Print This Post
30 June 2022, Gateway House

Indian cyber resilience in the Indo-Pacific

During the last decade, cyber threats have steadily expanded in the Indo-Pacific in two distinct dimensions: cyberattacks by state and non-state actors, and cybercriminal syndicates. As a digitized society, India has offered its expertise and technologies to like-minded countries in the region. It must now expand its role by developing cyber norms, capacity-building and technical exchanges.

Former Fellow, International Security Studies Programme

post image


Across the Indo-Pacific, countries are harnessing information and communication technologies (ICT) for a wide range of economic and social purposes. But their increased dependence on ICT has also created opportunities for malicious state and non-state actors to breach computer networks, steal sensitive data and disrupt critical infrastructure.[1] The onset of COVID-19 has only deepened this threat, as cyber saboteurs have capitalized on the pandemic to carry out debilitating cyberattacks. India, as a leading democracy and digitized society, has offered its expertise and technologies to like-minded countries in the Indo-Pacific region. This article examines its role in strengthening the region’s cyber resilience in the face of evolving cyber threats, and suggests ways India can expand its critical role by developing cyber norms and focusing on practical initiatives like capacity-building and technical exchanges.

Regional cyber threats today

Cyber threats have steadily expanded in the Indo-Pacific during the last decade. While part of the broader security challenges in the region, cyber threats have two distinct dimensions: cyberattacks perpetrated by state and non-state actors with geopolitical motives, and offenses committed by cybercriminal syndicates with occasional support and involvement of state actors.

Malicious activities of state actors

China has emerged as the leading malicious state actor, responsible for several cyberattacks on critical national infrastructure (including election infrastructure), advanced persistent threat (APT) vectors used for espionage, and disinformation campaigns against its adversaries, including India, Japan, Vietnam, South Korea, and Taiwan. Beijing has executed these attacks as part of its ‘grey zone operations’ strategy to intimidate and coerce its adversaries and send political signals without engaging in direct military conflict.

North Korea and Iran also pose cyber threats. Pyongyang and its proxies like the Lazarus group, a cybercriminal syndicate, have perpetrated several cyberattacks targeting South Korean and Japanese computer networks and financial institutions, as well as several targets worldwide.[2] Likewise, Iran has used cyber tools and proxies to target Saudi Arabia, Israel, and the United States; it also has been the target of multiple cyberattacks.[3]

Despite growing awareness about cybersecurity, countries lack adequate budgetary resources and technical skills to harden their cyber defenses adequately. A lack of real-time cooperation between the region’s law enforcement agencies, deficient cyber forensic capabilities, and varying legal practices add to the gravity of the situation. Such problems, combined with the sheer tenacity of the malicious state actors in mapping out their adversaries’ vulnerabilities, ensures a continuing risk of debilitating cyberattacks.

Cybercriminal syndicates’ malfeasance

Capitalizing on the proliferation of malicious software codes and hacking tools, cybercriminal syndicates have executed penetrating attacks targeting nation-states and businesses. The unprecedented COVID-19 global health emergency has created additional opportunities for cyber malfeasance. Over the last 18 months, malware (malicious software), “watering hole” attacks (targeting websites used by a specific set of users or enterprises), and phishing (fraudulent attempts to steal sensitive personal user data by disguising websites or emails as a reputable source) have emerged as the top cyberattack techniques. Primary victims have been smaller enterprises; one study by Cisco Systems found that one in two small and medium-sized businesses across the region have suffered a cyber intrusion in the past year.[4]

In carrying out these attacks, cybercriminal syndicates exploit inadequate cyber hygiene and lack of awareness of cybersecurity. Many businesses continue to lack financial and technical resources and knowhow to protect themselves from cyber risks.[5]

Regional endeavors

Countering cyber threats has been high on the agenda of the countries in the Indo-Pacific. Leading digital democracies in the region – Australia, India, Indonesia, Japan, South Korea, and Taiwan have strengthened their domestic legislative and regulatory frameworks in response to rising cyberattacks. For instance, in recent years, Taiwan has created an extensive network of institutions under the National Defense and Justice Investigation Bureau ministries; enabling it to better withstand rampant cyber threats from China.[6] Likewise, Japan has focused on augmenting its cyber capabilities in response to attacks from China and North Korea.[7]

Meanwhile, the Association of Southeast Asian Nations (ASEAN) convened the first meeting of member-states’ ministers responsible for cyber and digital issues. Held virtually on January 22, 2021, the meeting emphasized the region’s Computer Emergency Response Teams (CERTs) to strengthen cooperation in exchanging information on cyber threats.[8]

India’s role in Indo-Pacific’s cyber resilience

With the world’s second-largest internet user base and an advanced technology sector, India has elevated its cyber profile in the last decade by making cyber security a domestic policy priority and by sharing its expertise and experience with other countries in the Indo-Pacific.

India’s cyber successes

In its recent Global Cyber Security Index, the International Telecom Union ranked India in the 10th position globally (up from 47th in 2018) and 4th in the Asia Pacific (up from 10th in 2018). India moved up these rankings through its steady focus on securing core digital infrastructure, protecting citizens’ data, and expanding cyber forensic capabilities.[9] In 2015, India created the post of National Cyber Security Coordinator, which has achieved better—if not ideal—inter-agency management and information sharing on cyber issues. As a result, India has successfully prevented any large-scale disruptive cyberattack like ones seen in Estonia and Georgia in 2007 and 2008, respectively.

To fight the menace of cybercrime, India also is stepping up its cyber forensic capabilities by setting up cyber forensic labs and centers in academic institutions.[10] In addition, many universities like Gujarat Forensic Sciences University and SRM University have begun offering cyber forensics courses. More than 28,000 police and law enforcement officials have received the training. This has significantly augmented capacity in cybercriminal investigations and resolution of cybercriminal cases.[11] According to the Ministry of Home Affairs, the Indian Cyber Crime Coordination Centre, the federal agency for tackling cybercrimes, has collaborated with trained law enforcement officials to recover Rs. 12 crores stolen in various cybercrime cases since 2018.[12] This may be a small amount compared to the money lost due to cybercrime, but it gives some assurance to cybercrime victims that a successful resolution of their grievances is possible. This assurance has contributed to growing consumer usage of digital payment systems.

India has shared its domestic success on the cybersecurity front with other countries in the Indo-Pacific, as shown in Table 1 below. This engagement includes exchanges on best cybersecurity practices, capacity-building to protect critical infrastructure and on tackling threats posed by cybercrimes.[13]


Table 1: India’s cyber engagements

Bilateral cyber dialogues Australia, Egypt, Japan, New Zealand, United States, ASEAN
Bilateral cyber agreements and MoUs Bangladesh, Japan, Jordan, Malaysia, Qatar, Singapore, South Africa, South Korea, Vietnam, Tanzania
CERT-India’s foreign collaborations South Korea, Japan, Mauritius, United States, Australia, Malaysia, Singapore, Vietnam, Bangladesh, Seychelles
Participation in technical forums ITU’s International Multilateral Partnership Against Cyber Threats, INTERPOL Global Complex for Innovation, Forum of Incident Response and Security Teams (Group of CERTs), Asia Pacific CERT, Global Forum on Cyber Expertise
Global forums United Nations’ Group of Governmental Experts

Source: Adapted from Patil (2022)

Moreover, through its overseas assistance program, the Indian Technical and Economic Cooperation (ITEC) program, New Delhi offers courses on cyber, artificial intelligence, and other emerging technologies.[14] Initiatives such as these have contributed to expanding the cyber knowledge base among the like-minded countries in the Indo-Pacific.

Advancing India’s contribution

Given the ever-advancing threat, New Delhi needs to enlarge its commitment to the Indo-Pacific by developing cyber norms and conceptualizing new ways for collaboration  

Norms for responsible state behavior: India has always taken a proactive position at multilateral forums, putting forward concerns of developing countries about national sovereignty and economic growth. As a result, India is better-positioned than other countries to initiate a conversation with other Indo-Pacific countries to develop a common understanding of what constitutes responsible state behavior, violations of sovereignty, attribution for cyberattacks, and the right to self-defense against state-sponsored cyberattacks. As part of this conversation, New Delhi also can deliberate with like-minded countries by establishing a regional consultative mechanism for regulating the behavior of non-state actors and protecting critical infrastructure. Furthermore, by engaging smaller Indo-Pacific countries in a conversation on cyber norms, India can give these countries a sense of being stakeholders in cyberspace management.

Stress-test critical infrastructure by simulating cyberattacks: To assess the capacity of the critical infrastructure to disruptive cyberattacks and ransomware attacks, India can join like-minded Indo-Pacific countries such as Japan, Taiwan, South Korea, and Australia in conducting real-world simulations of such attacks. This will help develop a regional response to persistent, offensive cyber operations and data breaches and identify areas that require capacity strengthening. Such action initially can cover the financial sector, which is a leading contributor to the region’s economic growth and prosperity.[15]

Creation of a Cyber Action Task Force: The lack of a pan-regional cybersecurity organization is a significant gap in the region’s cybersecurity preparedness. India can facilitate creation of a Cyber Action Task Force, an organization similar to the Paris-based Financial Action Task Force. The Cyber Action Task Force can work with the national CERTs in the Indo-Pacific and technical experts from the industry to tackle cyber incidents. It also can share cyber threat intelligence and develop technical standards for critical infrastructure protection. The Cyber Action Task Force must include Taiwan to benefit from Taipei’s experience of battling cyber threats.


India has a critical role to play in ensuring unhindered digital growth in the Indo-Pacific. Its collaborative approach stands in sharp contrast to countries pursuing cyberspace dominance. Moreover, its focus on bringing together all stakeholders to deliberate on norms and develop practical collaboration among the nations will ensure that New Delhi emerges as a consequential voice in shaping global debates on cybersecurity cooperation.

Sameer Patil is former Fellow, International Security Studies Programme, Gateway House. 

This article was exclusively written for Gateway House: Indian Council on Global Relations. You can read more exclusive content here.

For permission to republish, please contact

© Copyright 2022 Gateway House: Indian Council on Global Relations. All rights reserved. Any unauthorised copying or reproduction is strictly prohibited.


[1] Sameer Patil, Securing India in the Cyber Era, Routledge, London and New York, 2022, p. 1.

[2] Daniel A. Pinkston, “North Korea’s Objectives and Activities in Cyberspace”, Asia Policy, Vol. 15, No. 2, April 2020, pp. 76–83.

[3] “Publicly Reported Iranian Cyber Actions in 2019”, Center for Strategic and International Studies,

[4] “Cybersecurity for SMBs: Asia Pacific Businesses Prepare for Digital Defense”, CISCO Secure, September 2021,

[5] Sameer Patil and Sagnik Chakraborty, “A Cybersecurity Agenda for India’s Digital Payment Systems”, Gateway House Paper no. 20, September 2019,

[6] Sameer Patil, “The India-Taiwan Imperative for Cybersecurity Cooperation,” Asia Insights, No. 15, June 2021.

[7] “In first, Japan names China, Russia and North Korea as cyberattack threats”, The Japan Times, 27 September 2021,

[8] “The 1st ASEAN Digital Ministers’ Meeting and Related Meetings”, Association of Southeast Asian Nations, 22 January 2021,

[9] Patil, op. cit. pp. 18–21.

[10] Rajnish Singh, “18 cyber forensic labs commissioned in India, more in pipeline”, ANI, 23 July 2021,

[11] Ibid.

[12] ANI, “PM Modi-led govt’s I4C wing saves over Rs 12-cr of cyber fraud victims since 2018”, Lokmat, 9 September 2021,

[13] Patil, op. cit., p. 71.

[14] “Cyber Technologies, AI and Emergent Technologies”, Indian Technical and Economic Cooperation Programme,

[15] Quad Economy and Technology Task Force Report: A Time for Concerted Action, Gateway House Report, August 2021,, p. 30


TAGGED UNDER: , , , , ,