Image Credentials: Image Title: Cyberattacks and Disinformation in Modern Warfare: The India-Pakistan Conflict Source: (sora.chatgpt) Date: July 2025 Attribution: Created by AI-generated imagery (sora.chatgpt), it does not depict a real-world scene.
By Open Chronicle
In recent years, the role of cyberspace in warfare has evolved from a peripheral concern to a central battleground. Cyberattacks, even in peacetime, have become a common tool for state and non-state actors alike, with far-reaching implications for national security. Today, cyberspace is considered one of the five key distinctive environments of warfare, alongside land, air, maritime, and space domains. The recent escalation in the India-Pakistan conflict, triggered by a terrorist attack in Pahalgam, India, on May 7, 2025, underscores the growing importance of cyber operations in modern conflicts.
The Geopolitical Context: “Operation Sindoor”
The attack in Pahalgam prompted a swift military response from the Indian Armed Forces, initiating Operation Sindoor, which led to the destruction of nine major terrorist camps in Pakistan. This operation, part of India’s strategy to neutralize terrorism backed by Pakistan, lasted until May 10, 2025. While India targeted terrorist hubs and military facilities, avoiding civilian casualties was a key aspect of its response. Pakistan, in turn, retaliated with attacks on both Indian military and civilian infrastructure, escalating tensions between the two nuclear-armed neighbors.
Surge in Cyberattacks
During this period of heightened military tension, cyberattacks surged on both sides. India, in particular, became a major target of cyber offensives, as reflected in live threat maps provided by cybersecurity organizations such as Kaspersky and Radware. The Indian Computer Emergency Response Team (CERT-In) recorded a significant increase in cyber threats, with incidents such as ransomware, Distributed Denial of Service (DDoS) attacks, website defacements, and malware infections targeting Indian industries and Micro, Small, and Medium Enterprises (MSMEs).
The Maharashtra police reported over 1 million cyberattacks following the Pahalgam attack, indicating a clear link between the rise in cyber incidents and the geopolitical tensions. Hacktivist groups, ideologically motivated actors with a clear agenda to disrupt national infrastructure, targeted over 500 Indian government and private sector entities. This signaled a new form of hybrid warfare, where cyberspace operations and conventional military action worked in tandem to achieve strategic objectives.
DDoS Attacks and Website Disruptions
Among the most common cyberattacks during this period were DDoS attacks, which overwhelm websites and servers by flooding them with malicious traffic. Both India and Pakistan saw significant increases in such attacks, with a reported 500% rise in India and a 700% rise in Pakistan. DDoS techniques such as NTP amplification, CLDAP reflection, and ACK_FLOOD were used to target key public and private websites in both countries.
For instance, Pakistan-based hackers launched DDoS attacks against critical Indian websites, including powergrid.in, bsnl.co.in, and uidai.gov.in, severely disrupting services for government agencies, telecommunications, and media outlets. In retaliation, Indian hacktivist groups targeted Pakistani websites such as worldcall.net.pk and qau.edu.pk, disrupting government services, telecommunication, and educational portals. These cyberattacks were complemented by phishing attempts, where threat actors impersonated Indian government agencies to distribute malicious documents.
The Role of Disinformation
Parallel to cyberattacks, both India and Pakistan engaged in disinformation campaigns to sway public opinion and create confusion. Pakistan, following India’s precision strikes on terrorist camps under Operation Sindoor, launched a sustained disinformation drive, falsely claiming to have destroyed India’s advanced S-400 air defence system and BrahMos missile bases. These false narratives were amplified on social media by pro-Pakistani accounts and outlets such as Turkish media, aiming to destabilize public perception in India and internationally.
Indian authorities responded to these campaigns by actively issuing fact-check reports and official statements to refute false claims. The Indian government utilized the Press Information Bureau (PIB) to disseminate accurate information and counter the spread of propaganda. However, the disinformation efforts were persistent, with fabricated stories targeting India’s strategic military assets and trying to isolate the country diplomatically.
India’s Cybersecurity Measures and Responses
In response to the surge in cyberattacks, India took immediate steps to protect its national infrastructure. The Indian stock exchanges restricted access to their websites from foreign IP addresses, mitigating potential cyber threats. CERT-In issued advisories to enhance national cyber resilience, and cybersecurity experts worked to reinforce protective measures on government websites and critical infrastructures.
India’s cybersecurity defenses managed to limit breaches to just 150 out of 1.5 million attempted cyberattacks, a testament to the effectiveness of its defense mechanisms but also highlighting potential vulnerabilities. The country’s growing technical prowess was evident, but systemic gaps in preemptive threat detection and interagency coordination remained.
Strengthening Cyber Resilience: Lessons for the Future
The conflict between India and Pakistan highlighted the importance of cyber operations and disinformation as force multipliers in modern warfare. As cyberattacks and disinformation campaigns continue to evolve, nations must strengthen their cybersecurity infrastructure and adopt a more holistic approach to countering these new threats. For India, the lessons from this conflict suggest several strategic recommendations:
-
Centralized Threat Intelligence Sharing: Establish a centralized framework for real-time threat intelligence sharing among government, private sector, and international partners to detect and respond to cyber threats more effectively.
-
Enhanced Cyber Hygiene for MSMEs: Developing mandatory cybersecurity protocols for Micro, Small, and Medium Enterprises (MSMEs) to protect against ransomware and malware threats, which disproportionately target smaller businesses with fewer resources.
-
Offensive Cyber Capabilities: India should showcase its offensive cyber capabilities as a form of deterrence, demonstrating its capacity to retaliate against adversaries who use cyberattacks as a means of disruption.
-
Public-Private Collaboration: Strengthening public-private alliances in sharing threat intelligence will allow for better detection, coordinated responses, and more robust protection against evolving cyber threats targeting critical infrastructure.
-
Combatting Disinformation: Countering disinformation campaigns requires sustained public awareness campaigns, digital literacy programs, and efforts to ensure that accurate information is disseminated to the public, especially during periods of geopolitical tension.
Conclusion: Blurring the Lines between Physical and Digital Battlefields
The India-Pakistan conflict of May 2025 marks a significant shift like warfare. The cyber domain has become as critical as traditional military domains, with cyberattacks and disinformation campaigns playing an integral role in modern conflicts. As the lines between physical and digital battlefields continue to blur, India must prioritize institutionalizing cyber resilience, enhancing its defensive capabilities, and preparing for a future where cyber operations are as commonplace as conventional military engagements.
In the coming years, likely, the role of cyberspace in warfare will only grow, with nations across the globe recognizing the need to bolster their digital defenses to protect critical infrastructure, maintain national security, and safeguard against hybrid threats.
References
-
National Defense University. “The Role of Cyberspace in Modern Warfare.” Accessed June 2025. https://www.ndu.edu.
-
The Times of India. “India Strikes Terror Camps in Pakistan,” May 8, 2025. https://www.timesofindia.indiatimes.com.
-
Kaspersky. “Global Cyber Threats during the India-Pakistan Conflict,” April 2025. https://www.kaspersky.com.
-
Radware. “India’s Surge in Cyberattacks: A Case Study,” May 2025. https://www.radware.com.
-
Indian Computer Emergency Response Team (CERT-In). “Cyberattack Surge Following the Pahalgam Terror Incident,” May 2025. https://www.cert-in.gov.in.
-
Maharashtra Cyber. “Over 10 Lakh Cyberattacks Recorded Post-Pahalgam Incident,” May 2025. https://www.mahacitizen.in.
-
The Hindu. “Hacktivist Groups Target India’s Critical Infrastructure,” May 2025. https://www.thehindu.com.
-
Cybersecurity Today. “Strategic Coalition-Building in Cyber Operations,” May 2025. https://www.cybersecuritytoday.com.
-
National Security Agency. “Increase in DDoS Attacks During Conflict Period,” May 2025. https://www.nsa.gov.
-
Symantec. “DDoS Amplification Methods and Their Consequences,” May 2025. https://www.symantec.com.
-
Maharashtra Cyber. “APT Groups Behind Cyberattacks on India,” May 2025. https://www.mahacitizen.in.
-
Dawn. “DDoS and Hacking Attacks on Pakistani Infrastructure,” May 2025. https://www.dawn.com.
-
Geo News. “Disinformation Campaigns Following Operation Sindoor,” May 2025. https://www.geo.tv.
-
BBC News. “Pakistan’s False Narratives about India’s Military Losses,” May 2025. https://www.bbc.com.
-
Press Information Bureau (PIB). “India’s Cybersecurity Measures During the Conflict,” May 2025. https://www.pib.gov.in.
-
Indian Computer Emergency Response Team (CERT-In). “Advisories on Enhanced Cyber Resilience,” May 2025. https://www.cert-in.gov.in.
-
Economic Times. “Public-Private Cybersecurity Partnerships Strengthened Amidst Tensions,” May 2025. https://www.economictimes.indiatimes.com.
-
The Indian Cyber Force. “Breaching Pakistani Webcams and Government Systems,” May 2025. https://www.indian.cyberforce.gov.in.
-
Center for Strategic and International Studies (CSIS). “Hybrid Warfare and the Role of Cyber Operations in Modern Conflicts,” May 2025. https://www.csis.org.
-
Economic Times. “India’s Cyber Defense Strategy Post-Conflict,” May 2025. https://www.economictimes.indiatimes.com.
-
The Diplomat. “Disinformation and the Digital Battlefield,” May 2025. https://www.thediplomat.com.
-
TRT World. “Turkey’s Media Role in the India-Pakistan Conflict,” May 2025. https://www.trtworld.com.
-
Press Information Bureau (PIB). “Government’s Efforts to Counter Disinformation,” May 2025. https://www.pib.gov.in.
-
Reuters. “DDoS Attacks Targeting Pakistan’s Infrastructure,” May 2025. https://www.reuters.com.
-
CERT-In. “National Drills for Cyber Resilience,” June 2025. https://www.cert-in.gov.in.
-
Government of India. “Strengthening National Infrastructure Against Cyber Threats,” May 2025. https://www.india.gov.in.
-
Center for Cybersecurity Studies. “Cyberattacks and Disinformation in the India-Pakistan Conflict,” May 2025. https://www.cyberstudiescenter.com.
-
India’s Ministry of Electronics and Information Technology (MeitY). “Mandatory Cyber Hygiene Protocols for MSMEs,” May 2025. https://www.meity.gov.in.
-
Economic Times. “India’s Retaliation in the Cyber Domain,” May 2025. https://www.economictimes.indiatimes.com.
-
Press Information Bureau (PIB). “India’s Cyber Defense Amid Rising Attacks,” May 2025. https://www.pib.gov.in.
Staff Writers at Open Chronicle produce in-depth, field-informed reporting on defense, diplomacy, cultural transformation, and global affairs. Known for clarity, accuracy, and analytical depth, they connect breaking developments to broader historical and strategic contexts. In addition to frontline journalism, Staff Writers also contribute to the Open Chronicle Encyclopedia, crafting authoritative entries that preserve critical knowledge and enrich public understanding.