Cyber Threats and Nuclear Security in India

Published date01 August 2022
Date01 August 2022
Subject MatterResearch Articles
Research Article
Cyber Threats and
Nuclear Security
in India
B. Poornima1
State and non-state actors are increasingly using cyberspace as a platform
to execute hybrid warfare. As multiple incidents in India have shown critical
infrastructures, particularly nuclear infrastructures, have been lucrative targets
of cyber-attacks. Considering India’s well-progressing civilian and military
nuclear infrastructures, it is apposite to raise the question of how safe these
nuclear infrastructures are from cyber threats. This article suggests that India’s
nuclear infrastructures will remain exposed to cyber-attacks due to their strategic
significance for India’s national security. These threats will continue to exploit
the zero-day vulnerabilities in the cyber-physical systems of these infrastructures.
Further, the article looks into the threat sources, consequences and mitigation
strategies against cyber-attacks on nuclear infrastructures. In an attempt to
explore mitigation strategies, the article discusses certain cyber-attack scenarios
and the consequences on India’s nuclear infrastructures. The article concludes
that while certain technological cyber-defence mechanisms are in place, there is a
need for legislative and diplomatic measures for developing a comprehensive set
of measures to deter cyber threats to India’s nuclear infrastructures.
Indian nuclear infrastructures, cyber security, hybrid warfare, nuclear power plant,
In 2020, officials identified a cyber-attack on Mumbai’s electrical grid. According
to the diagnostic report, the malware originated in China. One year prior, the
Journal of Asian Security
and International Affairs
9(2) 183–206, 2022
© The Author(s) 2022
Reprints and permissions:
DOI: 10.1177/23477970221099748
1 Department of Geopolitics and International Relations, Manipal Academy of Higher Education,
Manipal, Karnataka, India
Corresponding author:
B. Poornima, Department of Geopolitics and International Relations, Manipal Academy of Higher
Education, Old TAPMI Building, Madhava Nagar, Manipal, Karnataka 576104, India.
184 Journal of Asian Security and International Affairs 9(2)
Kudankulam nuclear power plant’s administrative systems became the target of
a cyber-attack by the North Korean-based Lazarus Group. These are two among
the many events that brought attention to the growing number of cyber-attacks
on India’s critical infrastructures and questioned the country’s cyber resiliency.
Therefore, it is pertinent to assess how secure India’s nuclear infrastructures are
from cyber threats.
The focus is on cyber threats as enemy actors frequently engage them in warfare
for bigger dividends with less investment, unlike conventional means, like bombing.
The uncertainty and ambiguity associated with cyber-attacks make them practicable
even for non-state actors. Cyberspace, a swiftly evolving global commons, has pen-
etrated every quarter of modern society. With the expansion of the fourth Industrial
Revolution,1 cyberspace has become more relevant. Critical infrastructures depend
on cyber technology that facilitates smooth processing and data transfer for efficient
performance. The degree of inter-dependency between infrastructures has made
cyberspace indispensable. Importantly, cyber technology’s dual-use nature has made
it a viable medium for both state and non-state actors for benign and malignant pur-
poses alike. States function with the support of their inter-connected critical infra-
structures, such as banking, power and transport. A malfunctioning network of
critical infrastructures can inflict a crippling effect on the state, and this degree of
dependence is taken hostage by hackers. Incidents of cyber-attacks, for example, on
power grids, banking and finance sectors, have highlighted the existing susceptibility
of these systems and the calibre of cyberweapons. Among high-stake infrastructures,
nuclear infrastructures are also being targeted by perpetrators of cyber-attacks.
India’s nuclear infrastructures include nuclear power plants and nuclear forces.
A nuclear power plant is an industrial installation, which houses nuclear reactors,
used for civilian, commercial, military and research purposes. The plant consists
of highly-sensitive components, such as steam generators, control rods, centri-
fuges, steam lines, turbines and transformers. The nuclear forces comprise
nuclear warheads, delivery systems and the Nuclear Command, Control and
Communications (NC3). These infrastructures are extremely critical for India’s
national security, making them susceptible to enemy attacks. Relying on cyber-
space for their operations has further made these infrastructures vulnerable.
Kudankulam-like cyber-attack incidents confirm the presence of technical loop-
holes in these infrastructures, which hackers exploit.
With India enlarging its civil nuclear programme and nuclear weapons being a
pivot in South Asian geopolitics, the criticality of nuclear infrastructures ought to
be safeguarded. The ramifications of a cyber-attack on these infrastructures can
range from access to sensitive data and power disruption to the release of radioac-
tive materials. The malefactor can be a state actor, non-state actor or a collabora-
tive group. Cyber conflict is a persistent mode adopted by these actors as part of
hybrid warfare, eventually dragging the conflict into the grey zone- the lacuna
between peace and war. It is crucial to examine the root causes of such warfare
and the nature of perpetrators (Poornima, 2021). Additionally, the degrees of costs
and consequences of cyber-attacks on nuclear infrastructures can help the pursuit
of framing mitigation strategies. Such strategies are important to acknowledge
and avoid or limit the cyber threats to these installations.

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT