For a long time, Indian cyber investigators and researchers were disregarded by the global intelligence community and the western media despite India’s prowess in advanced cyber abilities and a massive talent pool.
However, in the past decade, India’s growing rivalry with China and Pakistan has witnessed the emergence and involvement of patriotic non-state actors wanting to help their country compete with hostile neighbours. Ethics has become secondary to them. Money is inconsequential. Securing the national interest is the only goal for them.
Generally, many Indian cyber professionals earn millions protecting national and foreign corporations and global tech giants from cyber-attacks. Tech wizards like Anand Prakash reported over 90 bugs to Facebook alone, with many more to Twitter, Google, Dropbox, Adobe, eBay, Paypal and others.
But that does not interest the western media, which gives it minimal coverage. Of late, “negative journalism” sells and media houses, particularly foreign, tend to perceive India only through the lens of rape, poverty, caste, cows, rising Hindu nationalism, and now, cybercrime.
Using denigrating terms like “hack-for-hire” to describe the Indian cyber investigation community reeks of double standards, largely ignoring such incidents in their own backyard. Could it also be an attempt to weaken India’s cyber apparatus? Is it all a big lie? This imbalance has led to conflict of opinion between the truth about India and the international media’s image of it.
Foreign correspondents do valuable work, but in the newspaper business, you sell stories and to do that, you have to peddle a “certain” narrative. It seems they feel that a narrative of outrage is a bestseller.
For instances, rape stories, communal scuffle, incidents of cyber investigation, or crime, can make into international dailies or prestigious international news agencies like Reuters or AFP. Similarly recently Indian or Indian-ethnicity-run global training institutes have also been in focus, especially Appin, Koenig Solutions and CEH.
Koenig’s claim to fame includes training Snowden among other ethical hackers. To my knowledge, Appin’s case is an interesting one. Appin knowledge solutions ran between 2004 and 2013 and is survived by a large number of franchisee training centres, which continue to operate long after the parent company closed its training business.
Founded by six friends from the Indian Institute of Technology (IIT) and Delhi College of Engineering (DCE), the company was ranked among the top five training institutes in India, along with NIIT and Aptech, and focused on training in niche technology like cyber security, robotics, programming with advanced net, among others.
In its heyday, it had over 140 training centres in India and Africa, over 600 employees, and it received recognition from then President of India Dr APJ Abdul Kalam for training the youth. Research shows its alumni are placed in various government bodies, Indian conglomerates and MNCs.
A search on India’s number one job portal with Appin as keyword revealed over 2,30,000 job-seekers who were trained at Appin. After the closure of the company in 2013, the founders moved on and went on to found companies of their own. Its senior management, which comprised several Indian defence officers and former senior employees of MNCs like Honda and American Express also established their own companies.
However, Appin has been in the news recently for the wrong reasons. An ongoing case in Europe, now popularly known as the Azima vs Dechert case, highlighted the role of three alleged Indian hackers working for either side. All of them are former Appin students.
A British wire agency has been found to be carrying out an investigation on a story for which a few of their reporters signed into a job portal as recruiters to gather data and information, a clear violation of policy for any portal, sources informed on condition of anonymity. After collecting the data, they started reaching out to former Appin students through calls and messages at odd hours, sometimes even enticing them with rewards. The association, representing Appin training institutes, upon receiving complaints of harassment and disturbance, has reportedly filed complaints with several press associations, and even law enforcement agencies.
The British and the Swiss media, the two centres of private corporate intelligence, have also conducted operations to show the dark side of Indian private industry. More often than not, their lack of understanding of the Eastern world makes their research conflicting and unjust. A story around the Indian hacker community published recently by a British media outlet highlighted how two journalists, posing as ex-MI6 investigators, approached a couple of fairly unknown hackers seeking their services.
Obviously, they were attempting to extract information. It’s almost funny how an assessment of India as a whole is based on some fascinating bytes and mysterious stories told by hackers looking to make money in dollars inside fancy lobbies and hotel rooms.
Without getting into details, in an article in the Swiss media, a journalist filed a story merely on the testimony of an individual whom the article itself refers to as a spin doctor, who was allegedly involved in helping a key suspect of the Union Carbide Bhopal gas tragedy flee India.
The word hacker in western media represents a hoody-wearing figure, a dark-web criminal. Some may very well be plying their trade in the most unethical of manners, but generally speaking, Indian cyber experts haven’t been found to be involved in hacking western corporations, governments and banks. They haven’t yet been found to be involved in extortion and ransom rackets. The private hacking industry in India sees itself as digital Sherlock Holmes. Their clients are generally western journalists, ex-police officers and lawyers, who work on extortion cases, corporate frauds, murder and other related cases.
While it’s important to name such people who break laws, it’s even more crucial to put a bigger lens on the rich and the powerful who commission such cyber activities by employing cyber talent from countries like India. With so much talent to pick from, it is the demand for such cyber activities that needs to be looked into seriously.
Some NGOs have also started noticing this trend and are working in this direction. India is currently considered to have a less mature cyber warfare armoury and capability than the “Big Six” — China, North Korea, Russia, Israel, the UK, and the US — but this may change over time since its capability is growing.
India’s New Education Policy (NEP) will likely make India more powerful than China and the US in terms of gaining the capacity to generate world-class IT human resources.
Prime Minister Narendra Modi wants to start coding for kids from Class six. While his aim is to help India achieve progress through innovation and skill development, he would know that quite a few would stray and enter a domain that will always remain dark and mysterious.
(The writer is Special Correspondent, The Pioneer, New Delhi)