India and Pakistan Escalate Cyber Warfare Post-Pahalgam Attack: Implications for Indonesia’s Cybersecurity and Regional Stability

Keypoints:

• India experienced over 1.5 million cyber intrusion attempts from Pakistan-aligned APT groups, some operating via networks in Indonesia and neighboring countries.
• Tactics include DDoS, malware, website defacement, and disinformation campaigns aimed at destabilizing infrastructure and spreading propaganda.
• APT groups such as Pakistan Cyber Force and Mysterious Bangladesh hide their origins by leveraging international networks, complicating attribution and response efforts.
• India demonstrates high resilience by thwarting 99.99% of attacks, but remains cautious of recon activities and subtle breaches that can be exploited later.
• There is a growing call for a global cyber convention, similar to the Geneva Convention, to regulate state behavior and mitigate conflicts in cyberspace.
• Disinformation through social media is on the rise, with fake news about cyberattacks and national security issues posing additional threats requiring proactive detection and management.

Relationship with Indonesia and Recommended Actions:

• Indonesia should enhance its monitoring systems to detect and prevent misuse of national infrastructure or regional networks by foreign APT groups as attack vectors or proxies.
• The government must strengthen national cybersecurity defenses, employing advanced technologies such as AI and threat analytics, alongside regional and international intelligence sharing.
• Establish and promote norms and agreements akin to a “Geneva Convention” for cyberspace to improve responsible state conduct and international cooperation.
• Continue capacity-building and ongoing training for cybersecurity professionals to keep pace with evolving cyber tactics and coordinated threat campaigns.

What Indonesian Citizens Should Know and Do:

• Citizens should remain alert to disinformation and fake news related to cyber threats and national security, especially on social media platforms.
• Report suspicious online activities, phishing attempts, or malware incidents involving government or critical services immediately.
• Follow official government advisories and cybersecurity updates, and avoid sharing unverified information to prevent the spread of false narratives.

• https://www.devdiscourse.com/article/law-order/3378943-cyber-shield-maharashtras-battle-against-online-attacks
• https://www.cnbctv18.com/technology/explainer-dance-of-the-hillary-fake-viral-message-india-pakistan-cyber-conflict-19603297.htm
• https://inc42.com/buzz/india-steps-up-cyber-monitoring-after-pakistani-groups-hacking-claims/