Defence Cyber Agency of India

What do you expect from DSA?


  • Total voters
    37

hawwk

Tihar Jail
Banned
Joined
Jun 20, 2021
Messages
680
Likes
3,264
Country flag
As stated many times before, GoI has announced the formation of DSA which is now commanded by Rear Admiral Mohit Gupta

1629375261707.png
Credit (NDTV)

Let's start a discussion about what are you guys expecting from it.

===============================================

Defence Cyber Agency

ActiveEstablished: 28 September 2018
Activated: November 2019
Operational: August 2021
Country
India
TypeTri-service command
RoleCyber Warfare
Part ofIntegrated Defence Staff (IDS)
HeadquartersNew Delhi, India
Current
commander
Rear Admiral Mohit Gupta
The Defence Cyber Agency (DCA) is a tri-service command of the Indian Armed Forces. Headquartered in New Delhi, the agency is tasked with handling cyber security threats. The DCA draws personnel from all three branches of the Armed Forces. It reports to the Chief of Defence Staff (CDS) through the Integrated Defence Staff (IDS).

Indian Navy Rear Admiral Mohit Gupta was appointed in May 2019 as the first head of the DCA. The DCA is expected to be operational by November 2019. As of 2021, DCA is fully operational with Army, Air Force and Navy established their respective Cyber Emergency Response

============================================================================================================

History

The Naresh Chandra Task Force was set up in July 2011 by National Security Advisor Shivshankar Menon to review the recommendations of the Kargil Review Committee, assess the implementation progress and further suggest new reforms related to national security.[5][6] The task force was led by Naresh Chandra, retired Indian Administrative Service officer, and comprised 13 other members, including Gopalaswami Parthasarathy, Air Chief Marshal Srinivasapuram Krishnaswamy (Retd), Admiral Arun Prakash (Retd), Lt Gen V. R. Raghavan (Retd), Anil Kakodkar, K C Verma and V K Duggal. The committee conducted the first holistic review of national security since the Kargil Review Committee and submitted its classified report to Prime Minister Manmohan Singh on 23 May 2012.[7] Among its recommendations, the Task Force recommended the creation of a cyber command (DCA), an aerospace command and a special operations command. All three units were proposed to be tri-service commands in order to bring the various special forces units of the military under a unified command and control structure.[8][9]

The creation of the Defence Cyber Agency (DCA), the Defence Space Agency (DSA), and the Armed Forces Special Operations Division (AFSOD) were approved by Prime Minister Narendra Modi during the Combined Commanders' Conference at Jodhpur Air Force Station on 28 September 2018. The existing Defence Information Assurance and Research Agency will be upgraded to form the new Defence Cyber Agency.

Area of responsibility (ALLEGED)

The Week reported that the DCA would have the capability to hack into networks, mount surveillance operations, lay honeypot, recover deleted data from hard drives and cellphones, break into encrypted communication channels, and perform other complex objectives. According to Lieutenant General Deependra Singh Hooda, the DCA will have the responsibility of framing a long-term policy for the security of military networks, which includes eliminating the use of foreign hardware and software in the Indian Armed Forces, and preparing a Cyberwarfare doctrine.

=============================================================================================================

Since a joint military department is just renamed as DSA, and retasked for "cyber operations". I don't see any change in work ethics tho... until they actively hire youth that are working in this sector.

Mind you cyber operations is not budget friendly at all. We will need hi-tech equipment for it's operation
 

hawwk

Tihar Jail
Banned
Joined
Jun 20, 2021
Messages
680
Likes
3,264
Country flag
Would its scope be limited to only Cyber Attack and Defense or would it also cover Digital and Electronic warfare ( attack; protection; Support)?

Also does the DSA have any research and development environment?


,
The existing Defence Information Assurance and Research Agency will be upgraded to form the new Defence Cyber Agency.

Since a joint military department is just renamed
as DSA, and retasked for "cyber operations". I don't see any change in work ethics tho... until they actively hire youth that are working in this sector.
Very less is known till now but yes they might have that environment
 

Suryavanshi

Cheeni KLPDhokebaaz
Senior Member
Joined
Jun 5, 2017
Messages
16,330
Likes
70,171
What I always wanted was a dedicated national Information Sharing Platform.

A dedicated network where information is shared Between various agencies.
Information network will have different level of encryption based on the the sensitivity of information.
 

hawwk

Tihar Jail
Banned
Joined
Jun 20, 2021
Messages
680
Likes
3,264
Country flag
What I always wanted was a dedicated national Information Sharing Platform.

A dedicated network where information is shared Between various agencies.
Information network will have different level of encryption based on the the sensitivity of information.
Too risky. The more endpoints a network have, the more vulnerable it is. A data is sent to every computer in a network until it finds a correct destination. It's better to have small small networks with info shared physically or only through secured tunnel...
 

ezsasa

Designated Cynic
Mod
Joined
Jul 12, 2014
Messages
31,719
Likes
147,000
Country flag
What I always wanted was a dedicated national Information Sharing Platform.

A dedicated network where information is shared Between various agencies.
Information network will have different level of encryption based on the the sensitivity of information.
information sharing network for security agencies already exists, was mentioned in a Sanjay Dixit interview with RVS Mani.

Obviously encryption info will not be publicly available.
 

hawwk

Tihar Jail
Banned
Joined
Jun 20, 2021
Messages
680
Likes
3,264
Country flag
Apparently meitY(ministry of electronics and information technology) and national center of excellence in
technology for internal security are jointly organising a cyber related programme. at iit bombay

i'm not sure if that's a hidden recruitment technique because i haven't heard about it before

do you guys have more info about it? or is it another stupid cyber awareness blah blah sh!t
 

Okabe Rintarou

Senior Member
Joined
Apr 23, 2018
Messages
2,337
Likes
11,986
Country flag
@ezsasa Requesting couple of actions for streamlining threads on cybersecurity.
Requesting merger of the following thread into this one: https://defenceforumindia.com/threads/indian-military-stepping-up-cyber-security.80657/
Also requesting that the following thread be renamed from "Indian Cyber Warfare Capability Discussions and Infosec News" to "Indian Civilian Cybersecurity: Discussions and Infosec news" so that we have two separate threads: This one for Defence Cyber Agency and the other one for Civilian Cybersecurity.
https://defenceforumindia.com/threa...apability-discussions-and-infosec-news.82030/
.
CYBER WARFARE


Government has approved establishment of Defence Cyber Agency, under the aegis of Ministry of Defence. This agency is now fully functional. To mitigate cyber threats, all the three Services have established their respective Cyber Emergency Response Teams (CERT). Furthermore, Government of India is formulating the National cyber security strategy, which is in the final stages of approval.

There have been repeated attempts by various cyber threat actors to target our various sectors. However, measures are being taken to detect and deter these threats.

Adequate safeguards have been instituted in the form of Cyber Audits, Physical Checks and Policy Guidelines to ensure a robust cyber posture of armed forces.

This information was given by Raksha Rajya Mantri Shri Ajay Bhatt in a written reply to Shri Shyam Singh Yadav in Lok Sabha today.

https://pib.gov.in/PressReleasePage.aspx?PRID=1742322
This makes it look like the immediate thrust is on Defensive capabilities, rather than offensive ones. Its clear we lag behind. Anyways, whenever we get around to it, what Offensive Cybersecurity capabilities should we be targeting? IT Gurus on this forum please enlighten us.

@Arkanoid brings up an interesting point. In my opinion, Cyberwarfare would be closely connected to Electronic Warfare as well. The Americans are already including Cyber attack capabilities to target Integrated Air Defence Systems (like Indian Air Force's IACCS) into the USAF's Next Generation Jammer. I still don't understand which mechanisms would allow a signal fed by jammer to enemy radar to act as a vector for a cyberattack, but they are already working on it, which means the Chinese are too. Another capability focus, I imagine, would be on developing means to hack SDR networks and get into communications. If they hack the IFF, it would be disastrous. Meanwhile we are still focused on Defence it seems: CERTs, firewalls, penetration testing, network redundancy, security audits, best practice awareness, etc seems to be the focus for now. Whenever we get around to building our Military CyberAttack muscle, which capabilities should we focus on?
Recently on PM's directive, CDS has started working on a new Non-Contact Warfare Doctrine. It entails Information Warfare, Psychological Warfare and Cyberwarfare. Objective is to intimidate adversary through use of non-Contact warfare. Hopefully it details Cyber Attack capabilities the Armed Forces want so that Private Sector, DRDO, C-DAC, etc can start working on those today so that by the time Armed Forces are done forming their Cyber Defences, they have offerings of Cyber Attack systems.
.
That Cyberwarfare is closely linked with Electronic Warfare is clear when we look at PLA's Strategic Support Force (PLASSF). In PLASSF, there is more compartmentalization between tactical and strategic intelligence ops than there is between Cyber and Electronic capabilities. PLA has "Electronic and Network Warfare" groups at Army brigade level and is well integrated into the Operational planning process insomuch that PLA commanders might rely on these capabilities more than they would on Physical attacks. Network warfare is PLA-speak for Cyberwarfare. Their doctrine calls for two different types of Cyber attacks: 1.) Degrade enemy Network, 2.) Concealed attack to affect enemy decision making to make it maneuver its tactical forces into a trap laid by PLA's tactical forces. Even in Brigade level reconnaissance, they have in addition to traditional methods like recce by fire, by attack, etc: Recce by electronic or digital search.
.
PLA's entire doctrine is to avoid enemy's strong points and attack its weak ones. Which may be why they avoided kinetic warfare with India. I don't know how capable their systems are and doctrinally, I do think they are overemphasizing the focus on "breaking enemy morale" and attacking Networks rather than Physically attacking field formations to defeat enemy. And I think that they are doing this because PLA is a more centralized military and it knows that Network warfare and psychological warfare would be very effective against PLA, so it thinks that it would be very effective against enemy Armed Forces as well. They might not understand that it would be more effective on PLA than against Indian Army, for example. Which is exactly why India should cease the initiative and use its traditional strength in the field along with Cyber and Electronic warfare capabilities to achieve maximum efficiency against the PLA.
.
In that respect, the new non-Contact Warfare doctrine is timely and targets the right spot: Intimidating the enemy. Will also allow us to counter Pakistan's proxy warfare to some extent by giving us non-kinetic options for terror attacks smaller than the ones which necessitated our response in Balakote and Uri.
 

Okabe Rintarou

Senior Member
Joined
Apr 23, 2018
Messages
2,337
Likes
11,986
Country flag
Reading this US military Doctrine document on Electronic Warfare (EW): https://irp.fas.org/doddir/dod/jp3-13-1.pdf
Made me realize that Defence Cyber Agency should be converted to Defence Cyber and Electronic Warfare Agency, and then upgraded to a Defence Cyber and Electronic Warfare Command. The three services need to coordinate their EW effort, instead of Army doing EW through Samyukta and Air Force doing its own EW for SEAD/DEAD, etc through jammers and dedicated SIGINT aircraft, its better to coordinate the effort across the board.

But more important than that, its very important to exploit the synergy between Electronic Warfare and Cyberwarfare. For example, a Cyber attack can force an enemy to rely on wireless network, which in turn is vulnerable to EW. Another major example is this: EW-delivered computer network attack (CNA)
Under EW-delivered CNA, USAF plans to use its Next-Generation Jammer pod to inject malacious code into an Air Defence network similar to Indian Air Force's IACCS. I've never heard any Indian agency even mention such a capability. A third example is the use of EW weapons such as HPM devices and EMP bombs to electronically target enemy computer servers.

We are lagging behind in RMA unless we make a similar doctrinal transition. The Chinese already look at EW and cyberwarfare as two things meant to be performed in unison.
 

Okabe Rintarou

Senior Member
Joined
Apr 23, 2018
Messages
2,337
Likes
11,986
Country flag
This makes it look like the immediate thrust is on Defensive capabilities, rather than offensive ones. Its clear we lag behind. Anyways, whenever we get around to it, what Offensive Cybersecurity capabilities should we be targeting? IT Gurus on this forum please enlighten us.
This paper by ORF argues that Indian Government should focus on, rather than shy away from, offensive capabilities in Cyber warfare because just like Air Power, nature of Cyberwarfare is such that it favours the one on the offensive.
https://www.orfonline.org/expert-speak/india-and-cyberspace-balance-between-offence-and-defence/
As we can see from the poll above in this thread, members on DFI strongly agree with the article and disagree with the largely defensive posture of Indian Cyber Defence Agency.
EDIT: Maybe this new non-Contact doctrine being currently formulated will begin this shift towards a more offensive focus: https://defenceforumindia.com/threa...irectives-non-contact-warfare-doctrine.83010/
 
Last edited:

hawwk

Tihar Jail
Banned
Joined
Jun 20, 2021
Messages
680
Likes
3,264
Country flag
Reading this US military Doctrine document on Electronic Warfare (EW): https://irp.fas.org/doddir/dod/jp3-13-1.pdf
Made me realize that Defence Cyber Agency should be converted to Defence Cyber and Electronic Warfare Agency, and then upgraded to a Defence Cyber and Electronic Warfare Command. The three services need to coordinate their EW effort, instead of Army doing EW through Samyukta and Air Force doing its own EW for SEAD/DEAD, etc through jammers and dedicated SIGINT aircraft, its better to coordinate the effort across the board.

But more important than that, its very important to exploit the synergy between Electronic Warfare and Cyberwarfare. For example, a Cyber attack can force an enemy to rely on wireless network, which in turn is vulnerable to EW. Another major example is this: EW-delivered computer network attack (CNA)
Under EW-delivered CNA, USAF plans to use its Next-Generation Jammer pod to inject malacious code into an Air Defence network similar to Indian Air Force's IACCS. I've never heard any Indian agency even mention such a capability. A third example is the use of EW weapons such as HPM devices and EMP bombs to electronically target enemy computer servers.

We are lagging behind in RMA unless we make a similar doctrinal transition. The Chinese already look at EW and cyberwarfare as two things meant to be performed in unison.
@ezsasa Requesting couple of actions for streamlining threads on cybersecurity.
Requesting merger of the following thread into this one: https://defenceforumindia.com/threads/indian-military-stepping-up-cyber-security.80657/
Also requesting that the following thread be renamed from "Indian Cyber Warfare Capability Discussions and Infosec News" to "Indian Civilian Cybersecurity: Discussions and Infosec news" so that we have two separate threads: This one for Defence Cyber Agency and the other one for Civilian Cybersecurity.
https://defenceforumindia.com/threa...apability-discussions-and-infosec-news.82030/
.


This makes it look like the immediate thrust is on Defensive capabilities, rather than offensive ones. Its clear we lag behind. Anyways, whenever we get around to it, what Offensive Cybersecurity capabilities should we be targeting? IT Gurus on this forum please enlighten us.

@Arkanoid brings up an interesting point. In my opinion, Cyberwarfare would be closely connected to Electronic Warfare as well. The Americans are already including Cyber attack capabilities to target Integrated Air Defence Systems (like Indian Air Force's IACCS) into the USAF's Next Generation Jammer. I still don't understand which mechanisms would allow a signal fed by jammer to enemy radar to act as a vector for a cyberattack, but they are already working on it, which means the Chinese are too. Another capability focus, I imagine, would be on developing means to hack SDR networks and get into communications. If they hack the IFF, it would be disastrous. Meanwhile we are still focused on Defence it seems: CERTs, firewalls, penetration testing, network redundancy, security audits, best practice awareness, etc seems to be the focus for now. Whenever we get around to building our Military CyberAttack muscle, which capabilities should we focus on?
Recently on PM's directive, CDS has started working on a new Non-Contact Warfare Doctrine. It entails Information Warfare, Psychological Warfare and Cyberwarfare. Objective is to intimidate adversary through use of non-Contact warfare. Hopefully it details Cyber Attack capabilities the Armed Forces want so that Private Sector, DRDO, C-DAC, etc can start working on those today so that by the time Armed Forces are done forming their Cyber Defences, they have offerings of Cyber Attack systems.
.
That Cyberwarfare is closely linked with Electronic Warfare is clear when we look at PLA's Strategic Support Force (PLASSF). In PLASSF, there is more compartmentalization between tactical and strategic intelligence ops than there is between Cyber and Electronic capabilities. PLA has "Electronic and Network Warfare" groups at Army brigade level and is well integrated into the Operational planning process insomuch that PLA commanders might rely on these capabilities more than they would on Physical attacks. Network warfare is PLA-speak for Cyberwarfare. Their doctrine calls for two different types of Cyber attacks: 1.) Degrade enemy Network, 2.) Concealed attack to affect enemy decision making to make it maneuver its tactical forces into a trap laid by PLA's tactical forces. Even in Brigade level reconnaissance, they have in addition to traditional methods like recce by fire, by attack, etc: Recce by electronic or digital search.
.
PLA's entire doctrine is to avoid enemy's strong points and attack its weak ones. Which may be why they avoided kinetic warfare with India. I don't know how capable their systems are and doctrinally, I do think they are overemphasizing the focus on "breaking enemy morale" and attacking Networks rather than Physically attacking field formations to defeat enemy. And I think that they are doing this because PLA is a more centralized military and it knows that Network warfare and psychological warfare would be very effective against PLA, so it thinks that it would be very effective against enemy Armed Forces as well. They might not understand that it would be more effective on PLA than against Indian Army, for example. Which is exactly why India should cease the initiative and use its traditional strength in the field along with Cyber and Electronic warfare capabilities to achieve maximum efficiency against the PLA.
.
In that respect, the new non-Contact Warfare doctrine is timely and targets the right spot: Intimidating the enemy. Will also allow us to counter Pakistan's proxy warfare to some extent by giving us non-kinetic options for terror attacks smaller than the ones which necessitated our response in Balakote and Uri.
as far as i know, we already atleast have an electronic warfare unit in "almost" "every" different "agencies" & military.
 

Okabe Rintarou

Senior Member
Joined
Apr 23, 2018
Messages
2,337
Likes
11,986
Country flag
as far as i know, we already atleast have an electronic warfare unit in "almost" "every" different "agencies" & military.
Yeah. Signals handles integrated EW systems in Army. But like I said, we need to look at Cyberwarfare in conjunction with EW and do it in a tri-services joint effort. And this could be where we see some nervousness: Army Corps of Signals might not like this new arrangement. Same stupid turf wars might cause us to lag behind again. I already remember the turf wars between Signals and Director General Information Systems that led to the repeated delays of Command Information & Decision Support System (CIDSS) and Army Strategic Operational Information Dissemination System (ASTROIDS).
 

hawwk

Tihar Jail
Banned
Joined
Jun 20, 2021
Messages
680
Likes
3,264
Country flag
Do you have a better res image?
if i had a better res image, i would already be looking into my kali machine. since there are hundreds of auxiliary scanners and exploits.... this would take a lot of time, i'm still figuring it out.
 

DownWithCCP

Senior Member
Joined
Jul 22, 2020
Messages
2,036
Likes
8,726
Country flag
if i had a better res image, i would already be looking into my kali machine. since there are hundreds of auxiliary scanners and exploits.... this would take a lot of time, i'm still figuring it out.
ye lol makes sense
 

Global Defence

New threads

Articles

Top