Grey-Zone Warfare: India’s Cyber Achilles Heel in a Digital Battlespace
Grey-zone warfare, marked by calculated ambiguity and deniability, has transformed the nature of geopolitical conflict. Yet India’s cyber preparedness is alarmingly inadequate to counter its most pervasive instrument—cyber operations. The Mumbai blackout of 2020 and recent vulnerabilities highlight how cyber attacks, particularly as precursors to conventional conflict, pose existential challenges to national security. India must urgently bridge institutional gaps, rethink its deterrence strategy, and invest in resilient infrastructure.
The Institutional Landscape: Where India Stands
The prevailing framework for India’s cybersecurity—led by the National Critical Information Infrastructure Protection Centre (NCIIPC) and CERT-In—remains siloed and reactive. Despite the launch of initiatives like the Cyber Surakshit Bharat program and the relatively staid National Cyber Security Policy 2013, institutional coordination is lacking. For example, the Information Technology Act, 2000, revised in 2008, inadequately addresses hybrid threats from grey-zone warfare. Meanwhile, the long-awaited National Cybersecurity Strategy, still in draft stage, underscores policy inertia in this critical domain.
Compounding the problem is India's reliance on foreign technology for critical infrastructure. A report by the Ministry of Electronics and Information Technology in 2021 indicated nearly 70% of cybersecurity hardware used in India is imported, including components sourced from adversarial nations like China. Vulnerabilities—whether from compromised supply chains or passive implants in industrial systems—leave India exposed to strategic manipulation by actors engaging in grey-zone tactics.
Cyber Threats in Grey-Zone Warfare: Case Studies and Indian Implications
Grey-zone warfare leverages cyber operations as the opening salvo of geopolitical confrontation. Historical precedents abound: Russia’s 2015 Ukrainian power grid hack created cascading failures across energy systems, while China’s cyber intrusions in the South China Sea destabilized regional governance. Closer to home, evidence from the Mumbai blackout of 2020 attributed to Chinese state-sponsored cyber actors illustrates the interplay between cyber escalation and territorial disputes, such as those along the Line of Actual Control (LAC).
The coordinated cyber-kinetic strikes during Venezuela’s 2026 political crisis present an even concerning precedent. Disruption of air defense systems and communication networks allowed kinetic operatives to capture the Venezuelan President with minimal resistance—a model India may need to study vis-à-vis Pakistan’s increasingly aggressive cyber campaigns. Estimates suggest that in 2025, government portals in India suffered over 250 coordinated cyberattacks, ranging from DDoS operations to anti-India propaganda on hacked websites.
India’s Cyber Preparedness: Fragmented, Underwhelming, and Ill-Coordinated
The structural gaps in India’s cybersecurity posture are glaring. First, there is no coherent integration between civilian and military infrastructure ownership, leaving critical power grids or telecom networks at risk during an attack. For instance, the NCIIPC and state utilities operate with limited synchronized protocols, leaving government decision-making hampered during crises like the 2020 blackout. The absence of comprehensive civil-military cyber exercises further exacerbates vulnerabilities to combined cyber-kinetic threats.
Second, the ambiguous retaliatory posture creates strategic confusion. India lacks publicly declared cyber red lines, unlike forward-leaning nations such as Israel, which has launched proportional offensive cyber strikes on Iranian facilities to signal deterrence. India’s draft Digital India Act, while promising revisions to the severely dated Information Technology Act, 2000, has yet to institutionalize proportional cyber-retaliation mechanisms. This perpetuates a narrative of cyber defenselessness vis-à-vis state adversaries.
Finally, supply-chain vulnerabilities must be addressed urgently. Reports from 2023 indicate that 32% of compromised systems in Indian critical infrastructures were traced to hardware flaws or cloud services sourced internationally. Without a strategy to domestically produce critical components or rigorously vet imports, India risks recurring exposure to grey-zone disruptions.
Engaging with Counter-Narratives: Can Attribution Challenges Be Overcome?
Some analysts argue that India’s restrained cybersecurity posture is rational given the attribution complexities inherent to grey-zone warfare. Unlike conventional attacks, cyber disruptions often mask their origins through false flags or technical ambiguity. For instance, Chinese state media dismissed accusations of their role in the Mumbai blackout as baseless, exploiting gaps in India’s forensic capacities.
While attribution remains difficult, technological advancements in AI-driven threat analysis—such as those pioneered by Israel’s Unit 8200—offer a promising counterbalance. India must adopt disruptive tools that enhance forensic capabilities rather than capitulate to plausible deniability in grey-zone tactics.
International Comparison: Lessons from Israel’s Cyber Doctrine
India would benefit from emulating Israel’s cyber defense doctrine, which integrates offensive capabilities, real-time monitoring, and robust deterrence signaling. Israel's National Cyber Directorate proactively engages both civilian and military entities in unified threat exercises. Moreover, it has leveraged public-private partnerships to secure critical infrastructure, including its energy sector. However, mere replication is insufficient—India must adapt these practices to its complex federal structure and resource constraints.
Assessment: Bridging India’s Cyber Paradoxes
India’s response to grey-zone warfare must transcend the reactive posture that defines its current framework. First, cyber defense must be integrated as a core component of strategic military doctrine and planning. The establishment of a unified National Cyber Command, akin to U.S. Cyber Command, would consolidate efforts across civilian, military, and private sectors. Second, India must signal its capabilities. Deterrence works best when adversaries perceive costs to their actions—publicly declaring cyber red lines would improve strategic clarity against hostile actors.
Finally, resolving structural reform demands greater budgetary allocations for cybersecurity. India spends less than 0.5% of GDP on cyber defense, far lower than the U.S. (3% of GDP). Enhanced investments, coupled with quality human capital pipelines, could reverse India’s vulnerabilities to grey-zone threats. For a nation increasingly positioned as a global digital economy leader, absence of robust cybersecurity could derail both governance and economic aspirations.
Practice Questions for UPSC
Prelims Practice Questions
- They enable disruption of critical infrastructure without necessarily triggering conventional war thresholds due to plausible deniability.
- They require full integration of civilian and military infrastructure ownership to be operationally useful to an attacker.
- They can serve as precursors to kinetic actions by degrading communications and decision-making systems.
Which of the above statements is/are correct?
- A reactive, siloed institutional setup can delay coordinated response during large-scale disruptions affecting critical infrastructure.
- Policy inertia is indicated by the National Cybersecurity Strategy remaining in a draft stage and the dated nature of the IT Act framework for hybrid threats.
- Supply-chain risk is negligible if cybersecurity hardware is imported, because critical infrastructure attacks are primarily software-driven.
Which of the above statements is/are correct?
Frequently Asked Questions
Why is grey-zone warfare particularly challenging for India’s national security in the cyber domain?
Grey-zone warfare relies on ambiguity and deniability, making it hard to clearly identify the attacker and justify retaliation. This allows cyber operations to be used as precursors to conventional conflict by disrupting critical systems and decision-making without crossing a clear “war” threshold.
What institutional gaps in India’s cybersecurity architecture are highlighted, and why do they matter during crises?
The cybersecurity framework led by NCIIPC and CERT-In is described as siloed and reactive, with weak coordination across stakeholders. During crises (e.g., large-scale disruptions), limited synchronized protocols between agencies and utilities can slow response, impair situational awareness, and weaken continuity of governance.
How do supply-chain dependencies increase India’s exposure to grey-zone cyber tactics?
India’s critical infrastructure is heavily dependent on imported cybersecurity hardware, including components sourced from adversarial countries. This elevates risks such as compromised supply chains, passive implants, and hardware/cloud vulnerabilities that can be exploited for strategic disruption during heightened tensions.
Why is the absence of publicly declared cyber ‘red lines’ portrayed as a deterrence problem for India?
Without clear red lines, adversaries may misread India’s thresholds and perceive a low cost for cyber aggression, creating strategic confusion. The article contrasts this with forward-leaning signalling through proportional offensive cyber actions, which can communicate deterrence more clearly.
Can attribution challenges justify a restrained cyber posture, and what limitation does the article point out?
Attribution is inherently difficult because cyber attackers can use false flags and technical ambiguity, enabling plausible deniability. However, reliance on this restraint can be exploited—such as dismissals of culpability—especially when forensic capacity gaps make it harder to credibly attribute and respond.
Source: LearnPro Editorial | International Relations | Published: 15 January 2026 | Last updated: 3 March 2026
About LearnPro Editorial Standards
LearnPro editorial content is researched and reviewed by subject matter experts with backgrounds in civil services preparation. Our articles draw from official government sources, NCERT textbooks, standard reference materials, and reputed publications including The Hindu, Indian Express, and PIB.
Content is regularly updated to reflect the latest syllabus changes, exam patterns, and current developments. For corrections or feedback, contact us at admin@learnpro.in.