Pukhraj Singh – Writings of Pukhraj Singh

1st October 20211st October 2021

Critical infrastructure legislation should also set the parameters of cognitive security – Australian Strategic Policy Institute

My article for the Australian Strategic Policy Institute: https://www.aspistrategist.org.au/critical-infrastructure-legislation-should-also-set-the-parameters-of-cognitive-security/.

With the heightened threats in cyberspace, the Australian government wishes to hasten the passage of crucial amendments to the Security of Critical Infrastructure Act 2018.

The unannounced information war with China has put tremendous strain on the Five Eyes intelligence-gathering alliance in Oceania. The relentless compromising of the private sector, which remains a soft but strategic target, has diluted the conventional boundaries of conflict, forcing the government to enhance its legislative reach.

6th June 20211st October 2021

The equities of telco cyber exploitation: 5G and the Huawei ban – Observer Research Foundation

My article for the Observer Research Foundation: https://www.orfonline.org/expert-speak/the-equities-of-telco-cyber-exploitation-5g-and-the-huawei-ban/

The Indian government has commenced the trials of 5G technology, but the Chinese company Huawei is notably absent from the list of approved vendors. The Indian strategic community is almost unanimously supportive of the decision, concerned about the emerging Chinese hegemony around 5G standards and architecture. Although think tanks and experts have delved into some of the technical intricacies of 5G, the commentary remains largely polemical and rooted in the complicated verbiage of Sino-Indian geopolitics.

It would be worthy to briefly deconstruct the nature of the threat posed by the telco networks, why they are deemed so critical when it comes to Indian national security imperatives, and the kind of exploits and vulnerabilities which cyber adversaries have used to subvert them. It may paint a slightly different picture and offer a more nuanced take on China’s forays into 5G.

10th May 20211st October 2021

The SolarWinds hack pokes holes in Defend Forward – Observer Research Foundation

My article for the Observer Research Foundation: https://www.orfonline.org/expert-speak/the-solarwinds-hack-pokes-holes-in-defend-forward/

In December 2020, the cybersecurity company FireEye discovered a cyber espionage campaign, compromising dozens of government and private organisations in the US.

Orchestrated by subverting the supply-chain of the popular IT administration software-maker SolarWinds, the operation showcased remarkable ingenuity and precise tradecraft at every step of the “kill chain” to skirt around the phenomenal counterintelligence capabilities of the US. They had no plans to outmatch the strategic cyber offensive might of the US, so the spies tactically blended-in with the environment, exploited “transitive trust” of the computers, and used deception to look like routine processes.

Yet, beyond all the technical details, it was the palpable strategic calculus which strikes at the heart of US cyber policy. The SolarWinds hack could potentially upset many of the US’ cyber statecraft initiatives—bolstering national cyber defence in the aftermath of the 2016 electoral interference—which took years to mature.

8th April 20218th April 2021

General Rawat’s comment on the India-China “capability differential” in cyber operations

General Bipin Rawat, India’s first Chief of Defence Staff, made a sort of unusual confession that we may never be able to bridge India’s “capability differential” on cyber operations, when compared to China. And that we “may not be able to fully catch up.” More in this Twitter thread by a journalist.

My hot take on it in three tweets:

Keeping in mind that a lot could get lost in translation from hacker-speak to general-speak, capability differential could become a self-defeating way to think about cyber. It’s fine to have a totally non-overlapping Venn diagram of cyber capabilites, vis-à-vis India & China. https://t.co/QnCeXWgv6K

— Pukhraj Singh (@RungRage) April 7, 2021

Gen. Rawat also endorses the general misassumption of cyber: imagining operations from the conventional precept of “contact.” Both the adversary & you only battle with ambiguity & uncertainty. Non-contact warfare understands that to some extent https://t.co/Ie9ujouB0m

— Pukhraj Singh (@RungRage) April 8, 2021

3/3 More here: “The Competition Continuum and noncontact operations in cyberspace” https://t.co/vvYGqO5tM7 The best articulation of this competition comes from @halvarflake as explained in the post.

— Pukhraj Singh (@RungRage) April 8, 2021

2nd February 20212nd February 2021

My litany on the Cyberspace Solarium Commission

I wrote this very long email to a senior member of the Cyberspace Solarium Commission. It was well received and the person agreed with many of my assertions. Sharing is caring.

30th December 20203rd January 2021

The Competition Continuum and noncontact operations in cyberspace

The SolarWinds hack has triggered deep introspection within the policy circles.

One realisation which I am having is that military strategies in cyberspace seem to be wanting to define “contact” in more conventional terms rather than how it’s really applicable to cyber operations.

28th December 202028th December 2020

SolarWinds: Cyber strategists are back to the drawing board – Hindustan Times

My geo-strategic take on the SolarWinds hack, published by the Hindustan Times: https://www.hindustantimes.com/analysis/solarwinds-cyber-strategists-are-back-to-the-drawing-board/story-L5QunVMY7vRa04isQlT1QL.html.

The SolarWinds hack – a cyber espionage campaign compromising critical organisations of the United States (US) – has fundamentally disrupted the power dynamics of cyberspace.

It is not only a major setback to the cyber statecraft initiatives of the US which took years to mature, but also challenges the basic assumptions upon which the West’s strategy for cyber dominance rests.