Published by The Quint: https://www.thequint.com/voices/opinion/cyber-deterrence-kudankulam-nuclear-plant-cyber-attack-lessons-for-india. Hacktivist personas and hack-and-leak operations aren’t new — if anyone remembers CyberCaliphate, CyberBerkut & Guardians of Peace, etc. This is relevant as major leaks hit Iran, Russia and China in November. India’s cyber adversaries would rather target its soft political underbelly. Coercion and deterrence may have purely cognitive parameters. They simply do not exist in the “disrupt, deny & degrade” dimension, as recent Iran operations by US Cyber Command have shown.Continue reading “Cyber Deterrence Is Dirty & Illegal: Time to ‘Innovate’ Or ‘Die’ – The Quint”
I may (or may not) do a series of quick posts highlighting the strategic challenges encountered while investigating a cyberattack like Kudankulam. They would be filed under the ‘lessons-from-kudankulam‘ tag. Since our agencies were literally caught napping, this is a good primer for understanding what nation-state-level cyber capabilities entail:
Some dumbified excerpts from my dispatches to the government:Continue reading “Lessons from Kudankulam – Part II: Targeting, jointness & offensive toolchains”
Arindrajit Basu and Karan Saini wrote a detailed critique of my essay on cyber norms for the Modern War Institute: Setting International Norms of Cyber Conflict Is Hard, but That Doesn’t Mean We Should Stop Trying.
Here’s my rejoinder to their rejoinder:Continue reading “A rejoinder to a rejoinder”
In 2010, I led the first joint cyber operations with the Indian Air Force. Nine years too late, we have started talking about cyber jointness.
“Synergy in Joint Cyber Operations,” presented at an Indian National Defence University event, backed by the Integrated Defence Staff. The first time ever that jointness was discussed in the Indian context. Not very verbose for obvious reasons – I flagged politics and turf wars. Some shakeups are happening; the Defence Cyber Agency is up. Winds of change…