A rising tension between India and Pakistan has resulted in an intensified digital war, whose hacktivist groups have launched coordinated cyber offensives targeting government systems and critical infrastructure as a result of increasing tensions between the two countries. The attacks, which are fueled by geopolitical conflict, have expanded beyond the immediate region.
A report suggests that hacktivist collectives from Asia, the Middle East, and North Africa (MENA) have united to disrupt the Indian cyber ecosystem, according to the report. There was a tragic incident on April 22, when armed terrorists shot a group of tourists in Pahalgam, the serene hill town in Kashmir administered by the Indian government, which was the trigger for this wave of activity.
According to researchers from NSFOCUS, there had been an immediate and significant surge in cyber activity, which shook the nation. In the aftermath of the attack, cyber activity on both sides of the border intensified. It appears that the initial wave of cyberattacks has stabilised, however, cybersecurity threats persist. India witnessed an increase of 500% in targeted cyber intrusions, and Pakistan faced a rise of 700%.
It was reported recently that several Pakistani hacker groups have attempted to breach Indian websites as part of an ongoing digital aggression campaign.
The Indian cybersecurity agencies have responded robustly to these attempts, which have successfully detected and neutralised most of these threats, despite their efforts to undermine this. According to the reports, hacker collectives such as 'Cyber Group HOAX1337' and 'National Cyber Crew' have targeted websites belonging to the Army Public Schools in Jammu in the past.
In their attempt to deface the websites, the attackers mocked the victims of the Pahalgam terror attack, which was widely condemned as both distasteful and inflammatory. As a result of the rise in cyber hostilities, we have seen the importance of digital warfare in modern geopolitical conflicts grow. This highlights the need for enhanced cyber vigilance and cross-border security collaboration that must be enhanced.
The cyber threat landscape has intensified further since India launched Operation Sindoor in retaliation for a military operation targeting suspected terror camps across the border. It has been estimated that the launch of Operation Sindoor on May 7 has resulted in a sharp increase in malicious cyber activity as a result of these attacks, as reported by cybersecurity researchers at Radware and Cyble.
As a result of the coordinated attacks conducted by hacktivist groups from across the eastern hemisphere, a substantial surge in cyber attacks was recorded on that day alone, with dozens of hacktivist groups actively participating. The Indian government, already dealing with the aftermath of the Pahalgam terror attack, which took place on April 22, has become the primary target of these attacks. Several threats have been launched against Indian institutions by groups aligned with pro-Pakistan and Bangladeshi interests, as well as with groups aligned with pro-Bangladeshi interests.
Technisanct, a cybersecurity firm based in Kochi, released a report recently in which they noted that there has been a steady increase in offensive operations against government infrastructure, educational platforms, and public services.
In various online forums and dark web communities, this wave of cyber aggression has been informally referred to as #OpIndia.
In many ways, the campaign resembles past hacktivist movements which targeted nations like Israel and the United States, usually motivated by ideological motives, but not necessarily sophisticated enough to threaten the nation's security.
The current attacks, experts caution, however, demonstrate a coordinated approach to threats, where threat actors are using both denial-of-service DosS) and defacement attacks to spread propaganda and disrupt networks.
A sustained cyber battle has been waged between India and Pakistan, marked by both nationalist fervour and geopolitical tension as part of the India-Pakistan conflict, which has clearly evolved into a digital dimension of the conflict. Indian cybersecurity agencies must remain vigilant as they attempt to counter these persistent threats through proactive monitoring and rapid incident response, along with strengthened defensive protocols.
It was decided by Prime Minister Narendra Modi to convene a cabinet committee on security (CCS) on April 30, 2025, to assess the evolving security situation in Jammu and Kashmir amid rising tensions in the region.
During the high-level meeting, which took place at the Prime Minister's official residence on Lok Kalyan Marg, members of the national security apparatus, including Rajnath Singh, Amit Shah, and S. Jaishankar, were present, as well as key national security officials.
In the discussion, Jaishankar discussed the recent wave of violence in the Kashmir Valley, concerns about cross-border security, and the threat of cyberattacks from hostile actors, as well as the threat of cyberterrorism.
The Pakistani government has issued a provocative statement warning of a possible Indian military attack within a 24 to 36-hour window, which is similar to the one issued by Pakistan in a provocative statement.
According to what Islamabad called credible intelligence, New Delhi is preparing to launch retaliatory strikes. The allegations of Pakistan's involvement in the Pahalgam terror attack of April 22 are supposedly based on unsubstantiated accusations.
There has been public criticism of India's fabrication of an offensive narrative by Pakistan's Federal Minister for Information, Attaullah Tarar, cautioning that any such move would result in serious consequences if followed.
It has been revealed that diplomatic and military signals have increased the level of tension in the existing volatile situation, with both sides locked in a tense standoff that spans both physical and virtual borders.
There has been news that threat actors have attempted to deface the official website of Armoured Vehicle Nigam Ltd, which is another indication of the intensification of cyberhostility. It is a public sector company operated by the Ministry of Defence.
It was reported that the attackers defaced the website by showing images associated with Pakistan, including the national flag and images of the 'Al Khalid' battle tank, an act that was seen as both provocative and symbolic by officials.
This development has spurred the Indian cybersecurity agencies and expert teams to increase their real-time monitoring of the digital landscape, as a result of which they are concentrating their efforts on identifying threats that have been linked to Pakistani state-sponsored or affiliated groups.
The authorities have confirmed that this increased surveillance is part of a greater effort to avert further attacks as well as neutralise any new threats that may arise.
To counter the increasing wave of cyberattacks, a series of robust countermeasures is being put in place to strengthen the nation's digital security posture in response. For example, fortifying critical infrastructure, strengthening incident response protocols, and increasing online platform resilience across key industries are all examples of strengthening the nation's digital security posture.
There was no doubt that the authorities were concerned that these proactive actions were aimed at ensuring India's defence and civilian systems were protected as well as that India's digital frontline was prepared to repel and withstand future cyberattacks as well. It has become increasingly apparent that cyberwarfare has become a central theatre of geopolitical rivalry in the modern world as the contours of contemporary conflict continue to evolve.
Digital infrastructure, in the same way that physical borders play a crucial role in national security, has recently been heightened by several recent developments, and this serves as a reminder to all of us. Because of this, India needs to enhance its investments in advanced cybersecurity capabilities, establish strong public-private partnerships, and establish a comprehensive national cyber defence strategy that is both responsive and flexible.
To isolate and neutralise transnational cyber threat actors, it is not only necessary to implement technical fortification but also to conduct strategic diplomacy, share intelligence, and engage in international cooperation. It will be crucial to cultivate a culture of resilience, both at the institutional and individual levels, by cultivating cyber awareness.
With the increasingly contested digital frontier, India must remain proactive, unified, and forward-thinking at all times if it is to ensure that it is secured, sovereign, and fully “digitally self-reliant” as the threat of hybrid threats rises.
