India steps up vigil for cyber attacks from China after apps ban

New Delhi/Mumbai: The government has increased a nationwide alert and stepped up monitoring as intelligence agencies prepare for intensified cybersecurity attacks from China.

Cybersecurity experts said India’s ban on 59 Chinese apps was only the start and there will be greater scrutiny of companies, device makers and apps with exposure to China, which can trigger retaliatory attacks.

A senior government official said that among all the sectors, power, telecom and financial services are being monitored even more closely, given their exposure to Chinese infrastructure.

“Since we have permitted the Chinese for so many years to invest in critical infrastructure, especially in communications and power, the Chinese have keys to those networks in the country and through that, they have influence over our financial sector as well,” the official said. “They could potentially initiate problems in any of these networks through remote locations.”

Cybersecurity experts said the government will expand monitoring and focus on companies that are funded by Chinese investors, although the degree of surveillance may vary.

“In today’s economic climate, no one can afford physical wars... war is waged in the form of cyber, trade and potentially supply chain conflicts. Now the companies that have funding from Chinese investors will be under scrutiny, especially tech platforms,” said Siddharth Vishwanath, leader, cybersecurity, at PwC India. “Banning Chinese apps is possibly a pre-emptive step to what could be large-scale surveillance.”

Surveillance devices made in China that are used in government and private offices will be next on the radar, said Pavan Duggal, a Supreme Court advocate and cyber law expert.

On Monday, the Indian government banned 59 Chinese apps, including the popular TikTok, citing threats to national security. Prior to that, it had warned of increased cyber security threats. The government also cited complaints about data on Indian users being transferred abroad without authorisation.

However, some experts said an outright ban, especially of frequently used apps, may lead to other security lapses. Suman Kar, CEO of Banbreach, which provides cybersecurity consulting services, said the less technically aware customers may download potentially malware rigged clones of these banned apps from unofficial stores.

Cybersecurity attacks and breaches in the country are likely to have surged over six-fold since the lockdown was imposed on March 25, forcing many people to work from home, according to experts. Indian cyberspace is also on high alert owing to increased security risks from the border tension with China. State officials and cybersecurity companies last week warned of a potential surge in cyberattacks from Chinese hackers.