From cyberattacks to border clashes: How India is feeling the heat from an emboldened China

Suman Patel and her teenage daughter had travelled over 700km to reach Delhi from their home in a remote district of Uttar Pradesh state, ready to collect the 16-year-old’s post-op test results from India’s top public hospital.

After their daughter was diagnosed with cancer in her right leg earlier this year, the Patels had opted to seek treatment at the All India Institute of Medical Sciences (AIIMS) in the hope of receiving the best possible care. Doctors there recommended amputating the limb to contain the cancer’s spread, and the surgery was completed on 26 November.

Despite the difficulty of moving their daughter after the operation, they had nowhere to stay in Delhi so took her home, only to return 10 days later for a follow-up appointment. Yet when they arrived back at AIIMS, they were told the journey had been a waste of time – the hospital’s entire patient records system was down, and they would have to make the 1,400km (870 miles) round trip again in another couple of weeks.

The Patels are among the tens of thousands of patients and families inconvenienced or put at risk by a major cyberattack targeting AIIMS last month, which police believe originated in China. Experts describe it as just one example of the pressure being placed on India by its increasingly aggressive and emboldened neighbour to the east.

An estimated 10,000 people come from across India to AIIMS every day to access free healthcare. With wealthier individuals more likely to turn to private hospitals, it means poorer Indians were disproportionately affected by the hacking incident which, police sources say, has been traced by investigators to servers in China and Hong Kong.

open image in gallery

“Without access to lab reports, how will we treat the patients?” asks an exasperated senior resident doctor at the hospital, who spoke to The Independent on condition of anonymity earlier this month, more than a week after the cyberattack came to light and with systems still down. “We have been asking the patients to undertake the tests again. This is a nightmare.”

IT minister Rajeev Chandrasekhar later informed parliament that five servers were affected in the incident, with “approximately 1.3 terabytes of data encrypted” by hackers using ransomware.

The system went down around 9am on the morning of 23 November, says a senior police officer involved in the investigation who asked to remain anonymous.

Initially nobody knew it was a cyberattack, the officer says, just that some files were encrypted. “When those files were opened in normal text, there was a note on the top of it. There were two emails which said that if you want the keys then you respond to these mails,” the officer said.

An Indian Express report indicated that the records of up to 40 million patients, including high-profile political figures and public personalities, may have been compromised.

The investigation has been taken over by federal agents, but the police officer says “initial analysis is pointing to two locations – in China and Hong Kong”. He says it is not known if the culprit was a private individual or if it was a state-sponsored attack.

Just over two weeks after the AIIMS hacking, another security incident involving China raised alarm bells across India. On 9 December, more than 250 Chinese and Indian soldiers clashed at the countries’ disputed border in a skirmish leading to a significant rise in tensions between the two Asian giants.

open image in gallery

The Chinese soldiers outnumbered their Indian counterparts by four to one and were armed with crude weapons, including spiked clubs, monkey fists and stun guns, when they attacked Indian units in the tense Yangtse area of Arunachal Pradesh’s Tawang sector, causing injuries on both sides, said the Indian Army on 11 December.

Much of the border between India and China is disputed by both countries, with the entire Indian state of Arunachal Pradesh claimed by Beijing as part of its territory. Tensions over the dispute reached a peak in June 2020 when 20 Indian soldiers and an unspecified number of Chinese forces were killed in a brutal hand to hand skirmish in the Galwan district. Soldiers conducting border patrols in the area are typically unarmed in order to reduce the risk of any clash escalating into all-out conflict.

It was the third major clash reported in a little over two years, and reports indicate there have been many more such incidents that didn’t make the news. At the same time, Indian analysts say China is expanding its network of model villages close to the de facto border, the “Line of Actual Control” across the border from the Indian Himalayan states of Uttarakhand, Sikkim and Arunachal Pradesh.

“It is important to remember that neither of these types of threats are new, but it is only since the 2020 Galwan clashes that the general Indian public have begun to take note,” says Jabin T Jacob, an associate professor at the department of International Relations and Governance Studies at the Shiv Nadar University.

“The latest clash suggests that the Chinese leadership has assessed that the risks or consequences of provoking the Indians once again [after Galwan] are manageable,” he adds. “In other words, the Chinese do not take India’s stature or deterrence capabilities seriously. The latest incident was not an exact replay in that the Indians were better-prepared and got the better of the Chinese.”

Michael Kugelman, director of the South Asia Institute refers to China’s village expansion near the border area as a “provocation”.

“This is the crux of the problem. Despite regular dialogue between the two militaries, despite the pledges of disengagement and de-escalation, these Chinese provocations continue to happen. And we’ve seen that India lacks the deterrent capacity to prevent them,” he says.

“That’s a basic but sobering fact for New Delhi. Beijing appears to be preparing the grounds for future cross-border incursions, but New Delhi lacks the capacity to push back to pre-empt them.”

Raising concerns about cybersecurity, Jacob says: “India has banned all sorts of Chinese apps and equipment but it lacks the vetting and continuous monitoring capabilities to ensure that these apps and equipment do not come in under other guises or to ensure that foreign equipment only do what they say they do.”

Defence analyst and retired Lieutenant General Rameshwar Roy suggests India must harden itself “from within the military to cyberattacks”.

“China is way ahead in terms of cyber capabilities [than India],” he says, adding that it can do so from other territories such as Pakistan and Hong Kong.

Mr Kugelman says that, although “cybersecurity is a comparative advantage for India,” the challenge lies in the “lack of critical mass of workers”.

“While India has a large high-tech labour force and prestigious educational and training centres for high-tech careers, the supply falls short,” he says. “This is one reason why Apple, which is considering relocating some production from China to India, is a bit concerned about India: The lack of a critical mass of workers that can carry out the complex task of putting together an iPhone.”

However, India is advantaged on cybersecurity in the geopolitical sphere as it enjoys “close ties with high-tech powerhouses like the US, many of the EU countries, and Japan and Australia.”

“Global tech firms want to partner with India. There’s a lot of concern about China as a hacking and surveillance threat. But herein lies another challenge for India: It has its own issues with using technology in undemocratic ways. Surveillance is a real concern in India.”

India’s next step is to reinforce itself against cyberattacks, the retired officer says.

Even on the border clashes, (Retd) Lt Gen Roy said, that since Galwan, the government has given a push to the infrastructural development, which he calls a “defensive measure”.

“Because when someone has the ability to attack you, first you have to consolidate your defence before you start attacking them.”

open image in gallery

“The basic philosophy is, first we should reduce our vulnerability” both on the cyber and border front, he says as he slams the “Agnipath” scheme.

In June, the government of India announced a major overhaul to armed forces recruitment, unveiling the “Agnipath” or “Path of Fire” programme that offers applicants a short-term four-year contract in navy, airforce or army. On completion of this programme, only 25 per cent will be retained and the others will be released.

Touted by the defence minister Rajnath Singh as a “major defence policy reform” to make Indian armed forces more “battle-ready” and youthful, the move is aimed at cutting ballooning pensions and salaries, which have been a longstanding issue for one of the world’s largest militaries. Personnel recruited through the scheme would be referred to as “Agniveer”.

The announcement led to widespread protests, with youths burning the effigies of prime minister.

“Except for the Indian army, no other country in the world has got such active borders as we have,” says (Retd) Lt Gen Roy, referring to the frontier shared with Pakistan, Afghanistan, China, Nepal, Bangladesh, Bhutan and Myanmar. “Our active borders are nearly 7,000-8,000km (4,350-4,970 miles) along the land frontiers and almost the same distance on the coastal belt.”

“Both are equally vulnerable,” he says, noting the November 2008 Mumbai attack when members of Lashkar-e-Taiba, an Islamist terrorist organisation from Pakistan carried out 12 shooting and bombing attacks lasting four days in which a total of 175 died, including nine attackers.

open image in gallery

“At such a time, we cannot think in terms of these Agniveer, four-year service,” he says. “Four years term is no term. In fact, if you ask me, a soldier takes over five years to mature in the service to become a hardened soldier who can face the enemy without getting nervous.

“The four-year term is not going to help Indian Army unless and until we overcome the threats at the border, which are going to be as present as they are now in the near future.”