#FactCheck - Viral Claim of Highway in J&K Proven Misleading

Introduction

‍

Cyberwarfare has evolved into one of the most decisive instruments of statecraft and conflict. The increasing digitisation of critical infrastructure like power grids, water systems, transportation systems, healthcare networks, and energy sources has made these systems new targets in the war of algorithms. Military logic is evolving to paralyse the nation’s critical infrastructure to keep its resources engaged in repairing them and thereby break the nation’s ability to deter and counter attacks, all without firing a single bullet. 

‍

From Ransomware to an Invisible Sabotage: The changing nature of warfare

‍

The operational technology (OT) landscape has become the epicentre of cyber operations, all around the world. Once, which was insulated, related to industrial systems that controlled turbines, pipelines, or dams, they now stand connected to the Internet through supervisory control and data acquisition (SCADA) and the Internet of Things. These connections have also become gateways for attackers, besides enhancing the efficiency of the infrastructural lifelines of the nation.   

Groups like Volt Typhoon, Sandworm, Laurionite, and Cyberavengers have transformed the art of digital infiltration into a strategic shift. Volt Typhoon, which is linked to China, has used “living-off-the-land” techniques to exploit the legitimate administrative tools to remain invisible while scanning the critical infrastructures in the US. Sandworm, which is aligned with Russia’s GRU (Glavnoye Razvedyvatelnoye Upravlenie) or Main Intelligence Directorate (in English), has demonstrated the power of cyber sabotage in real time, as its attacks on Ukraine’s power grids in 2015 and 2021 had left millions in darkness, coinciding with kinetic missile strikes. Meanwhile, the Iranian-affiliated Cyberavengers group, which has weaponised the AI-assisted malware, such as IOCONTROL, that are capable of hijacking water and energy control systems. Each of these systems used in these operations reflects a shift from direct espionage activities to a state of strategic paralysis. 

In comparison to the traditional cybercrime activities that are aimed at stealing data and extortion of money, these campaigns repeatedly target the physical systems, which consist of the machinery that sustains civilian life and military preparedness.  

‍

The Military Logic behind Cyber Targeting: A Web of Vulnerabilities 

‍

A critical infrastructure is a complex ecosystem that covers power generation, transportation, communication, and manufacturing are all interconnected, which means a single compromised node can cascade into a national paralysis. For instance, a breach in the systems of the dam can flood an entire city, a grid shutdown can halt water supply to hospitals, and even affect air traffic. The 2015 Black Energy Malware attack in Ukraine has proved this possibility when three utilities were hacked, plunging thousands of homes into darkness. The Iranian hackers once again gained access to the Bowman Avenue Dam of New York and controlled its floodgates, which gave a chilling demonstration of the destructive reality of digital manipulation. 

‍

The systems remain vulnerable mainly for 3 reasons such as- 

‍

• Legacy Architectures: Many of these industrial systems were designed decades ago with no built-in cybersecurity mechanisms. 
• Slow Patching and Segmentation Gaps: All updates and segmentation between IT and TO networks often lag, providing open entry points for attackers. 
• Converging with IoT: The integration of smart sensors and cloud-based management tools has expanded the attack surface exponentially. 

‍

This interconnected fragility has turned our critical infrastructures into both a weapon and a target or a tool for coercion in modern hybrid warfare. Between 2023 and 2024, over 420 cyberattacks were witnessed in several critical global infrastructures, which averaged to 13 attacks per second, according to a news report. These were not just random acts of digital vandalism; they were deliberate and coordinated operational attempts by state-led actors from China, Russia, and Iran. 

‍

Developing a new Resilience as the new tool of Deterrence 

‍

Cyber deterrence no longer rests on the fear of retaliation, it relies on the need for resilience. Nations that can absorb attacks, maintain continuity, and recover rapidly would be the true superpowers of this digital age. Segmentation, real-time threat detection, and AI-assisted recovery models are vital pillars of this model of resilience. The logic of modern cyberwarfare is clear, which means that the more a nation digitizes, the more it will need to defend itself. 

However, as the line between war and peace blurs, safeguarding critical infrastructure is no longer just an IT priority; rather, it is a national security doctrine. In this silent theatre of cyberwarfare, survival will depend not only on firepower, but on firewalls. 

‍

References

‍

• https://rmcglobal.com/critical-infrastructure-under-siege-the-top-ot-threats-of-2025/
• https://ccdcoe.org/uploads/2018/10/Geers2009_The-Cyber-Threat-to-National-Critical-Infrastructures.pdf
• https://www.researchgate.net/publication/335752979_Cybersecurity_of_Critical_Infrastructure 
• https://arxiv.org/html/2510.04118v1 ‍
• https://www.anapaya.net/blog/top-5-critical-infrastructure-cyberattacks

Introduction

Cybercrime is one of the most pressing concerns in today’s era. As the digital world is evolving rapidly, so do the threats and challenges to curb these cybercrimes. The complexities associated with the evolving cybercrimes make it difficult to detect and investigate by the law enforcement across the world. India is one of those countries that is actively engaged in creating awareness about the cybercrimes and security concerns across the State. At the national level, initiatives like National Cybercrime Reporting Portal, CERT-In and I4C have been established to assist the law enforcement in dealing with cybercrimes in India. According to the press release by the Ministry of Home Affairs, 12,5153 cases of Financial Cyber Frauds were reported in the year 2023, which is the second highest in State-wise Reporting after UP. Maharashtra has been highlighted as one of the States with the highest cybercrime cases for the past few years. 

In response to curbing the increasing number of cases, the state of Maharashtra has launched the initiative ‘the Maharashtra Cyber Security Project’. The purpose of this project is to strengthen the system’s defense mechanism by establishing cybersecurity infrastructure, exploiting technological advancements and enhancing the skills of law enforcement agencies. 

Maharashtra Cyber Department and the Cyber Security Project

The Maharashtra Cyber Department, also referred as MahaCyber was established in the year 2016 and employs a multi-faceted approach to address cyberthreats. The objective is to provide a user-friendly space to report Cybercrimes, safeguarding Critical Information Infrastructure from cyber threats, empowering the investigation law agencies ultimately improving its efficiency and creating awareness among common people.  

The Maharashtra Cyber Security Project aims to strengthen the department, bringing all the aspects of the cyber security system under one facility. The key components of the Maharashtra Cyber Security Project are as follows: 

• Command & Control Centre:

The Command & Control Centre will function as a 24/ complaint registration hub and grievance handling mechanism which can be accessed by calling the helpline number, mobile app or on the online portal. The Centre continuously monitors cyber threats, reduce the impact of cyber attacks and ensures that issues are resolved as soon as possible. 

• Technology Assisted Investigation (TAI):

Complaints that are registered are analysed and investigated by experts using cutting edge technologies such as Computer Forensic or Mobile Forensic, Voice Analysis System, Image Enhancement Tool, Deepfake Detection Solution to name a few which helps the Maharashtra Cyber Department to collect evidence, identify weak spots and mitigate the cyber threats effectively.   

• Computer Emergency Response Team – Maharashtra (CERT-MH):

The CRET-MH works on curbing cybercrimes which are especially targeted to affect the Critical Infrastructure like banks, railway services, electricity of the State and threats related to national security using technologies such as Deep web and Dark web analysis, Darknet & Threat Intelligence Feeds, Vulnerability Management, Cyber Threat Intelligence Platform, Malware Analysis and Network Capture Analysis and coordinates with other agencies. 

• Security Operations Centre (SOC):

The SOC looks after the security of the MahaCyber from any cyber threats. It 24/7 monitors the infrastructure for any signs of breach or threats and thus aids in early detection and prevention of any further harm. 

• Centre of Excellence (COE):

The Centre of Excellence focuses on training the police officials to equip them with desired tools and technologies to deal with cyber threats. The Centre also works on creating awareness about various cyber threats among the citizens of the state. 

• Nodal Cyber Police Station:

The Nodal Cyber Police Station works as a focal point for all cybercrime related law enforcement activities. It is responsible for coordinating the investigation procedure and prevention of cybercrimes within the state. Such Cyber Police Stations have been established in each district of Maharashtra. 

Funds of Funds to scale up Startups

The government of Maharashtra through the Fund of Funds for Startups scheme has invested in more than 300 startups that align with the objective of cyber security and digital safety. The government is promoting ideas and cyber defence innovation which will help to push the boundaries of traditional cybersecurity tools and improve the State’s ability to tackle cybercrimes.  Such partnerships can be a cost-effective solution that proactively promotes a culture of cybersecurity across industries. 

Dynamic Cyber Platform

The government of Maharashtra has been working on creating a dynamic cyber platform that would assist them in tackling cybercrimes and save hundreds of crores of rupees in a short span of time. The platform will act as a link between various stakeholders such as banks, Non-Banking Financial Companies (NBFCs) and social media providers to provide a technology-driven solution to the evolving cybercrimes. As a part of this process, the government has invited tenders and has called top IT companies from the world to participate and aid them in setting up this dynamic cyber platform. 

Why Does The Initiative By Maharashtra’s Government Act As A Model For Other States

The components of the Maharashtra Cyber Security Project and the dynamic cyber platform create a comprehensive system which aims at tackling the increasing complexities of cyber threats. The initiative with integration on cutting edge technologies, specialised institutions, expert professionals from various industries and real-time monitoring of cybercrimes sets an example that Maharashtra is well-equipped to prevent, detect and respond to cybercrimes being reported in the State. The project collaborates between government and law enforcement agencies, providing them proper training and addressing grievances of the public. By working on four key areas, i.e. centralised platform for reporting, collaboration between government and private sectors, public awareness and use of advanced technologies, the Cyber Security System in Maharashtra serves as a model for creating secure digital space and tackling cybercrime effectively on a large scale.  

Other States in India could certainly adopt similar models and achieve success in curbing cybercrimes. They need to create a dedicated response team consisting of trained personnel, invest in advanced software as used by Maharashtra, foster partnerships with companies or startups involved in AI and technology to build resilient cybersecurity infrastructures. The government of Maharashtra can extend hands to assist other states to establish a model that addresses the evolving cybercrimes efficiently.  

References

• https://pib.gov.in/PressReleaseIframePage.aspx?PRID=2003158 
• https://mhcyber.gov.in/about-us 
• https://www.youtube.com/watch?v=jjPw-8afTTw 
• https://www.ltts.com/press-release/maharashtra-inaugurates-india-first-integrated-cyber-command-control-center-ltts 
• https://theprint.in/india/maharashtra-tackling-evolving-cyber-crimes-through-dynamic-platform-cm/2486772/ ‍
• https://www.freepressjournal.in/mumbai/maharashtra-dynamic-cyber-security-platform-in-the-offing-says-fadnavis

Executive Summary:

On 20th May, 2024, Iranian President Ebrahim Raisi and several others died in a helicopter crash that occurred northwest of Iran. The images circulated on social media claiming to show the crash site, are found to be false. CyberPeace Research Team’s investigation revealed that these images show the wreckage of a training plane crash in Iran's Mazandaran province in 2019 or 2020. Reverse image searches and confirmations from Tehran-based Rokna Press and Ten News verified that the viral images originated from an incident involving a police force's two-seater training plane, not the recent helicopter crash.

Claims:

The images circulating on social media claim to show the site of Iranian President Ebrahim Raisi's helicopter crash.

‍

Fact Check:

After receiving the posts, we reverse-searched each of the images and found a link to the 2020 Air Crash incident, except for the blue plane that can be seen in the viral image. We found a website where they uploaded the viral plane crash images on April 22, 2020.

According to the website, a police training plane crashed in the forests of Mazandaran, Swan Motel. We also found the images on another Iran News media outlet named, ‘Ten News’.

‍

The Photos uploaded on to this website were posted in May 2019. The news reads, “A training plane that was flying from Bisheh Kolah to Tehran. The wreckage of the plane was found near Salman Shahr in the area of ​​Qila Kala Abbas Abad.”

Hence, we concluded that the recent viral photos are not of Iranian President Ebrahim Raisi's Chopper Crash, It’s false and Misleading.

Conclusion:

The images being shared on social media as evidence of the helicopter crash involving Iranian President Ebrahim Raisi are incorrectly shown. They actually show the aftermath of a training plane crash that occurred in Mazandaran province in 2019 or 2020 which is uncertain. This has been confirmed through reverse image searches that traced the images back to their original publication by Rokna Press and Ten News. Consequently, the claim that these images are from the site of President Ebrahim Raisi's helicopter crash is false and Misleading.

• Claim:  Viral images of Iranian President Raisi's fatal chopper crash.
• Claimed on: X (Formerly known as Twitter), YouTube, Instagram
• Fact Check: Fake & Misleading

‍

‍