#FactCheck: Fake Claim that US has used Indian Airspace to attack Iran

Introduction
‍

Rapid growth in India’s Digital Economy has opened up various options for companies to utilise digital technology as part of their operations. Examples of these technologies include cloud computing; online payment systems; digitally enabled supply chains; and platforms that facilitate remote working. As small and medium enterprises(SMEs) represent a major part of India’s economy, they have quickly been able to capitalise on the benefits these technologies provide in improving their operational efficiency and developing an increased presence within the market. However, this rapid pace of digitalisation creates an exposure to a much greater breadth of cyber-security threats than ever for SMEs. Today, perhaps the greatest cyber-threat facing SMEs in India is ransomware, an increasing frequent type of cyber-attack that has been increasing on a global scale over the past few years and in response, there have been numerous initiatives by various government agencies, industry organisations, and cyber-security firms designed to educate the general public on the risks of ransomware. 

What is Ransomware?
‍

Ransomware is a type of malware, which prevents all users being able to access their file system or access their data until they pay a ransom. In a standard ransomware event an attacker will breach the company's network, and encrypt all critical files so that they are unable to be used. The attacker usually demands payment in bitcoin because it is a difficult trace  and promises to provide a key to unlock the data in exchange for the payment. Attackers gain access to company networks by using social engineering techniques such as phishing email, stolen password, or exploiting an unpatched vulnerability in the software that is running on the company's network. 
‍

The Rising Threat of Ransomware
‍

Cybercriminals have created one of the most destructive varieties of cybercrimes around the world through ransomware; while experts in the cybersecurity field project losses to global ransomware damage may reach $30 billion by 2025. There has also been a marked increase in SMEs being attacked by ransomware-based cybercriminals throughout India. NASSCOM has done research and found that many SMEs in India have experienced attempted ransomware attacks in the past few years alone. According to incident reports provided through CERT-In, there has been a noticeable increase in the number of cybercrime occurrences throughout different sectors of India’s economy since those reports began. These developments have shown an increase in the size and level of sophistication of ransomware related threats.
‍

Why Indian SMEs Remain Vulnerable Despite Awareness
‍

Despite increased awareness about cyber threats, there is a large number of Indian SMEs that continue to be vulnerable to ransomware. The main reason is financial limitations. Many small businesses typically have limited financial resources and those limited resources more often than not, go towards operations, including production, logistics, and marketing - cybersecurity costs are usually viewed as additional costs.

Another significant problem facing SMEs is a shortage of skilled cybersecurity professionals. Large enterprises typically have dedicated security teams responsible for protecting the enterprise, whereas SMEs will employ IT staff generally without any specific expertise in detecting/countering cyber threats. Human error are also significant contributors to these cyber incursion events. An employee can inadvertently click on an email link or download an infected attachment, or use a weak password - all of which could provide opportunities for cybercriminals to access the company's network. Phishing emails continue to be the most common approach for initiating ransomware.

Furthermore - many SMEs have implemented digital platforms, such as cloud-based applications and payment processing, without appropriately executing cybersecurity planning prior to implementation. Many of the issues that have arisen from such rapid digitisation are due to a lack of sufficient planned cybersecurity measures as part of the implementation process. This has also resulted in a situation where technological advancements such as Ransomware as a Service (RaaS) have created an even larger pool of potential perpetrators (cybercriminals) with little-to-no expertise being able to launch a widespread ransomware campaign using readily available/pre-manufactured tools.
‍

Real-World Cyber Incidents Affecting Indian SMEs
‍

As several examples recently demonstrate, Indian SMEs continue to experience significant cyber attack risks. Recently, a logistics firm located in Gurugram found itself locked out of nearly 4,000 shipments due to a ransomware attack, which cost them ₹12 lakhs to fix because they had poor backups and another incident in Gurugram which highlights how vulnerable many SMEs in the country continue to be to ransomware attacks. In the case of a garments company, a hacker compromised the company's server by placing ransomware on its system. The company was forced to shut down its computerised warehouse system as a result of the attack. Only after the company had lost access to its system, did it receive a ransom demand from the hacker, in the form of an email requesting payment of 15 bitcoins (approximately ₹25 lakh), in order for the hacker to restore the company's access to the system. The hacker also threatened to delete the company's financial and banking records if the ransom were not paid. Gurgaon Police's Cyber Cell received the report of the incident, and registered a first information report (FIR) against unknown hackers. The case represents an opportunity for SMEs to evaluate the risks associated with ransomware.

‍

Bridging the Gap Between Awareness and Implementation
‍

Although awareness campaigns can show organisations what types of cybersecurity risks they’re exposed to, these campaigns will not keep businesses from being victims of a ransomware attack by themselves.. The most critical step forward is the implementation of the principles of cybersecurity from an understanding viewpoint to that of an active action. Organisations need to go beyond being aware of the risks related to cyber and then put measures in place to mitigate those risks.

To improve cybersecurity, organisations may need to spend money on developing and maintaining systems; set up regular training for employees on handling cyber threats and implementing an incident response plan to address security incidents; back up data regularly; maintain the hardware and software used in the organisation's computer systems at least once a month (or more often if necessary); and monitor all aspects of its computer systems continuously for weaknesses or problems.
‍

The Way Forward: Strengthening SME Cybersecurity
‍

In order to truly address the ransomware threat, collaboration by businesses, government agencies and cyber security professionals is mandatory. One of the biggest roles in this collaboration is through governmental initiatives to enhance the overall level of awareness of digital security among SMEs (small to medium-sized enterprises). Improved SME understanding of cyber risks will be based on the availability of affordable security solutions that are specifically tailored for small businesses.

Industry partnerships as well as public-private partnerships also aid the sharing of threat intelligence to strengthen collaborative defense against all cybercriminal activity.
‍

Conclusion
‍

Despite Indian SMEs being aware of cyber threats, they have been unable to implement safeguards or Cyber Security plans due to limited financial resources, insufficient qualified personnel, human errors, and the rapid pace at which digital technology is being adopted without adequate Cyber Security measures. In order to respond effectively to the growing threat of Ransomware, Indian SMEs must evolve from being aware of cyber threats to proactively developing Cyber Security strategies that will allow them to prevent, prepare for, and recover from the increased cyber threat posed by the rapidly growing digitalisation of business within an increasingly globalised economy.
‍

References 
‍

1. https://www.ibm.com/think/topics/ransomware
2. https://primeinfoserv.com/indias-sme-cybersecurity-crisis-real-incidents-real-lessons-2024-2025/
3. https://timesofindia.indiatimes.com/city/gurgaon/ransomware-attack-on-apparel-firm-all-data-lost/articleshow/59496777.cms#
4. https://ciso.economictimes.indiatimes.com/news/cybercrime-fraud/indian-businesses-face-nearly-700-ransomware-attacks-per-day-kaspersky/120471668
5. https://smestreet.in/msmenews/indian-smes-remain-alarmingly-exposed-to-ransomware-threats-sophos-report-2025-9456628
6. https://m.economictimes.com/news/how-to/how-can-indian-smes-combat-ransomware-attacks/articleshow/108047111.cms

‍

Introduction

The Indian Cabinet has approved a comprehensive national-level IndiaAI Mission with a budget outlay ofRs.10,371.92 crore. The mission aims to strengthen the Indian AI innovation ecosystem by democratizing computing access, improving data quality, developing indigenous AI capabilities, attracting top AI talent, enabling industry collaboration, providing startup risk capital, ensuring socially-impactful A projects, and bolstering ethical AI. The mission will be implemented by the'IndiaAI' Independent Business Division (IBD) under the Digital India Corporation (DIC) and consists of several components such as IndiaAI Compute Capacity, IndiaAI Innovation Centre (IAIC), IndiaAI Datasets Platform, India AI Application Development Initiative, IndiaAI Future Skills, IndiaAI Startup Financing, and Safe & Trusted AI over the next 5 years.

This financial outlay is intended to befulfilled through a public-private partnership model, to ensure a structured implementation of the IndiaAI Mission. The main objective is to create and nurture an ecosystem for India’s AI innovation. This mission is intended to act as a catalyst for shaping the future of AI for India and the world. AI has the potential to become an active enabler of the digital economy and the Indian government aims to harness its full potential to benefit its citizens and drive the growth of its economy.

Key Objectives of India's AI Mission

●     With the advancements in data collection, processing and computational power, intelligent systems can be deployed in varied tasks and decision-making to enable better connectivity and enhance productivity.

●     India’s AI Mission will concentrate on benefiting India and addressing societal needs in primary areas of healthcare, education, agriculture, smart cities and infrastructure, including smart mobility and transportation.

●     This mission will work with extensive academia-industry interactions to ensure the development of core research capability at the national level. This initiative will involve international collaborations and efforts to advance technological frontiers by generating new knowledge and developing and implementing innovative applications.

The strategies developed for implementing the IndiaAI Mission are via Public-Private Partnerships, Skilling initiatives and AI Policy and Regulation. An example of the work towards the public-private partnership is the pre-bid meeting that the IT Ministry hosted on 29th August2024, which saw industrial participation from Nvidia, Intel, AMD, Qualcomm, Microsoft Azure, AWS, Google Cloud and Palo Alto Networks.

Components of IndiaAI Mission

The IndiaAI Compute Capacity: The IndiaAI Compute pillar will build a high-end scalable AI computing ecosystem to cater to India's rapidly expanding AI start-ups and research ecosystem. The ecosystem will comprise AI compute infrastructure of 10,000 or more GPUs, built through public-private partnerships. An AI marketplace will offer AI as a service and pre-trained models to AI innovators.

The IndiaAI Innovation Centre will undertake the development and deployment of indigenous Large Multimodal Models (LMMs) and domain-specific foundational models in critical sectors. The IndiaAI Datasets Platform will streamline access to quality on-personal datasets for AI innovation.

The IndiaAI Future Skills pillar will mitigate barriers to entry into AI programs and increase AI courses in undergraduate, master-level, and Ph.D. programs. Data and AI Labs will be set up in Tier 2 and Tier 3 cities across India to impart foundational-level courses.

The IndiaAI Startup Financing pillar will support and accelerate deep-tech AI startups, providing streamlined access to funding for futuristic AI projects.

The Safe & Trusted AI pillar will enable the implementation of responsible AI projects and the development of indigenous tools and frameworks, self-assessment check lists for innovators, and other guidelines and governance frameworks by recognising the need for adequate guardrails to advance the responsible development, deployment, and adoption of AI.

CyberPeace Considerations for the IndiaAI Mission

●     Data privacy and security are paramount as emerging privacy instruments aim to ensure ethical AI use. Addressing bias and fairness in AI remains a significant challenge, especially with poor-quality or tampered datasets that can lead to flawed decision-making, posing risks to fairness, privacy, and security.

●     Geopolitical tensions and export control regulations restrict access to cutting-edge AI technologies and critical hardware, delaying progress and impacting data security. In India, where multilingualism and regional diversity are key characteristics, the unavailability of large, clean, and labeled datasets in Indic languages hampers the development of fair and robust AI models suited to the local context.

●     Infrastructure and accessibility pose additional hurdles in India’s AI development. The country faces challenges in building computing capacity, with delays in procuring essential hardware, such as GPUs like Nvidia’s A100 chip, hindering businesses, particularly smaller firms. AI development relies heavily on robust cloud computing infrastructure, which remains in its infancy in India. While initiatives like AIRAWAT signal progress, significant gaps persist in scaling AI infrastructure. Furthermore, the scarcity of skilled AI professionals is a pressing concern, alongside the high costs of implementing AI in industries like manufacturing. Finally, the growing computational demands of AI lead to increased energy consumption and environmental impact, raising concerns about balancing AI growth with sustainable practices.

Conclusion

We advocate for ethical and responsible AI development adoption to ensure ethical usage, safeguard privacy, and promote transparency. By setting clear guidelines and standards, the nation would be able to harness AI's potential while mitigating risks and fostering trust. The IndiaAI Mission will propel innovation, build domestic capacities, create highly-skilled employment opportunities, and demonstrate how transformative technology can be used for social good and enhance global competitiveness.

References

●     https://economictimes.indiatimes.com/tech/artificial-intelligence/governments-say-aye-to-sovereign-ai/articleshow/113014070.cms

●     https://www.livemint.com/industry/amid-push-for-indian-ai-myriad-challenges-pose-concerns-11720012574665.html

●     https://pib.gov.in/PressReleasePage.aspx?PRID=2012375

●     https://pib.gov.in/PressReleaseIframePage.aspx?PRID=2012355#:~:text=The%20Mission%20will%20be%20implemented,1

‍

A war in the twenty-first century does not start when the first bullet or missile is fired. It begins much earlier, covertly, and without any official announcement. Cyberspace is this new battlefield. States now use a variety of ransomware, malicious codes, and disinformation campaigns to undermine their enemies' capabilities before launching an offensive. These pre-conflict cyber operations are now the primary frontline of contemporary hybrid warfare, which is changing how conflicts are fought and conducted.

‍

The Birth of a Digital Battlefield

‍

Hybrid Warfare is a blend of conventional military force with nonmilitary tactics like economic coercion, disinformation, and cyberattacks that have evolved rapidly in recent decades. Hybrid methods of warfare are nothing new, as the scale and sophistication of cyber operations in modern conflicts are unprecedented. Russia’s actions in Ukraine demonstrated the capability of digital tools to paralyse the critical systems before its heavy munitions could be deployed for combat operations. Within days of the 2022 invasions, Ukraine faced massive Distributed Denial of Service (DDoS) attacks targeting banks, government websites, and energy infrastructures. The digital frontlines have softened the physical defences long before the conventional warfare began. 

According to the FP Analytics’ “Digital Front Lines” Project, cyber operations are no longer an auxiliary tactic but a core component of hybrid warfare, blurring the boundary between peace and war. They enable states to exert pressure, gather intelligence, and disrupt adversaries, often without being attributed or held accountable. 

‍

Cyber Operations: The modern Prelude to War

‍

The use of digital technologies for surveillance, information network disruption, or critical infrastructure destruction is known as cyber operations. They are especially useful instruments for pre-conflict manipulation because of their ambiguity and stealth. Cyberattacks, in contrast to conventional military strikes, can accomplish strategic goals while providing plausible deniability.
Coordinated cyberattacks that spread misinformation and damaged public confidence disrupted government communication systems prior to Russia's invasion of Ukraine. These sorts of incidents highlight the integrated nature of cyber and kinetic operations, where digital assaults often serve as the initial phases of modern wars.

‍

The Expanding Spectrum of Actors or Threat 

‍

Cyberspace has democratized warfare, which once required an army, can now be initiated by a handful of skilled programmers with access to the right tools. The cyber landscape of the present times features a wide spectrum of threat actors, which can be understood as; 

• State actors like intelligence or military agencies conduct cyber operations as part of official foreign policy. 
• Cybercriminals pursue financial gains, often overlapping with political motives. 
• Terrorist groups use cyberspace to spread propaganda for coordinated attacks. 
• Cyber mercenaries being hired by both the state and nonstate clients can blur the ethical and legal boundaries. 

‍

This diversity can complicate the attribution by determining that anyone who is actively working behind conducting cyberattacks can be notoriously difficult, allowing the states to hide behind “plausible deniability.” This ‘Gray Zone’ of conflict below the threshold of a declared war, above mere diplomacy, has become the preferred arena for modern power struggles. 

‍

Civilian Involvement and Ethical Dilemmas

‍

Unlike traditional warfare, where the cyber domain entangles civilians as both participants and targets. Much of the nation’s critical infrastructure, which includes energy grids, hospitals, transportation, and communication systems, is owned and operated by private entities. As a result, the civilian industries and experts are becoming central to both cyber defence and offence. 

During the Russia–Ukraine War, the volunteer hackers from around the world were many of whom are being coordinated through the app Telegram, which is termed as ‘IT Army of Ukraine’, are known for conducting digital strikes on Russian networks. Conversely, the Russia-affiliated hacker groups like Conti had vowed to retaliate against any nations that supported Ukraine. 

This civilian participation raises profound legal and moral questions, over a private company’s role in defending their networks of becoming a combatant, or the impact of retaliatory cyberattacks on civilian infrastructure war crimes. International law has yet to provide a clear answer, which can leave dangerous gaps in the governance to counter cybercrimes. 

‍

Susceptibility of Contemporary Society to Cyber Warfare

‍
Cyberwarfare can impact an entire global digital ecosystem due to its interconnectedness. Power grids, hospitals, air traffic systems, and even automation devices can be compromised. While the NotPetya ransomware, which was cloaked as ransomware, caused billions of losses and caused worldwide economic damage from shipping companies to pharmaceutical companies, the WannaCry ransomware attacks in 2017 paralysed hospitals throughout the UK's National Health Service.

When taken as a whole, these incidents have also shown that cyberattacks are no longer limited to espionage situations and can have real-world consequences comparable to those of conventional warfare. The consequences of cyberattacks could increase dramatically as our dependence on technology increases. Because these effects are profoundly psychological in nature and seek to sow fear, mistrust, and social disintegration, they are not merely technical or economic in nature.

‍

The Future: Permanent Cyber Frontlines

‍

Technological developments have made cyberspace a permanent theatre of conflict, joining the land, sea, air, and space. Countries are currently making significant investments in cyber capabilities for deterrence as well as defence. According to security experts like Eriksson and Giacomello, societies are now inherently fragile due to our increasing reliance on information technologies.

Cyber operations in this context are about strategic dominance in a globalised world, not just digital espionage. Who controls the networks and algorithms that run contemporary civilisation will determine the future of war, not just who controls the skies or the seas. As per the new reality, before the drop of the first bomb, a silent war in cyberspace will already be underway.     

‍

References

‍

• https://digitalfrontlines.io/2023/05/25/the-evolution-of-cyber-operations-in-armed-conflict/
• https://theses.ubn.ru.nl/server/api/core/bitstreams/9d74149e-fb9a-402f-aa65-a90445ad7603/content
• https://cybersecurityguide.org/resources/cyberwarfare/
• https://re.public.polimi.it/retrieve/e0c31c0b-ce6c-4599-e053-1705fe0aef77/21%20Century%20Cyber%20Warfare.pdf