April 15, 2026

– IADN

India is Already at War: Defence Begins at the Desktop

7 hours ago Sudhanshu Kumar

Article by Sudhanshu Kumar

When the Attack Has No Uniform

Picture a quiet Tuesday morning at a defence establishment in New Delhi. No sirens. No soldiers at the gate are doing anything unusual. And yet, somewhere inside the network, a file is moving where it should not be moving. A credential is being used from a location that makes no sense. A camera feed is being watched by someone who was never invited to watch it. According to intelligence inputs reported by IANS, Pakistan’s ISI has been planning a series of cyberattacks on crucial Indian infrastructure, with the intention of disabling systems related to defence and financial institutions. Specific hacker groups such as “Cyber Group HOAX1337” and “National Cyber Crew” have been identified as being deployed for this purpose. The plan is two-pronged: one track targets and disrupts India’s defence sector, and the other runs a coordinated disinformation campaign designed to cause panic and confusion, particularly around election periods. This is not science fiction. This is April 2026. And the war, for those paying attention, has already begun.

How Deep the Problem Actually Goes

In terms of scale, the numbers are startling. According to a report by Seqrite, India recorded more than 265 million cyberattacks in 2025, with Indian organisations facing more than 2,000 cyberattacks per week per organisation, significantly higher than the global average. According to India’s Ministry of Electronics and IT, cyberattacks on Indian government entities increased by 138 per cent between 2019 and 2023, rising from 85,797 incidents to 204,844. The economic investment behind the aggression is not trivial either. A 2019 assessment by Indian agencies found that the ISI had earmarked Rs 3,000 crore annually for activities related to hacking, espionage and honey trapping. That figure has almost certainly grown since. Historically, this pattern is consistent with what hybrid warfare looks like in the 21st century. During my PhD on AI in defence and security policy at the School of International Studies in JNU, it became very clear to me while doing research at this intersection that modern adversaries do not always seek to defeat a country on the battlefield. They seek to exhaust it, confuse it, and discredit it from within. The ISI’s current approach follows this logic precisely: physical spies setting up solar-powered CCTV cameras near railway stations, feeding live intelligence to handlers across the border, combined with digital attacks that can cripple systems without a single shot being fired.

The Vulnerability India Is Still Not Taking Seriously Enough

Here is the uncomfortable systems-level insight. India’s digital expansion and its security architecture are not growing at the same pace. One of the most defining aspects of India’s cyber threat landscape in 2026 is the growing footprint of state-backed threat actors who are targeting supply chains and exploiting systemic weaknesses, adapting their methods faster than most organisations can respond. This creates a dangerous feedback loop. The faster India digitises its defence, financial, aviation and education sectors, the larger the attack surface becomes. And the larger the attack surface, the more effectively a well-funded adversary can find a way in. Hacktivist groups are no longer limited to basic disruptions; they are using tools and tactics once associated with advanced threat actors, blurring the lines between activism and outright cyber warfare. With a background in computer science engineering and training in international relations, I have seen very closely how technical architectures often encode political assumptions. The assumption encoded in much of India’s current cyber posture is that defence and civilian systems are separate. They are not. A disinformation campaign targeting financial institutions during election week is simultaneously a political attack, an economic attack and a social attack. These systems are deeply interconnected. Treating them in silos is precisely the vulnerability that a well-coordinated adversary will exploit.

What India Has Done and What It Must Do Next

India is not standing still. End-user spending on information security in India is projected to total $3.4 billion in 2026, an increase of 11.7 per cent from 2025, according to Gartner. CERT-In has been issuing advisories. The government has been actively fact-checking disinformation campaigns. These are real and meaningful steps. However, spending more on the same architecture is not the same as rethinking the architecture. In my engagements on international and national media platforms, a recurring concern has been how India continues to approach cybersecurity as a compliance and infrastructure problem rather than as a strategic and doctrinal one. The leverage point here is doctrine, not just spending. From a first principles perspective, the question is not “how do we stop the next attack?” The question is “what does deterrence look like in cyberspace, and does India have a credible version of it?” A country that only defends in this domain is a country that invites continued aggression. India needs a clearly articulated, publicly known offensive cyber doctrine, not to start conflicts, but to change the cost-benefit calculation for those who are already conducting them.

India’s Moment to Lead, Not Just Defend

There is a larger opportunity sitting inside this challenge. Cloudflare’s Chief Security Officer has stated that 2026 will be the year of real AI attacks, with threat actors increasingly using AI for reconnaissance, vibe coding-based campaigns, and scaling malicious operations faster than traditional defences can respond. India is one of the few countries in the world with both the engineering depth and the geopolitical credibility to help shape global norms around AI-enabled cyber warfare. While reviewing several academic works on emerging technologies published at Springer and Routledge and reading the papers of many experts in cybersecurity and cyberwarfare, it has reinforced my view that the countries which define the rules of a new domain are the ones that invest early in the thinking, not just the tools. On account of its standing as a major digital economy, a leading technology talent pool and a country that has faced state-sponsored cyber aggression firsthand, India is uniquely positioned to take this conversation to international forums, multilateral platforms and bilateral agreements. Not as a victim seeking sympathy, but as a country that understands this threat from the inside and has something serious to offer the world in response to it. The invisible war is already underway. India has the capability and the credibility to not just defend itself within it, but to help write its rules. That is the opportunity. The question is whether we choose to see it that way.

Views are those of the Author(s)

Author

  • Sudhanshu Kumar

    The author is a Subject Matter Expert at Centre for Joint Warfare Studies (CENJOWS), HQ (IDS), Ministry of Defence, New Delhi. He specialises in AI geopolitics and cyberwarfare. He is also a Visiting Research Fellow at MGIMO, Moscow.

    View all posts

More Stories

The Collapse of Judicial Integrity: A Comprehensive Assessment of Misconduct at Bangladesh’s International Crimes Tribunal (ICT)

1 day ago Abu Obaidha Arin

REPORT: Foreign Engineering of Regime Change in Bangladesh (2018-2026)

2 days ago Abu Obaidha Arin

Bangladesh’s Controversial Port and Terminal Lease Agreements Draw Widespread Criticism

3 days ago S. Goswami

Leave a Reply

Your email address will not be published. Required fields are marked *