spanned Distributed Denial-of-Service (DDoS) barrages, malware intrusions, GPS spoofing, and website defacements.
High-value targets included India’s Ministry of Defence, the Prime Minister’s Office, and critical infrastructure like power grids and airports. One attack on the Indian President’s Office website lasted a record 19 hours. In contrast, other persistent attacks tried to paralyse critical Indian infrastructure, threatening outages of everything, from the internet to power and water.
Yet, the attackers’ bravado, as evidenced by news about the successes of these attacks in Pakistani media, often outpaced their impact. Take, for instance, the claims about hacking Mumbai’s Chhatrapati Shivaji Maharaj International Airport to leak passenger information or causing statewide blackouts. These were debunked as recycled data leaks or outright fabrications.
Maharashtra Cyber’s Road of Sindoor report exposed these tactics, revealing how hackers exploited social media to amplify fear by spreading over 5,000 fake news items, including false narratives about power grid collapses and missile facility breaches. The goal was clear: to destabilise India psychologically while testing its digital defences.
And though the ‘war’ – if you could call it that, was fought between India and Pakistan, the cyberspace missiles on India were launched from beyond just Pakistan going as far as Turkey, Bangladesh, Indonesia, Malayasia, Middle East with some cybersecurity experts claiming – and whose possibility I had written in the Digital Siachen article, backing from China.
India’s Cyber Shield: How 1.5 Million Attacks Were Neutralised: India’s success in repelling this onslaught was no accident. It was the result of years of incremental upgrades, interagency coordination, and public-private partnerships. When the first wave of DDoS attacks struck, the Indian Computer Emergency Response Team (CERT-In) issued a nationwide alert, instructing critical sectors to strengthen their firewalls, block suspicious IP addresses, and monitor network traffic.
As reported by Reuters, financial institutions, including the Bombay Stock Exchange, took the unprecedented step of geo-blocking foreign IP addresses. This move is said to have thwarted botnet-driven traffic from Pakistan, Bangladesh, and Middle Eastern operatives.
State cyber units, particularly Maharashtra Cyber, which released the report, played a key role in this defence. Their real-time threat intelligence identified attack patterns, traced origins to transnational hacktivist networks, and unleashed countermeasures. Take the attacks initiated by APT36, aka Transparent Tribe or Mythic Leopard, a Pakistan-linked cyber espionage group mainly targeting Indian defence and government sectors.
They deployed Crimson RAT malware via phishing emails disguised as army recruitment forms. A successful Crimson RAT attack enables attackers to capture screenshots, extract sensitive data, and maintain long-term access to the infected systems. When these attacks began, even before the war and after the Pahalgam attacks, rapid patches and user awareness campaigns neutralised the threats.
The Press Information Bureau’s fact-checking unit was kept busy dismantling viral hoaxes, like the fake “nationwide ATM outage”, within hours to prevent panic.
It is important to note here that India’s defensive strategy wasn’t purely reactive. Unofficial cyber militias, such as the “Indian Cyber Force”, “echo0fGulmarg” and “teamwhitel0tus” retaliated by launching hundreds of cyberattacks targeting key institutions, including Pakistan Railways, OGDCL, PAF Shaheen Foundation, and DHA.
A temporary disruption is said to have occurred at NUMS, Pakistan’s equivalent of AIIMS, and defacements of websites linked to the Supreme Court of Pakistan and Islamabad Police were also observed. India’s counter-cyberattacks demonstrated our ability to launch advanced cyberattacks with coordinated offensives. It also underscored a new reality: cyberspace is now a parallel battlefield, where deterrence hinges on visible retaliation.
Lessons for Future Conflicts: Why Peacetime Preparation is Non-Negotiable: Taken as a whole, the 2025 cyber conflict offers four stark lessons for India—and indeed, the world.
- Land, Air, Water, & Cyber: It is evident that no war today is entirely just fought on the land, air or water. One must also consider another domain: cyberspace. And it is this domain that, if not protected, could determine the eventual fate of a given war. If a nation wins the land, air and water battles, but loses the war online, that can’t be called victory. Hence, in addition to having the Army, Air Force, and Navy, every nation must also make coordinated efforts to establish a fourth division: the Cyber Force.
Although not typically considered, this cyber force could also be a frontline of attack (defence during peacetime, just like a typical army), working in coordination with the other three divisions and indeed becoming both their shields and spears. - Cyber Warfare is Hybrid Warfare: Pakistan’s online campaign against India blended kinetic strikes with digital sabotage, illustrating the fusion of physical and virtual battlefronts. Take, for instance, its “Iron Wall” military retaliation against India’s operation. This coincided with cyberattacks that Pakistan claims to have paralysed 70% of India’s power grid.
While these claims were exaggerated, the intent to amplify chaos during a hybrid war reveals a template that future adversaries, such as India, may replicate in the event of further escalation. India’s ability to isolate cyber disruptions from such coordinated operations proved vital, but gaps remain. A centralised cyber command, integrating military and civilian agencies, is urgently needed to streamline responses during such a multi-domain crisis.
- Resilience Trumps Deterrence: India’s 0.01% breach rate wasn’t due to superior offensive capabilities but to what can be called our robust defensive hygiene. Regular security audits, encrypted communication protocols, and workforce training minimised vulnerabilities during the conflict. For example, power utilities pre-emptively reviewed grid security protocols, averting potential blackouts.
If we are to be prepared for the future, we need the integration of AI-driven threat detection, quantum-resistant encryption, and possibly the use of quantum computing itself, along with the availability of redundancy systems for critical infrastructure.
- The Public is a Frontline Asset: The public was targeted in two ways. One is that as the world shifts from liberal values to a peace that relies on having the larger stick, the adage that ‘everything’s fair in war’ has made a comeback. Civilians, instead of abhorring war, seem to demand it like it were a game on one side, and on the other, the enemy makes civilians a fair target for their operations.
The operation that targeted them vehemently is fake news and blatant lies. Those from the Indian media are one thing, but Pakistan also used misinformation as a stealth weapon. They flooded social media with claims of citywide blackouts, satellite jamming, and BrahMos missile factory attacks. Although India’s media countered this with the same tactic: launching their own fake news versions, it only sowed further confusion.
There needs to be a counter-strategy of public awareness campaigns and rapid debunking, without faking anything. The need is to treat citizens as informed participants in national security. Cybersecurity literacy, akin to civil defence drills, must become a peacetime priority.
The May 2025 ground conflict, aided by cyber wars, is a wake-up call—not just for India but for every nation navigating the blurred lines between war and peace in the modern world. As drones and malware rewrite the rules of combat, victory will belong to those who prepare during times of peace. India’s success against 1.5 million attacks is praiseworthy, but complacency would be lethal.
To stay ahead, India must institutionalise its ad-hoc defences, especially via a dedicated cyber command, mandate cybersecurity standards for private sector partners, and foster international coalitions to combat transnational hacktivists. Digital Siachen is right here, amidst us, and the stakes are higher than ever. Sun Tzu once wrote, “The supreme art of war is to subdue the enemy without fighting.” In the 21st century, that war begins with a simple firewall.
In case you missed:
- Digital Siachen: Why India’s War With Pakistan Could Begin on Your Smartphone
- Rise of Generative AI in India: Trends & Opportunities
- Why Elon Musk is Jealous of India’s UPI (And Why It’s Terrifyingly Fragile)
- AI as PM or President? These three AI candidates ignite debate
- AI Taken for Granted: Has the World Reached the Point of AI Fatigue?
- Deep Impact: How Cheap AI like DeepSeek Could Upend Capitalism
- AI’s Top-Secret Mission: Solving Humanity’s Biggest Problems While We Argue About Apocalypse
- 9 new ways to power data centers: the unthinkable to the absurd
- OpenAI’s Secret Project Strawberry Points to Last AI Hurdle: Reasoning
- AIoT Explained: The Intersection of AI and the Internet of Things
