Evolutionary or revolutionary — Visualising the digital battlefield

NOW that Operation Sindoor has been paused, there will be debates on the lessons learned from the short yet sharp encounter and how a future conflict involving the two neighbours could play out. In this context, I came across a paper by Pavithran Rajan titled ‘Visualising the AI Battlefield — A Realist Perspective’. Rajan is a former intelligence officer of the Indian Army who writes and lectures extensively on information warfare and technology.

Advertisement

Rajan outlines a futuristic scenario in which the Pakistan Army responds to an Indian airstrike on terrorist camps with a ground offensive towards Amritsar. The physical assault is accompanied by a coordinated cyberattack that targets India’s digital infrastructure. With full backing from China, the operation leverages pre-planted vulnerabilities in Chinese-manufactured devices across India.

Thousands of smartphones explode in the hands of civilians and military personnel. Electric vehicles, remotely controlled through previously installed backdoors, crash into military targets. Accompanying the Pakistani soldiers are swarms of drones with facial recognition software to hunt down high-value individuals.

Simultaneously, India’s Information and Communication Technology backbone, seeded with Chinese hardware and software, begins to destabilise. Backdoors embedded in routers, switches and servers allow Chinese cyber warriors to selectively shut down communication networks, power stations, water treatment plants and transportation systems.

Not all Chinese devices in India are weaponised; only 5 per cent are carefully selected to maximise the impact, with some Western devices also becoming victims of supply chain poisoning. This is a two-front war for India involving Pakistan and China but unfolding in ways that Indian planners did not visualise.

Is such a war realistic or in the realm of science fiction? To answer that, we must examine two critical questions: Do such technologies already exist, and can they be weaponised at the scale envisioned in the scenario?

Looking first at the current state of technology. Can smartphones be made to explode? There are known examples of malware, such as BadPower, that work by tricking the adapter into sending more electricity to the phone than it can handle, which, over time, will melt the internal components and start a fire.

Modern lithium-ion batteries of phones have built-in protection circuits that monitor temperature, voltage and current. If dangerous conditions are detected, these circuits disconnect the battery to prevent catastrophic failure. However, the equipment manufacturer can modify the battery management system to deactivate some of its safety features if pressured by the country of its origin.

E-vehicles are essentially “computers on wheels” and vulnerable to hacking. Of late, cybersecurity researchers have repeatedly demonstrated their ability to remotely compromise e-cars, including critical functions like steering and braking, through software vulnerabilities.

A famous example is the 2015 Jeep Cherokee hack, where researchers Charlie Miller and Chris Valasek remotely disabled the Jeep’s transmission and brakes while a Wired reporter was driving on the highway. In another case, a Tencent Keen Security Lab team took remote control of a Tesla Model S from 12 miles away, manipulating its door locks, dashboard and brakes.

Cyberattacks are also increasingly targeting e-vehicle charging stations, and there is credible concern that these stations could be used as a vector to spread malware to hundreds of cars.

Drones with facial recognition software are already a reality. In 2023, the US Department of Defense awarded a contract to develop drones that use machine learning and facial recognition to identify human targets for special operations forces. China is the leader in facial recognition technology and a dominant force in drone technology. There is no doubt that the two technologies have been combined for military purposes.

Experts have long warned that when a foreign adversary’s equipment is embedded within national infrastructure, it may carry hidden “kill switches” capable of disabling critical systems. Like other countries, India has heavily relied on cost-effective Chinese-made routers, switches and industrial control systems to build its cellular networks and power grid, thereby creating a potential vulnerability.

In April 2022, US cybersecurity firm Recorded Future revealed that Chinese state-sponsored hackers had targeted India’s power grids in Ladakh. In October 2020, malware deployed by Chinese group RedEcho caused a power outage in Mumbai, which halted trains, shut down stock markets and hit hospitals for 10 to 12 hours.

So, can these technologies be weaponised at scale to unleash mass destruction and disruption? Orchestrating a multi-pronged cyberassault synchronised with a conventional military offensive would demand an extraordinary level of operational sophistication. It implies that well before the conflict turned kinetic, the adversary would have infiltrated supply chains, weaponised key systems, mapped targets and deployed AI to minimise the need for human control.

This degree of sophistication is far beyond the reach of private hacking groups but well within the grasp of state actors like China, whose cyber capabilities are both advanced and expansive. It is not a question of if such planning is underway but how far along it already is.

In February 2024, then FBI Director Christopher Wray confirmed that China has “offensive weapons within our critical infrastructure poised to attack whenever Beijing decides the time is right.” Then, US federal agencies warned that Chinese hackers have, at times, “secretly” hidden in US infrastructure for up to five years, ready to conduct a disruptive or destructive cyberattack. It would be naïve to assume that India’s critical infrastructure is not already the target of silent infiltration and strategic compromise.

The conflict scenario described in ‘The AI Battlefield’ could appear exaggerated, but it lies uncomfortably close to reality. It also challenges Clausewitz’s classical ontology of war -- where combat once played out on defined battlefields, it now unfolds through invisible networks of code and compromised infrastructure. Preparing for such a war will require not only military readiness but also a national response, which includes rigorous supply chain vetting, the phased removal of foreign hardware from critical systems and investment in indigenous technologies.

Lt Gen DS Hooda (retd) is former Northern Army Commander.