#FactCheck -AI-Generated Protest Video Falsely Linked to ‘Yadav Ji Ki Love Story’ Controversy

Introduction

The most recent cable outages in the Red Sea, which caused traffic to slow down throughout the Middle East, South Asia, and even India, Pakistan and several parts of the UAE, like Etilasat and Du networks, also experienced comparable internet outages, serve as a reminder that the physical backbone of the internet is both routine and extremely important. Cloud platforms reroute traffic, e-commerce stalls, financial transactions stutter, and governments face the fragility of something they long believed to be seamless when systems like SMW4 and IMEWE malfunction close to Jeddah. Concerns over the susceptibility of undersea information highways have been raised by the incident. Given the ongoing conflict in the Red Sea region, where Yemen’s Houthi rebels have been waging a campaign against commercial shipping in retaliation for the Israel-Hamas war in Gaza.  The effects are seen immediately. The argument over whether global connection is genuinely robust or just operating on borrowed time was reignited by these recent failures, which compelled key providers to reroute flows. 

A geopolitical signal is what looks like a “technical glitch.” Accidents in contested waters are rarely simply accidents, and the inability to quickly assign blame highlights how brittle this ostensibly flawless digital world is. 

The Paradox of Essential yet Exposed Infrastructure

This is not an isolated accident. Undersea cables, which carry more than 97% of all internet traffic worldwide, connect continents at the speed of light, and support the cloud infrastructures that contemporary societies rely on, are the brains of the digital economy., as cautioned by NATO’s Cooperative  Cyber Defence Centre of Excellence. In a sense, they are our unseen electrical grid; without them, connectivity breaks down. However, they continue to be incredibly fragile in spite of their significance. Anchors and fishing gear frequently damage cables, which are no thicker than a garden hose, and they break more than a hundred times annually on average. Most faults can be swiftly fixed or relocated, but when several cuts happen in strategic areas, like the 2022 Tonga eruption or the current Red Sea crisis, nations and economies are exposed to being isolated for days. 

The geopolitical risks are far more urgent. Subsea cables traverse disputed waters, land in hostile regimes, and cross oceans without regard for political boundaries. This makes them appealing for espionage, where state actors can tap or alter flows covertly, as well as sabotage, when service is interrupted to prevent access. Deliberate cable strikes have been likened by NATO specialists to the destruction of bridges or highways: if you choke the arteries, you choke the economy. Ironically, the most susceptible locations are not far below the surface but rather where cables emerge. These landing sites, which handle billions of dollars’ worth of trade, can have less security than a conventional bank office.

The New Theatre of Geopolitics 

Legal frameworks exist, but they are patchwork. Intentional damage is illegal under the UN Convention on the Law of the Sea and previous agreements, but attribution is still infamously challenging. Covert sabotage and intelligence operations are examples of legal grey areas in hybrid warfare scenarios. Even during times of peace, national governments that rely on their continuous operation but find it difficult to extend sovereignty into international waters, private telecom consortia, and content giants like Google and Amazon that now finance their own cables share the burden of protection.

Cables convey influence in addition to data. Strategic leverage belongs to whoever can secure them, tap them or cut them during a fight. Even though landing stations are the entry points for billions of dollars’ worth of international trade, they frequently offer less security than a commercial bank branch. 

India at the Crossroads of Digital Geopolitics 

India’s reliance on underwater cables presents both advantages and disadvantages. India presents a classic single-point-of-failure danger, with more than 95% of its international data traffic being routed through a 6-km coastal stretch close to Versova, Mumbai. Red Sea disruptions have previously demonstrated how swiftly chokepoints located far from India’s coast may impede its digital arteries, placing a burden on government functions, defence communications, and financial flows. However, this same vulnerability also makes India a crucial player in the global discussion around digital sovereignty. It is not only an infrastructure exercise; it is also a strategic and constitutional necessity to be able to diversify landing places, expedite clearances, and develop indigenous repair capability.

India’s geographic location also presents opportunities. India’s location along East-West cable lines makes it an ideal location for robust connectivity as the Indo-Pacific region becomes the defining region of geopolitics in the twenty-first century. India may change from being a passive recipient of connectivity to a shaper of its governance by investing in distributed cable architecture and strengthening partnerships through initiatives like Quad and IPEF. Its aspirations for global influence must be balanced with its home regulatory lethargy. By doing this, India can secure not only bandwidth but also sovereignty itself by converting subsea cables from hidden liabilities into tools of economic might and geopolitical leverage. 

CyberPeace Insights 

If cables are considered essential infrastructure, then their safety demands the same level of attention that we give to ports, airports, and electrical grids. Stronger landing station defences, redundancy in route, and sincere public-private collaborations are now a necessity rather than an option.

The Red Sea incident is a call to action rather than a singular disruption. The robustness of underwater cables will determine whether the internet is a sustainable resource or a brittle luxury susceptible to the next outage as reliance on the cloud grows and 5G spreads. 

References

• https://forumias.com/blog/answered-assess-the-strategic-significance-of-undersea-cable-networks-for-indias-digital-economy-and-national-security-discuss-the-vulnerabilities-of-this-infrastructure-and-suggest-measures-to-e/ 
• https://www.reuters.com/world/middle-east/red-sea-cable-cuts-disrupt-internet-across-asia-middle-east-2025-09-07/ 
• https://pulse.internetsociety.org/blog/what-can-we-learn-from-africas-multiple-submarine-cable-outages 

‍

Introduction

In the evolving landscape of cybercrime, attackers are not only becoming more sophisticated in their approach but also more adept in their infrastructure. The Indian Cybercrime Coordination Centre (I4C) has issued a warning about the use of ‘disposable domains’ by cybercriminals. These are short-lived websites designed tomimic legitimate platforms, deceive users, and then disappear quickly to avoid detection and legal repercussions.

Although they may appear harmless at first glance, disposable domains form the backbone of countless online scams, phishing campaigns, malware distributionschemes, and disinformation networks. Cybercriminals use them to host fake websites, distribute malicious files, send deceptive emails, and mislead unsuspecting users, all while evading detection and takedown efforts.

As India’s digital economy grows and more citizens, businesses, and public services move online, it is crucial to understand this hidden layer of cybercrime infrastructure.Greater awareness among individuals, enterprises, and policymakers is essential to strengthen defences against fraud, protect users from harm, and build trust in thedigital ecosystem

What Are Disposable Domains?

A disposable domain is a website domain that is registered to be used temporarily, usually for hours or days, typically to evade detection or accountability.

These domains are inexpensive, easy to obtain, and can be set up with minimal information. They are often bought in bulk through domain registrars that do not strictly verify ownership information, sometimes using stolen credit cards or cryptocurrencies to remain anonymous. They differ from legitimate temporary domains used for testing or development in one significant aspect, which is ‘purpose’. Cybercriminals use disposable domains to carry out malicious activities such as phishing, sextortion, malware distribution, fake e-commerce sites, spam email campaigns, and disinformation operations.

How Cybercriminals Utilise Disposable Domains

1. Phishing & Credential Stealing: Attackers tend to register lookalike domains that are similar to legitimate websites (e.g., go0gle-login[.]com or sbi-verification[.]online) and trick victims into entering their login credentials. These domains will be active only long enough to deceive, and then they will disappear.

2. Malware Distribution: Disposable domains are widely used for ransomware and spyware operations for hosting malicious files. Because the domains are temporary, threat intelligence systems tend to notice them too late.

3. Fake E-Commerce & Investment Scams: Cyber crooks clone legitimate e-commerce or investment sites, place ad campaigns, and trick victims into "purchasing" goods or investing in scams. The domain vanishes when the scam runs out.

4. Spam and Botnets: Disposable domains assist in botnet command-and-control activities. They make it more difficult for defenders to block static IPs or trace the attacker's infrastructure.

5. Disinformation and Influence Campaigns: State-sponsored actors and coordinated troll networks use disposable domains to host fabricated news articles, fake government documents, and manipulated videos. When these sites are detected and taken down, they are quickly replaced with new domains, allowing the disinformation cycle to continue uninterrupted.

Why Are They Hard to Stop?

Registering a domain is inexpensive and quick, often requiring no more than an email address and payment. The difficulty is the easy domain registrations and the absence of worldwide enforcement. Domain registrars differ in enforcing Know-Your-Customer (KYC) standards stringently. ICANN (Internet Corporation for Assigned Names and Numbers) has certain regulations in place but enforcement is inconsistent. ICANN does require registrars to maintain accurate Who is information (the “Registrant Data Accuracy Policy”) and to act on abuse complaints. However, ICANN is not an enforcement agency. It oversees contracts with registrars but cannot directly police every registration. Cybercriminals exploit services such as:

• Privacy protection shields that conceal actual WHOIS information.
• Bulletproof hosting that evades takedown notices.
• Fast-flux DNS methods to rapidly alter IP addresses

Additionally, utilisation of IDNs ( Internationalised Domain Names) and homoglyph attacks enables the attackers to register visually similar domains to legitimate ones (e.g., using Cyrillic characters to represent Latin ones).

Real-World Example: India and the Rise of Fake Investment Sites

India has witnessed a wave of monetary scams that are connected with disposable domains. Over hundreds of false websites impersonating government loan schemes, banks or investment websites, and crypto-exchanges were found on disposable domains such as gov-loans-apply[.]xyz, indiabonds-secure[.]top, or rbi-invest[.]store. Most of them placed paid advertisements on sites such as Facebook or Google and harvested user information and payments, only to vanish in 48–72 hours. Victims had no avenue of proper recourse, and the authorities were left with a digital ghost trail.

How Disposable Domains Undermine Cybersecurity

• Bypass Blacklists: Dynamic domains constantly shifting evade static blacklists.
• Delay Attribution: Time is wasted pursuing non-existent owners or takedowns.
• Mass Targeting: One actor can register thousands of domains and attack at scale.
• Undermine Trust: Frequent users become targets when genuine sites are duplicated and it looks realistic.

Recommendations Addressing Legal and Policy Gaps in India

1. There is a need to establish a formal coordination mechanism between domain registrars and national CERTs such as CERT-In to enable effective communication and timely response to domain-based threats.

2. There is a need to strengthen the investigative and enforcement capabilities of law enforcement agencies through dedicated resources, training, and technical support to effectively tackle domain-based scams.

3. There is a need to leverage the provisions of the Digital Personal Data Protection Act, 2023 to take action against phishing websites and malicious domains that collect personal data without consent.

4. There is a need to draft and implement specific regulations or guidelines to address the misuse of digital infrastructure, particularly disposable and fraudulent domains, and close existing regulatory gaps.

What Can Be Done: CyberPeace View

1. Stronger KYC for Domain Registrations: Registrars selling domains to Indian users or based in India should conduct verified KYC processes, with legal repercussions for carelessness.

2. Real-Time Domain Blacklists: CERT-In, along with ISPs and hosting companies, should operate and enforce a real-time blacklist of scam domains known.

3. Public Reporting Tools: Observers or victims should be capable of reporting suspicious domains through an easy interface (tied to cybercrime.gov.in).

4. Collaboration with Tech Platforms: Social media services and online ad platforms should filter out ads associated with disposable or spurious domains and report abuse data to CERT-In.

5. User Awareness: Netizens should be educated to check URLs thoroughly, not click on unsolicited links and they must verify the authenticity of websites.

Conclusion

Disposable domains have silently become the foundation of contemporary cybercrime. They are inexpensive, highly anonymous, and short-lived, which makes them a darling weapon for cybercriminals ranging from solo spammers to nation-state operators. In an increasingly connected Indian society where the penetration rate of internet users is high, this poses an expanding threat to economic security, public confidence, and national resilience. Combating this problem will need a combination of technical defences, policy changes, public-private alliances, and end-user sensitisation. As India develops a Cyber Secure Bharat, monitoring and addressing disposable domain abuse must be the utmost concern.

References

• https://www.bitcot.com/disposable-domains
• https://atdata.com/blog/evolution-of-email-fraud-rise-of-hyper-disposable-domains/
• https://www.cyfirma.com/research/scamonomics-the-dark-side-of-stock-crypto-investments-in-india/
• https://knowledgebase.constantcontact.com/lead-gen-crm/articles/KnowledgeBase/50330-Understanding-Blocked-Forbidden-and-Disposable-Domains?lang=en_US
• https://www.meity.gov.in/
• https://intel471.com/blog/bulletproof-hosting-fast-flux-dns-double-flux-vps

‍

‍

Introduction

‍

The courts in India have repeatedly emphasised the importance of “enhanced customer protection” and “limited liability” on their part. The rationale behind such imperatives is to extend security against exploitation by institutions that are equipped with all the means to manipulate customers. India, with its looming financial literacy gaps that have to be addressed, needs to curb any manipulation on the part of banking institutions. Various studies have highlighted this gap in recent times; for example, according to the National Centre for Financial Education, only 27% of Indian people are financially literate, which is much less than the 42% global average. With only 19% of millennials exhibiting sufficient financial awareness yet expressing high trust in their financial skills, the issue is very worrisome. Thus, the increasing number of financial frauds intensifies the issue. 

Zero Liability in Cyber Frauds: Regulatory Safeguards for Digital Banking Customers

‍

In light of the growing emphasis on financial inclusion and consumer protection, and in response to the recent rise in complaints regarding unauthorised debits from customer accounts and cards, the framework for assessing customer liability in such cases has been re-evaluated. The RBI’s circular dated July 6, 2017 titled “Customer Protection-Limited Liability of Customers in Unauthorised Electronic Banking Transactions”  serves as the foundation for regulatory protections for Indian customers of digital banking. A clear and organised framework for determining customer accountability is outlined in the circular, which acknowledges the exponential increase in electronic transactions and related scams. It assigns proportional obligations for unauthorised transactions resulting from system-level breaches, client carelessness, and bank contributory negligence. Most importantly it establishes the zero responsibility concept, which protects clients from monetary losses in cases when the bank or another system component is at fault and the client promptly reports the breach. 

This directive’s sophisticated approach to consumer protection is what makes it unique. It requires banks to set up strong fraud prevention systems, proactive alerting systems, and round-the-clock reporting systems. Furthermore, it significantly alters the power dynamics between financial institutions and customers by placing the onus of demonstrating customer negligence completely on the bank. The circular emphasises prompt reversal of funds to impacted customers and requires banks to implement Board-approved policies on liability to redress. As a result, it is a consumer rights charter rather than just a compliance document, promoting confidence and financial accountability in India’s digital banking sector. 

Judicial Endorsement in Reinforcing the Zero Liability Principle

‍

 In the case of Suresh Chandra Negi & Anr. v. Bank of Baroda & Ors. (Writ (C) No. 24192 of 2022) The Allahabad High Court reaffirmed that the burden of proving consumer accountability rests firmly on the banking institution, hence reaffirming the zero liability concept in circumstances of unapproved electronic banking transactions. The Division bench emphasised the regulatory requirement that banks provide adequate proof before assigning blame to customers, citing Clause 12 of the RBI’s circular dated June 6, 2017, Customer Protection—Limited Liability of Customers in Unauthorised Electronic Banking Transactions. In a similar scenario, the Bombay HC held that a customer is entitled to zero liability when an authorized transaction occurs due to a third-party breach, where the deficiency lies neither with the bank nor the customer, provided the fraud is promptly reported. 

The zero liability principle, as envisaged under Clause 8 of the RBI circular, has emerged as a cornerstone of consumer protection in India’s digital banking ecosystem.  

Another landmark judgment that has given this principle the front stage in addressing banking frauds is Hare Ram Singh vs RBI &Ors. (W.P. (C) 13497/2022) laid down by Delhi HC which is an important legal turning point in the development of the zero liability principle under the RBI’s 2017 framework. The court reiterated the need to evaluate customer diligence in light of new fraud tactics like phishing and vishing by holding the State Bank of India (SBI) liable for a cyber fraud incident even though the transactions were authenticated by OTP. The ruling made it clear that when complex social engineering or technical manipulation is used, banks are nonetheless accountable even if they only rely on OTP validation. The legal protection provided to victims of unauthorised electronic banking transactions is strengthened by the court’s emphasis on the bank having the burden of evidence in accordance with RBI standards. 

Importantly, this ruling lays the full burden of securing digital banking systems on financial organisations and supports the judiciary’s increasing acknowledgement of the digital asymmetry between banks and consumers. It emphasises that prompt consumer reporting, banks’ failure to disclose important credentials, and their own operational errors must all be taken into consideration when determining culpability. As a result, this decision establishes a strong precedent that will increase consumer confidence, promote systemic advancements in digital risk management, and better integrate the zero liability standard into Indian digital banking law. In a time when cyber vulnerabilities are growing, it acts as a beacon for financial accountability. 

Conclusion

‍

The Zero Liability Principle serves as a vital safety net for customers navigating an increasingly intricate and precarious financial environment in a time when digital transactions are the foundation of contemporary banking. In addition to codifying strong safeguards against unauthorized electronic transactions, the RBI’s 2017 framework rebalanced  the fiduciary relationship by putting financial institutions squarely in charge. Through significant rulings, the courts have upheld this protective culture and emphasised that banks, not the victims of cybercrime, bear the burden of proof. 

It would be crucial to execute these principles consistently, review them frequently, and raise public awareness as India transitions to a more digital economy. In order to ensure that consumers are not only protected but also empowered must become more than just a policy on paper. 

‍

References

• https://www.business-standard.com/content/specials/making-money-vs-managing-money-india-s-critical-financial-literacy-gap-125021900786_1.html 
• https://www.livelaw.in/high-court/allahabad-high-court/allahabad-high-court-ruling-bank-liability-unauthorized-electronic-transaction-and-customer-fault-297962 
• https://www.mondaq.com/india/white-collar-crime-anti-corruption-fraud/1635616/cyber-law-series-2-issue-10-the-zero-liability-principle-in-cyber-fraud-hare-ram-singh-v-reserve-bank-of-india-ors-case 

‍