When the battlefield shifted from mountains to mobiles, India’s cyber defences stood firm. Here’s why this victory matters beyond borders, writes Satyen K. Bordoloi.
During World War II, after the Germans had captured most of Europe, they launched the most concerted bombing campaign ever seen. For 56 days straight, London was subjected to an endless barrage of German bombers that killed over 40,000 people.
The Germans wanted to break the morale of the Londoners. During the recent India-Pakistan conflict, post the gruesome Pahalgam bloodshed, Pakistan tried to do something similar to India. Except this was in the digital domain.
On May 8, as India and Pakistan fought on land and air, I wrote an article for Sify titled “Digital Siachen: Why India’s War With Pakistan Could Begin on Your Smartphone” (published May 8). My premise was stark but straightforward: modern conflicts aren’t just fought with tanks and missiles but also with lines of code and bots.
I warned that state-sponsored Pakistani hackers and transnational cyber militias, would weaponise the digital domain to try and cripple India’s critical infrastructure, spread disinformation, to erode public trust.
Maharashtra Cyber officials confirmed that this prediction materialised with chilling precision. Between May 7 and May 10, Pakistan-allied hacker groups launched over 1.5 million cyberattacks on Indian targets. Yet, thanks to a robust cyber resilience, only 150 of these assaults succeeded—a 99.99% failure rate for the enemy.
This was a landmark moment in the history of global warfare, and beyond its regional context, it provides nations with a blueprint for preparing for the wars of tomorrow.
The Anatomy of a Cyber Siege: As I had mentioned in the article, Pakistan has a formidable cyber army. This was demonstrated by the scale and sophistication of their unprecedented cyberattack. Orchestrated by seven Advanced Persistent Threat (APT) groups—including Pakistan Cyber Force, APT36, and Mysterious Bangladesh—the attacks spanned Distributed Denial-of-Service (DDoS) barrages, malware intrusions, GPS spoofing, and website defacements.
High-value targets included India’s Ministry of Defence, the Prime Minister’s Office, and critical infrastructure like power grids and airports. One attack on the Indian President’s Office website lasted a record 19 hours. In contrast, other persistent attacks tried to paralyse Indian infrastructure, threatening outages of everything, from the internet to power and water.
Yet, the attackers’ bravado outpaced their impact. Take, for instance, the claim about hacking Mumbai’s Chhatrapati Shivaji Maharaj International Airport to leak passenger information or causing statewide blackouts. These were debunked as recycled data leaks or outright fabrications.
Maharashtra Cyber’s “Road of Sindoor” report exposed these tactics, revealing how hackers used social media to amplify fear by spreading over 5,000 fake news items, including false narratives about power grid collapses and missile facility breaches. The goal was that of the Germans during WWII: to psychologically destabilise and demoralise the populace.
And though the fight was between India and Pakistan, the cyberspace missiles on India were launched from beyond Pakistan, going as far as Turkey, Bangladesh, Indonesia, Malaysia and the Middle East, many of them with the backing from China.
How 1.5 Million Attacks Were Neutralised: India’s 99.99% success in fighting this blitzkrieg was no accident. It was the result of years of incremental upgrades, interagency coordination, and public-private partnerships. When the first wave of DDoS attacks struck, the Indian Computer Emergency Response Team (CERT-In) issued a nationwide alert, instructing critical sectors to strengthen their firewalls, block suspicious IP addresses, and monitor network traffic.
As reported by Reuters, financial institutions, including the Bombay Stock Exchange, took the unprecedented decision to geo-block foreign IP addresses.
State cyber units, particularly Maharashtra Cyber, which released the report, played a key role in this defence. Their real-time threat intelligence identified attack patterns, traced origins to transnational hacktivist networks, and unleashed countermeasures. Take the attacks initiated by APT36, aka Transparent Tribe or Mythic Leopard, a Pakistan-linked cyber espionage group mainly targeting Indian defence and government sectors.
They deployed Crimson RAT malware via phishing emails disguised as army recruitment forms. A successful Crimson RAT attack enables attackers to capture screenshots, extract sensitive data, and maintain long-term access to the infected systems. When these attacks began, even before the war and after the Pahalgam attacks, rapid patches and user awareness campaigns neutralised the threats.
Meanwhile, the Press Information Bureau’s fact-checking unit was kept busy debunking viral hoaxes, such as the fake “nationwide ATM outage.”
It is said that at times offence is the best defence. Unofficial cyber militias, such as the “Indian Cyber Force”, “echo0fGulmarg” and “teamwhitel0tus” retaliated by launching hundreds of cyberattacks targeting key institutions, including Pakistan Railways, OGDCL, PAF Shaheen Foundation, and DHA.
A temporary disruption is said to have occurred at NUMS, Pakistan’s equivalent of AIIMS. Websites linked to the Supreme Court of Pakistan and Islamabad Police were also defaced. Not only did this demonstrate our counterstrike ability online, it also proved that today, cyberspace is a parallel battlefield where deterrence hinges on visible retaliation.
Why Peacetime Preparation is Non-Negotiable: Taken as a whole, the 2025 cyber conflict offers four stark lessons for India—and indeed, the world.
- Land, Air, Water, & Cyber: It is evident that no war today is just fought on land, air or water. Cyberspace has emerged as a new warfare domain that could ultimately determine the conflict’s outcome. If nations win land, air, and water battles, but lose the war online, that can’t be called a victory. Hence, in addition to having the Army, Air Force, and Navy, every nation must also make efforts to establish a Cyber Force.
This cyber force could also be a frontline of attack, working in coordination with the other three branches to become both their shields and spears. - Cyber Warfare is Hybrid Warfare: Pakistan’s online campaign against India blended battlefield strikes with digital sabotage, illustrating the fusion of physical and virtual battlefronts. Take its “Operation Bunyan-un-Marsoos” or “Iron Wall” military retaliation against India’s Operation Sindoor. It coincided with cyberattacks that Pakistan claims to have paralysed 70% of India’s power grid.
While these claims were exaggerated, the intent to amplify chaos during a hybrid war reveals a template that anyone can replicate. India’s ability to isolate cyber disruptions from such coordinated operations proved vital, but gaps remain. A centralised cyber command, integrating military and civilian agencies, is urgently needed to streamline responses during such a multi-domain crisis.
- Resilience Trumps Deterrence: India’s 0.01% breach rate wasn’t due to superior offensive capabilities but to what can be called our robust defensive hygiene. Regular security audits, encrypted communication protocols, and workforce training minimised vulnerabilities during the conflict.
Power utilities pre-emptively reviewed grid security protocols, averting potential blackouts. To be prepared for the future, we must integrate AI-driven threat detection, quantum-resistant encryption, and potentially utilise quantum computing, along with the availability of redundant systems for critical infrastructure.
- The Public is a Frontline Asset: The world is moving from liberal values to one where peace means having the larger stick. In such a world, ‘everything’s fair in war’ applies. Civilians, instead of abhorring war, seem to demand it like it were a game, while the enemy actively targets civilians, including via fake news and blatant lies.
Besides the jingoistic falsehood from the Indian media, Pakistan also used misinformation as a stealth weapon. They flooded social media with claims of citywide blackouts, satellite jamming, and BrahMos missile factory attacks. Although India’s media countered this with the same tactic—launching their own fake news versions—it only sowed further confusion.
There needs to be a counter-strategy of public awareness campaigns and rapid debunking, without resorting to deception. The need is to treat citizens as informed participants in national security. Cybersecurity literacy, akin to civil defence drills, must become a peacetime priority.
The May 2025 ground conflict and the corresponding cyber war serve as a wake-up call—not just for India, but for every nation navigating the blurred lines between war and peace in the modern world. As drones and malware rewrite the rules of combat, victory will belong to those who prepare during times of peace. India’s success against 1.5 million attacks is praiseworthy, but complacency would be lethal.
To stay ahead, India must institutionalise its ad-hoc defences, especially via a dedicated cyber command, mandate cybersecurity standards for private sector partners, and foster international coalitions to combat transnational hacktivists. The Digital Siachen is right here, right now, amidst us, and the stakes are higher than ever. Sun Tzu once wrote, “The supreme art of war is to subdue the enemy without fighting.” In the 21st century, that war begins with a simple firewall.
In case you missed:
- Digital Siachen: Why India’s War With Pakistan Could Begin on Your Smartphone
- Rise of Generative AI in India: Trends & Opportunities
- Why Elon Musk is Jealous of India’s UPI (And Why It’s Terrifyingly Fragile)
- Deep Impact: How Cheap AI like DeepSeek Could Upend Capitalism
- AI’s Top-Secret Mission: Solving Humanity’s Biggest Problems While We Argue About Apocalypse
- AI Washing: Because Even Your Toothbrush Needs to Be “Smart” Now
- To Be or Not to Be Polite With AI? Answer: It’s Complicated (& Hilarious)
- AI as PM or President? These three AI candidates ignite debate
- AIoT Explained: The Intersection of AI and the Internet of Things
- AI Hallucinations Are a Lie; Here’s What Really Happens Inside ChatGPT
