While studying at Cambridge University, Kim Philby (b.1912) was convinced by Soviet Intelligence Officers that communism was better than capitalism.  Kim Philby later joined the British Secret Intelligence Service (MI6), rapidly climbed the ranks and eventually became Head of the Section dealing with the Soviet Union. Throughout his career, he passed crucial information to the KGB. In 1951, suspicion arose when two other “Cambridge Five” members, Donald Maclean and Guy Burgess, defected to the Soviet Union.  Although Kim Philby was investigated, he avoided exposure due to his powerful connections. However, in 1963, mounting evidence led to his defection to the Soviet Union, where he stayed until he died in 1988.  His story remains one of the most striking examples of subversion and espionage.

Subversion refers to adversaries’ efforts to undermine a country’s individuals, institutions, and groups. It typically affects the state’s power, authority, stability, or sovereignty through various means. While cases of subversion can involve political, social, and economic elements, they often include actions linked to espionage, terrorism, insurgency, the spread of disinformation, etc.

Typically, terrorists and insurgents employ a double-edged sword with subversion forming one edge and armed struggle the other. Subversion involves establishing front groups and penetrating and manipulating existing political structures, infiltrating security forces and other institutions of the state. Subversive groups also work through existing organisations, which provide legitimacy and attract international support.  They also establish supposedly independent organisations that are created and controlled by others. By penetrating state institutions, subversive groups try to obtain information about government capabilities, intentions and weaknesses to help them plan false information. These groups also try to infiltrate academia and create their business empires.

In India, subversion has taken many forms over the past centuries, from ideological influence to manipulation of historical narratives and social/political movements. The routes of subversion can be traced back to British rule, which continued even after independence, and was heavily influenced by internal and external actors.

The British accentuated differences between different communities, regions, and religions. British historians like Lord Macaulay distorted the image of India by denigrating Indian heritage, education, and culture. He projected Indians as “uncivilised,” leading to a loss of self-confidence in Indian society. Post-Independence, one of the most significant influences was Marxist ideology in education and the intelligentsia.

Yuri Bezmenov worked in the Soviet Embassy in India in the late 60s. After he defected to the US in 1985, in an interview with an American filmmaker, he disclosed that he was assigned the task of suborning Indians. Huge funds, manpower, and time were used in this effort. He disclosed that it would take 15 to 20 years to demoralise a nation, as ideology takes that much time to take root. Publishers, journalists, writers, editors, actors, teachers, professors and Members of Parliament were identified for this purpose. Even in the film-making, poverty was shown as a virtue to promote socialism and Marxism. The Naxalite movement was an offshoot of such an ideological subversion. Marxist historians like Romila Thaper and Bipan Chandra downplayed India’s culture and heritage and glorified foreign influences. Mughals were shown as secular, and the British as making India “civilised”.  Meanwhile, religious subversion by way of showing Hinduism full of caste discrimination led to the promotion of conversion and sectarian divisions under the guise of “social service and education”.

Other key aspects of subversion in India, besides Left-Wing Extremism, include separatist movements in Jammu & Kashmir (backed by Pakistan) and in the North East. Other subversive fronts include religious extremist Islamist groups like the Indian Mujahideen and LeT affiliates wanting to destabilise society through violence.

Western NGOs and think tanks have also been found to fund anti-India propaganda under the guise of “human rights.” Foreign entities and their supported think tanks have financed protests like the anti-CAA and Farm Laws agitation. They attempt to exploit caste, religious, and ethnic fault lines to create unrest.  They misuse the judiciary, media, and bureaucracy to stall governance through frivolous PILs, biased reporting, and infiltration in educational institutions to radicalise youth, among other tactics.

Some Western think tanks, like the Open Society Foundation, have a geopolitical agenda that indirectly seeks to shape policies in India. These think tanks also engage in narrative building through “reports” and policy papers, often exaggerating or fabricating human rights violations in Kashmir, Punjab, or the North East to justify foreign intervention. Some of these think tanks have hosted pro-Khalistan and pro-Kashmir independence voices under the guise of academic freedom. They also amplify disinformation. Research papers and conferences can sometimes be used to legitimise biased claims (for example, portraying India as an authoritarian state) that align with foreign interests. Certain think tanks promote policies favouring foreign deals, climate regulations, or trade terms that may not align with India’s strategic autonomy. They also attempt to influence bureaucrats and politicians by offering fellowships, consulting roles, or sponsored trips.

On the other hand, both China and Pakistan are involved in promoting, sheltering, and funding insurgent groups in the Northeast. Insurgencies in the North East have resulted from the influence on young minds against the democratically elected governments. Both internal and external factors have played a role in this subversion.  In a recent case, a U.S. scholar tried to portray the insurgency in the Northeast as the Indo-Assam, Indo-Nagaland, Indo-Mizoram, and Indo-Manipur Wars. The minds of children are subverted in madrasas in Pakistan to convert them into human bombs.

Right from 1953 when the elected Prime Minister Mossadegh in Iran was overthrown under CIA’s operations TPAJAX by instigating a public revolt to regime change in Bangladesh, subversion is being used to malign existing systems by way of mis-information, creating activist groups blaming governments for acts of violence, discrediting the policies of the govt., using judiciary to launch false cases etc.

Recent revelations indicate that USAID allegedly provided the New York-based East-West Management Institute (EWMI) with US$270 million over 15 years, with another US$90 million in the pipeline, to engineer political outcomes in several countries, including India and Bangladesh. Among EWMI’s partners in the US was billionaire of Hungarian origin George Soros’s Open Society Foundations (OSF).

Bangladesh’s former Prime Minister, Sheikh Hasina who was overthrown on 5 August 2024, has accused Washington of undermining her government through an extensive web of influence operations, allegedly in retaliation for her refusal to cede control of Saint Martin’s Island, in the Bay of Bengal to the US which was planning to set up an airbase there to control China.

However, currently, the primary threat is from the cyber world. Cyber operations provide strategic gains without going to war. Due to the scale of communication networks, particularly the vast audiences of social media platforms, cyber operations affect public opinion on an unprecedented scale. Allegations of election meddling targeting the 2016 US Presidential election attributed to Russia provide a contemporary example of such cyber manipulation operations.

Similar efforts by vested interests are made in India when electronic voting machines (EVMs) are repeatedly challenged. These campaigns aim to exploit social media networks to secretly manipulate voter preferences towards the party of their choice. There is also evidence showing that Cyber operations can affect critical infrastructure, causing economic disruption and achieving a temporary institutional shutdown, affecting the functioning of the government.

Threats to India

India remains under constant threat of subversion by inimical groups, both internal and external. Whether it is the so-called Khalistan movement, agitation by farmers, or protests against building dams, nuclear power plants, or mining for critical minerals, so-called NGOS and think tanks take up their causes to “safeguard heritage, cultural values and environmental protection.”

Action Required/Taken

Misinformation, disinformation, and hate speeches spread through social media try to lead to violence, exacerbating divisions and conflicts and affecting the integrity of the nation. A balance between free speech and safety and security is required. Social media platforms need to be held accountable for their posts. The human and technology resources deployed by these platforms should be asked to work towards proactively removing malware content.  The national digital ecosystem requires robust fact-checking, verification, and validation.  AI should be used to trace malware content.

Meanwhile, the government has already taken steps to monitor foreign funding by NGOs and think tanks under the FCRA. The National Investigation Agency (NIA) and the Enforcement Directorate (ED) have launched investigations into suspicious funding patterns against organisations like Oxfam.

Agencies have also been tasked with tracking foreign-funded research influencing Indian policies. The government also regularly issues statements contradicting biased reports from misleading think tank publications. Indigenous think tanks like the India Foundation, which provide the correct perspective, are doing a great job in this connection.

The government has also implemented the Unlawful Activities Prevention Act, banning terrorist and separatist organisations. The government regularly supports the FATF to put pressure on Pakistan to curb terror financing. Military crackdown in Kashmir in the aftermath of the post-Article 370 abrogation and anti-Naxalite operations have yielded promising results. Due to data security concerns, Chinese apps like TikTok and WeChat have been banned. Indian Cyber Coordination Centres have been created to counter online threats.

Digital is an extension of the geopolitical battlefield, and ignoring social media’s weaponisation can have serious economic and security consequences. Concerted efforts need to continue through social media to curb radicalisation and the spread of extremist ideologies.

Subversion remains a persistent threat to India’s sovereignty, requiring a mix of intelligence, military, legal and social/economic strategies. A continuous effort is needed to protect the national interest.

 

Author Brief Bio: Shri Avadhesh Mathur retired as Secretary in the Prime Minister’s Office in the year 2012. He also served in United Nations as Head of the UN Mission in North Korean (2012-2014). Currently, he is a Member of the National Security Advisory Board. During the span of almost 49 years, Shri Mathur has been closely involved in national security issues, political analysis and negotiation, conflict resolution, security sector development and strategic communication in bilateral and multilateral settings. Shri Mathur belongs to Indian Police Service (1975 batch) and has served in Indian Embassies in Belgium and Pakistan. He has been awarded medals by the President and Prime Minister of India

 

 

Since gaining independence in 1947, India has been a major destination for individuals fleeing persecution, poverty, and political instability from neighbouring countries. India’s geostrategic location, democratic ethos, and relatively strong economic condition have attracted waves of migrants and refugees from regions such as Tibet, Afghanistan, Sri Lanka, Myanmar, Pakistan, and particularly Bangladesh.

 

While some of these movements are rooted in humanitarian crises, others are driven by economic motives. The challenge lies in the lack of a structured legal framework that differentiates between genuine asylum seekers and illegal economic migrants. This legal vacuum, combined with porous borders and inconsistent enforcement, has made illegal immigration a persistent and growing problem with profound implications for India’s national security, social fabric, and economic resources.

 

The Nature and Scale of the Problem

 

India’s experience with immigration is complex. Refugees from Pakistan, Tibet, Afghanistan, and Sri Lanka have been handled with a mix of compassion and pragmatism, albeit in an ad hoc manner through executive orders. However, the influx from Bangladesh and Myanmar, both in terms of scale and impact, has largely remained unaddressed. Illegal immigration from Bangladesh has been a decades-long issue. India shares a 4,096-kilometre border with Bangladesh across five states—West Bengal, Assam, Meghalaya, Tripura, and Mizoram. This porous and often poorly managed border facilitates large-scale illegal crossings. Factors such as poverty, political instability, and religious persecution have driven millions to cross into India in search of safety and opportunity.

 

Though accurate data is hard to come by, estimates suggest that around 20 million illegal Bangladeshi immigrants- a figure quoted by the then Minister of State (Home) Kiran Rijiju in Parliament in 2016- may be residing in India. These individuals are often absorbed into informal labour sectors in cities, but their sheer numbers have led to noticeable demographic changes, especially in border states. A substantial number of these illegal Bangladeshi immigrants are non-Muslims who would eventually receive Indian citizenship under the provisions of the Citizenship (Amendment) Act, 2019. Their number is difficult to estimate but is certainly significant. The National Registration of Citizens (NRC) report released in Assam on August 31, 2019, in compliance with the 1985 Assam Accord, has identified over 19 lakhs illegal immigrants in Assam, of which around seven lakhs are Muslims and the rest are non-Muslims.

 

The Rohingya crisis in Myanmar presents another dimension. As a stateless Muslim minority persecuted in Myanmar’s Rakhine state, many Rohingyas have fled to India, often transiting through Bangladesh. The then Minister of State (Home) Kiran Rijiju informed the Rajya Sabha in August 2017 that the illegal Rohingya population in India exceeded 40,000. It is estimated that approximately 75,000 illegal Rohingya immigrants are currently living in India, with around 22,000 of them registered as refugees with the United Nations High Commissioner for Refugees (UNHCR) office in New Delhi.

 

The movement of Rohingyas into sensitive areas like Jammu and Kashmir raises significant security concerns. Moreover, the potential for their radicalisation exists, especially since global terror outfits like ISIS and Al-Qaeda have expressed interest in exploiting their plight. Given that most Rohingyas have arrived via Bangladesh, India is not their first country of refuge; thus, it may not have any international legal obligation to host them as refugees.

 

Socio-Economic and Demographic Impacts

 

Illegal immigration places a multi-layered burden on India’s resources, economy, and society. These include: –

• Demographic Shifts: States like Assam, West Bengal, and Tripura have experienced significant demographic changes due to the influx, fueling local discontent and identity-based politics. The fear of cultural dilution has sparked widespread agitation, including the Assam Movement, which culminated in the Assam Accord of 1985 that has yet to be fully implemented.
• Strain on Public Services: Unauthorised immigrants, often living in poverty, place considerable pressure on public services such as healthcare, education, housing, and sanitation. In urban areas, they frequently reside in overcrowded slums, resulting in unsanitary conditions and heightened risks of communicable diseases.
• Labour Market Distortion: Illegal migrants willing to work for lower wages suppress income levels in labour-intensive sectors such as construction and agriculture. This displaces local workers and disrupts wage structures.
• Land Encroachment and Rural Unrest: Illegal settlers encroaching on agricultural and forest lands have sparked conflicts with local populations, especially in the Northeast. These disputes have exacerbated agrarian distress and fueled social unrest.
• Overburdening of Welfare Schemes: Without a robust identification system, illegal migrants can sometimes access welfare schemes intended for Indian citizens, thereby diluting the intended benefits of these schemes for Indian citizens.

 

National Security Challenges

 

The unchecked influx of illegal migrants also poses serious security concerns:

• Terror Links and Radicalisation: There is increasing concern that extremist groups may exploit migrant communities, particularly vulnerable populations like the Rohingya, for recruitment and indoctrination.
• Border Security and Infiltration: India’s eastern border is exploited not just for illegal migration but also for smuggling, human trafficking, and cross-border criminal activity.
• Communal Tensions: The presence of a significant number of illegal immigrants has at times led to ethnic and religious friction, as observed in Assam and parts of Tripura and West Bengal. These tensions are sometimes exacerbated by political mobilisation and misinformation, and they are also vulnerable to exploitation by India’s adversaries.
• Political Exploitation: The issue of illegal immigration often becomes politicised. Vote bank politics has, at times, hindered effective policy responses, with some political parties hesitant to act decisively against illegal immigrants due to electoral considerations.

 

Legal Provisions

 

India is not a signatory to the 1951 UN Refugee Convention or its 1967 Protocol and has not developed any national refugee laws. As a result, the country lacks a formal mechanism to differentiate between refugees fleeing persecution and economic migrants seeking better livelihoods.

 

The legal tools that are currently available to address the problem include:

1. The immigration and Foreigners Act, 2025, grants the government the authority to detain and deport illegal immigrants, but does not distinguish between refugees and illegal immigrants.
2. Citizenship Act, 1955: Defines pathways to Indian citizenship but lacks clarity regarding refugee-related provisions.
3. Citizenship (Amendment) Act (CAA), 2003: This Act introduced a new section (Section 14A) in the Indian Citizenship Act, 1955, which mandates the compulsory registration of all Indian citizens, the issuance of National Identity Cards (NID), and the maintenance of a National Register of Indian Citizens (NRC). However, no progress has been made in this regard so far.
4. Citizenship (Amendment) Act (CAA), 2019: It offers a path to citizenship for persecuted religious minorities from three Islamic countries: Pakistan, Bangladesh, and Afghanistan, who have sought refuge in India. Action has been initiated to grant citizenship to such individuals who arrived in India until 2014. The process needs to be expedited, and those who have completed five years of residence in India should also be included in the process.

 

Addressing the Challenge: Recommendations and Way Forward

 

India needs a comprehensive and multi-pronged strategy to address the complex issue of illegal immigration, which should balance humanitarian concerns with national security imperatives and social harmony. It should include:

 

1. Strengthening Border Management

• Complete and Modernise Border Fencing: Using modern materials and technology, strengthen fencing along the Indo-Bangladesh border.
• Smart Surveillance: Use drones, motion sensors, AI-based facial recognition, and satellite imagery to monitor illegal crossings.
• Community Engagement: Involve local communities in reporting and preventing illegal crossings through awareness and incentive programmes.
• Improved Infrastructure and Patrols: Build all-weather roads along the border and increase the Border Security Force (BSF) presence in vulnerable regions along the Indo-Bangladesh border.

 

2. Enacting a National Refugee Law

 

India needs a national refugee law to legally distinguish between refugees and illegal immigrants. These two categories need to be dealt with differently. While the provisions of the Immigration and Foreigners Act, 2025 would apply in the case of illegal immigrants, the proposed refugee law should define the rights of refugees and outline procedures for their identification, registration, protection, and eventual repatriation or third-country settlement. However, in enacting such a law, India must protect its national interests and should, inter alia, include the following provisions in the proposed law: –

• Anyone who may otherwise be eligible for refugee status under this law will not be considered for such status if India is not the first country of refuge.
• Legal or illegal immigrants seeking refugee status in India must apply at designated locations within a specified period (say 3 months) of the enactment of such a law or within a specified period (say 3 months) of their entry into India, whichever is later. Failure to do so will render the individual ineligible for refugee status.
• The above provisions will not apply to immigrants for whom specific provisions for granting refugee status or citizenship exist, including those covered under the Citizenship (Amendment) Act, 2019.

 

3. Maintaining Biometric Records of Illegal Immigrants/ Refugees

 

Biometric records of all illegal immigrants, including asylum seekers, should be maintained to prevent them from fraudulently obtaining any other identity documents, such as Aadhar Cards or Voting Cards. Pending their deportation or the grant of Indian citizenship, they may be given temporary biometric residence permits. There should also be some restrictions on their movements, and sensitive areas, as declared by the government from time to time, as well as districts adjacent to India’s land borders, should be kept out of bounds for them. In cases involving Rohingya immigrants from Myanmar, India should ask the UNHCR to provide the list of Rohingyas registered with them, along with their biometric details.

 

4. Issuing National Identity Cards to Indian Citizens

 

In South Asia, all countries except India either have biometric national identity cards for their citizens or are in the process of implementing this initiative. Sri Lanka, Pakistan, Bangladesh, and Bhutan have had a national identity card system for their citizens for a long time. Nepal also began this process in 2018, and soon all its citizens will also have national identity cards. In India, although the provision for the same exists following the addition of Section 14A in the Indian Citizenship Act, 1955, through the CAA, 2003, no progress has been made in that direction to date. Apparently, the introduction of the Aadhaar Card, which establishes an individual’s identity but not their nationality, has diminished the urgency of issuing the National Identity Card (NID).

 

Opposition to this exercise by some political parties appears to be another reason for the delay. The apprehension among certain sections that the process of providing NIDs and preparing the NRC could be used to target a particular community needs to be addressed by the government, which should also engage all stakeholders in the process.

 

For India, a major regional power, not having a record of all its citizens defies logic. Bangladesh, which shares a long porous border with India and where most of the illegal immigrants in India originate, has had a national identity card system for its citizens since 2006. Since 2016, it has replaced the paper-based laminated identity card with a biometric, microchip-embedded smart card. It is mandatory for all Bangladeshi citizens above 18 years of age to possess this identity card. As the national identity card is required for most day-to-day activities, it has become nearly impossible for illegal foreign nationals to survive in Bangladesh. Rohingya refugees in Bangladesh, who do not go to the refugee camps or choose to leave them, find it difficult to survive in the country and are likely to trickle into India. Therefore, India also needs to make extensive efforts to provide biometric NIDS to all its citizens. All public services and government benefit schemes must gradually be linked to the NID to prevent illegal immigrants from accessing those services and benefits.

 

Once all the countries in the region have biometric national identity cards for their citizens, it will be relatively easy to identify illegal immigrants from other countries and repatriate them to their country of origin.

 

5. Legal and Diplomatic Measures

 

• Bilateral Repatriation Agreements: Negotiate formal agreements with Bangladesh and Myanmar to repatriate their nationals residing illegally in the other country, following a thorough verification process.
• Regional Forums: Utilise platforms such as SAARC or BIMSTEC to enhance regional cooperation on migration issues, data sharing, and border enforcement.

 

6. International Cooperation

 

India is a major destination for refugees and economic migrants in South Asia. While it has handled these issues independently so far, the growing scale of immigration suggests that involving international organisations, particularly to address illegal immigrants from Bangladesh and Myanmar, could enhance the effectiveness of the response. Global bodies like the UNHCR and the IOM (International Organisation for Migration) can support India in managing illegal immigration. Although India has been cautious about involving the UNHCR, its experience in receiving assistance from the UNHCR for the repatriation of Sri Lankan refugees has been positive.

 

India has been part of the UNHCR’s Executive Committee since 1995 and a member of the IOM since 2008. It may consider taking a more active role there, especially as Western countries, now facing similar migration pressures, may better understand.

 

India has heavily invested in refugee welfare, particularly in the cases of Tibetan and Sri Lankan refugees. It has also committed to granting Indian citizenship to people belonging to religious minorities in three Islamic countries, namely Afghanistan, Bangladesh, and Pakistan, who have sought refuge in India due to persecution for religious reasons. This could be highlighted at the UNHCR to gain recognition as a significant donor.

 

It may also seek the UNHCR’s support in facilitating the repatriation or third-country resettlement of Rohingya from Myanmar. Similarly, the IOM could assist in the repatriation of illegal immigrants from Bangladesh. Engaging with these bodies can help India manage illegal immigration more effectively while maintaining international credibility and humanitarian principles.

 

Conclusion

 

Illegal immigration from Bangladesh and Myanmar continues to pose complex challenges for India, impacting national security, economic stability, and social cohesion. The current approach, characterised by legal ambiguity and inconsistent enforcement, has failed to address the scale of the problem.

 

India must adopt a balanced and forward-looking strategy integrating stringent border control, robust detection and verification mechanisms, humanitarian responsibility, and international cooperation. A clear legal distinction between refugees and economic immigrants and a firm policy and enforcement framework is essential.

 

With timely reforms, India can protect its national interests while continuing to uphold its humanitarian tradition. Addressing illegal immigration is not only about ensuring national security and protecting borders—it is also about maintaining social harmony, promoting economic justice, and upholding constitutional values in an increasingly interconnected region.

 

Author Brief Bio: Shri Sanjeev Tripathi is an IPS officer from the 1972 batch of the UP cadre. He served as the Secretary of the Research and Analysis Wing (R&AW) from December 2010 to December 2012.

Introduction

 

In the 21st century, the digital revolution has transformed how nations function, communicate, and compete. The rapid proliferation of digital technologies has created unprecedented opportunities for economic growth, social development, and global connectivity. India’s digital transformation has been nothing short of remarkable. With over 800 million internet users as of 2023, India is the second-largest online market globally, trailing only China. The government’s Digital India initiative, launched in 2015, has been a driving force behind this transformation, aiming to make India a digitally empowered society and knowledge economy. The initiative has focused on three key areas: digital infrastructure as a utility for every citizen, governance and services on demand, and the digital empowerment of citizens. The rapid adoption of digital technologies has profoundly impacted various sectors of the Indian economy. E-commerce, fintech, telemedicine, and online education have experienced exponential growth, particularly during the COVID-19 pandemic, accelerating the shift toward digital platforms. The Unified Payments Interface (UPI), a real-time payment system developed by the National Payments Corporation of India (NPCI), has revolutionised digital payments, making India a global leader in this space.

 

However, it has also introduced new vulnerabilities and threats, particularly in cybersecurity. The stakes are particularly high for India, a country with a burgeoning digital economy and a rapidly expanding internet user base. As India continues integrating digital technologies into every facet of its society, the need to fortify its digital frontier and protect its cyber interests has never been more urgent. India faces multifaceted challenges in the cyber domain; given the strategic importance of cybersecurity for national security and economic prosperity, it must take immediate measures to safeguard its digital infrastructure and interests.

 

An alarming 83 per cent of Indian organisations reported experiencing cybersecurity incidents in 2023.^[i] The trend continues in 2025, and according to the National Cyber Reporting Platform (NCRP), there has been a massive surge of cyber criminals cheating people out of Rs 33,165 crore in the last four years, with several Tier 2 and 3 cities identified as hotspots for cybercrime.^[ii] Today’s threat landscape is highly complex due to the millions of users and IoT devices connecting to enterprise networks, cloud applications, and data centres at a massive scale. Threats now extend beyond ransomware, distributed denial of service (DDoS), and phishing to include credential stuffing, supply chain attacks, social engineering, and cryptojacking.^[iii]

 

Extended use of artificial intelligence (AI) and the widespread availability of generative AI enable more sophisticated attacks, often exploiting older system vulnerabilities. Incidents of critical infrastructure being targeted by AI-synthesised malware have also been recorded in India, and the cumulative loss from cyber thefts and cybersecurity breaches has run into lakhs of crores.

 

Today, the need for a robust cybersecurity infrastructure is more evident than ever, given India’s rapidly increasing digital footprint. Many government agencies and private enterprises in India still lack the necessary resources and capabilities to address their cybersecurity issues effectively. This situation has become a grave concern and must be addressed as a priority.

 

Given the above backdrop, the essential security paradigms necessary for today’s organisations include Identity Intelligence, Network Resilience, Machine Trustworthiness, Cloud Reinforcement, and Artificial Intelligence (AI) Fortification.^[iv] These measures are critically important because in 2024, there has been a significant rise in identified malicious infrastructure intrusions.  For instance, the number of unique, validated Command and Control servers (C2 servers) doubled from 2023 to 2024, while, correspondingly, unique, validated management panels saw a 69% increase over the same period.^[v]

 

Victim identification based on the victim’s IP address has shown that they are located throughout India. While major attacks have occurred in Delhi, Mumbai, Bengaluru, Chennai, and Hyderabad, there are now victims spread across India, including places like Jamtara, Mathura, Kohima, and Srinagar.

 

Current Cybersecurity Landscape in India: An Overview

 

There has been considerable disregard for cybersecurity in India, leading to challenges in addressing the nation’s growing needs.  Consequently, the cyber threat landscape in India has reached a critical inflexion point, unprecedented in both the volume and sophistication of attacks. Over 369.01 million distinct malware detections have been recorded across 8.44 million endpoints in the past year. It is important to note that eSignature-Based Detection accounted for 85.44%, while Behaviour-Based Detection comprised only 14.56%. This highlights that most threats are identified through traditional signature-based methods, indicating ongoing vulnerabilities to more sophisticated attack vectors.^[vi]

 

Some cybersecurity experts opine that these gargantuan figures represent but the tip of the iceberg, and we need considerably more expertise in identifying new and more innovative threat methodologies. It is important to note that today, the Predominant Threat Vectors are sophisticated Trojans and infectors, marking a strategic shift from easy-to-intercept opportunistic attacks to more targeted and sophisticated campaigns, leveraging advanced APTs and circuitous exfiltration routes.

 

Experts have identified the influx of potentially unwanted programs (PUPs), potentially unwanted modifications (PUMs), and adware,^[vii] which cause severe commercial disruptions and revenue loss. PUPs are often bundled with free software, downloaded unintentionally, sideloaded through insecure sites, or distributed through deceptive advertising. While PUPs can compromise your privacy and security by tracking your online activity, they can be challenging to detect because they often disguise themselves as legitimate software or hide within other programs.^[viii]

 

Significantly, PUPs are often bundled with more dangerous PUMs that cause specific modifications to the Windows Registry, obfuscate its location, and make remediation difficult.^[ix] While many PUPs and PUMs are relatively benign, many have been used to plant Malicious malware. Cyber experts have given instances of malware such as Stuxnet, Flame, and Black Shades being implanted with PUPs and PUMs.

 

Adware is malware that displays unwanted advertisements on a user’s computer or device and works by tracking a user’s browsing habits to deliver more targeted and malicious ads. More importantly, adware enables data theft and cyber stuffing, apart from modifying browser settings to redirect users to unwanted websites and browser hijacking.  The high prevalence of adware entry points to the monetisation of mobile-based cyber threats. Many of these malware types have evolved to be sophisticated enough to bypass standard virus scans. This issue is exacerbating India’s inadequate cybersecurity capabilities.

 

Whether intentional or unintentional, insider threats pose a significant risk to organisations in India. Employees with access to sensitive information can inadvertently or deliberately compromise cybersecurity, leading to data breaches and other security incidents. The increasing trend of remote work, accelerated by the COVID-19 pandemic, has further complicated the challenge of managing insider threats. Several internal leaks from the armed forces and other security and intelligence agencies have primarily occurred due to internal fault lines.

 

On a disquieting note, India has frequently been a target of state-sponsored cyber espionage campaigns, particularly from neighbouring countries China, Pakistan, and now Bangladesh. Moreover, in an increasingly interconnected world, cyber threats can undermine national security. Cyberattacks on critical infrastructure, such as power grids, transportation systems, and financial networks, can have catastrophic consequences. For India, which shares borders with two nuclear-armed neighbours, the risk of cyber warfare is particularly acute. A successful cyberattack on India’s military or nuclear infrastructure could have devastating implications for national security, as these campaigns often aim to steal sensitive government, military, and corporate information and disrupt critical infrastructure.

 

We must urgently note that India has fewer cybersecurity initiatives compared to other prosperous nations, which requires immediate attention. Several breaches have already occurred, including Chinese state-sponsored actors attacking the power grid in 2024 and 2020, the theft of UIDAI in 2022, and the data theft from AIIMS in 2021 due to a vicious ransomware attack. Below, I would like to provide a more comprehensive description of these attacks to illustrate the vulnerabilities of our digital frontier and the urgent need to bolster our defences.

 

Attack on the Indian Power Grid

 

On March 7th, 2024, EclecticIQ, a cybersecurity firm based in Amsterdam, identified a cyber threat actor that utilised a modified version of the open-source information stealer HackBrowserData^[x] to target Indian government entities in the energy and defence sectors. The hackers delivered the malware using a phishing email, camouflaged as an invitation letter from the Indian Air Force. The attacker utilised Slack channels to upload confidential internal documents, private email messages, and cached web browser data after the malware’s execution. EclecticIQ analysts monikered the intrusion “Operation Flight Night” because each of the attacker’s operated Slack channels was named Flight Night.

 

Deeper analysis showed that multiple government entities in India had been targeted, including MeitY and the Air Force, in addition to private Indian energy companies. The phishing activity compromised financial documents, employees’ personal details, and information about drilling activities in oil and gas. The threat actor had used a PDF that appeared to be an invitation from the Indian Air Force, delivered within an ISO image file, which is commonly used to distribute software and operating systems. This format allows users to easily duplicate or install software without physical media.

 

In total, the threat actor exfiltrated 8,81 GB of data, which could significantly aid further intrusions into various entities of the Indian government, including critical ones. The incident seemed to be a case of sophisticated cyber espionage, and the diagram below, sourced from EclecticIQ, provides an indication of the possible penetration achieved by the espionage activity. The letter purported to have come from the IAF is also shown below.

 

The episode demonstrated how easily phishing activity can be conducted and the vigilance required to prevent it. It further illustrated that open-source software like Operation Flight Night and Go Stealer, along with Slack servers, can be easily modified for data exfiltration and used for data collection, cyber stuffing, and even cryptojacking.

 

The matter for serious introspection and concern is that the 2024 power sector attacks were preceded by another attack in March 2021. Border clashes between India and China in Galwan Valley in June 2020 resulted in casualties, the first in 45 years.  While an all-out conflict was avoided through negotiations and diplomacy, China launched silent cyberattacks to create a conducive atmosphere for conducting espionage for potential disruptions. The Insikt group, the research wing of the Cyber Security concern, recorded future concern. Recorded Future, which has links with US intelligence agencies, observed numerous targeted incursions by Chinese state-sponsored agencies using the infrastructure tracked as AXIOMATICASYMPTOTE, which encompassed the Shadow Pad command and control servers to subvert India’s power sector. The Insikt group found that ten Indian power sector organisations, including several Regional Load Despatch Centres (RLDC) responsible for operating the power grid by balancing electricity supply and demand, had been identified as targets, along with two seaports.^[xi]

 

Using a combination of proactive adversary infrastructure detections, domain analysis, and Recorded Future Network Traffic Analysis, it was determined that a subset of these AXIOMATICASYMPTOTE servers share some common infrastructure tactics, techniques, and procedures (TTPs) with several previously reported Chinese state-sponsored groups, including the Advanced Persistent Threat- APT41 and Tonto Team. APT41 has been used in earlier attempts to gain unauthorised access to restricted networks to steal sensitive data rather than disrupt services, and was noted during the UIDAI data theft episode. The clear indication of Chinese involvement emerged with the exposure of another Chinese-speaking APT, Tonto Team, which has been active since at least 2013. Tonto Team primarily targets military, diplomatic, and infrastructure organisations in Asia and Eastern Europe. The group has been observed using various malware, including the Remote Access Trojan (RAT), Bisonal and ShadowPad. They employ spear-phishing emails with malicious attachments as their preferred distribution method, which were identified.^[xii]

 

The needle of suspicion was firmly pointed in the Chinese direction after the Recorded Future team found in late 2020 that the Chinese State-sponsored APT Red Echo was sponsoring attacks on Indian power grids by pre-positioning malware assets within critical infrastructure, potentially for future strategic objectives, which included Shadow Pad and Tonto team. On March 3, a State Cyber Cell probe found 14 Trojan horses in the Maharashtra State Electricity Transmission Company servers, which could radically disrupt power distribution in the state. The primary malware was identified as Red Echo and caused the massive power outage in Mumbai in October 2020.^[xiii]

 

Red Echo has a strong infrastructure and victimology intersection with Chinese groups APT41/ Barium and Tonto Team. ShadowPad is used by at least five distinct Chinese groups linked to the PLA. The Chinese fingerprints are undeniable.^[xiv]

 

The Indian Government’s assessment suggested that pre-positioning energy assets likely served as geostrategic signalling during heightened bilateral tensions and aimed to undermine confidence in the government by exposing its vulnerabilities. Unsurprisingly, Recorded Future found numerous IP addresses associated with critical Indian systems communicating with the APT for months.

 

An even more telling footprint was the use of infrastructure termed AXIOMATICASYMPTOTE to target a large swathe of India’s power sector units and ports. AXIOMATICASYMPTOTE servers were connected to Red Echo, had domains that spoofed those of Indian power sector entities configured to them, and also acted as command-and-control centres for the ShadowPad malware described earlier.

 

All twelve targeted entities have been classified as critical infrastructure by the National Critical Information Infrastructure Protection Centre (NCIIPC).^[xv]

 

Ransomware Attacks

 

Ransomware attacks have become increasingly common in India, targeting both public and private sector organisations. In November 2021, the Indian healthcare sector was struck by a series of ransomware attacks, including the attack on the All India Institute of Medical Sciences (AIIMS), which disrupted hospital operations when staff were unable to access the eHospital platform, which provides patient-centric services and compromised patient data. These attacks not only caused financial losses, as the threat actors demanded cryptocurrency through ransomware, but also highlighted the significant risk to public safety and national security.

 

The Sentinel Group, which first identified the APT, stated that it was ChamelGang (also known as Camo Fei), a suspected Chinese APT group that had targeted AIIMS. Earlier, in 2022, the Chamel Gang APT had drawn attention for targeting the Brazilian President’s office, exfiltrating information, and asking for cryptocurrency through ransomware.^[xvi]

 

The majority of the activities analysed by the Sentinel group indicated that the ChamelGang APT strategically utilised ransomware by cyber espionage actors for financial gain, or perhaps as a clever tactic for misattribution. Another motivation was that inadequate information sharing between the police, Revenue Service and Enforcement Directorates, financial intelligence units, and others could lead to insufficient risk assessment and diminished situational awareness. Ransomware is also advantageous from an operational perspective, as the data-destructive nature of this malware could collaterally disrupt systems and destroy intrusion and attribution data. In the case of a ransomware attack on critical infrastructure, the focus would be on restoring affected data and systems, providing a window of opportunity for further malicious activities.

 

The UIADI Attack

 

Chinese targeting of Indian entities has expanded into a multitude of outlets and intrusions. In 2021, the Indian media group Bennett Coleman And Co Ltd (BCCL) – “The Times Group”; the Unique Identification Authority of India (UIDAI); and the Madhya Pradesh Police Department were targeted using the Winniti malware. Of these, the most sensitive and significant was the UIDAI, the Indian government agency responsible for the national identification database- the “Aadhaar”, which contains private biometric information for over 1 billion Indian citizens. These intrusions were executed by an activity group designated TAG-28, in conjunction with another threat entity, ‘pwn000’, which posted on a breach forum that it had access to 815 million Indian Aadhaar records and put them up for sale on the dark web on October 9, 2023.

 

The Recorded Future cybersecurity group identified suspicious network traffic patterns between two Winnti malware C2 servers and infrastructure registered to BCCL from February to August 2021. Subsequently, the Insikt Group identified four IPs assigned to BCCL that were engaged in sustained and substantial network communications with the two Winnti C2 servers (185.161.209[.]87 and IP 86.107.197[.]182) and a third probable Cobalt Strike C2 at 178.157.91[.]144. Approximately 500 MB of data had been exfiltrated from the BCCL network to the malicious infrastructure. The attack was believed to be in retaliation for the Times of India’s coverage of the border tensions with China.

 

This was not a one-off act against the media. In 2013, a Chinese state-sponsored threat, APT12, compromised The New York Times. This coincided with the NYT’s reporting on Chinese leadership figures, suggesting potential differences.  It is further understood that another Chinese threat actor, APT41, has an operational scope to track individuals and conduct surveillance on media entities.

 

While investigating the infrastructure used in the BCCL compromise, Insikt identified an ongoing breach of the UIDAI, occurring between June 10 and at least July 20, 2021. During this period, two IPs registered to UIDAI were observed communicating with the same suspected Cobalt Strike C2 server used to target BCCL. This was in addition to the Winniti servers that had been identified and neutralised.

 

Madhya Pradesh Police was targeted using Winniti malware on June 1, 2021. The MPP IP, which serves a State Crime Records Bureau (SCRB) website that provides links to various web and mobile applications operated by SCRB, was targeted. Approximately 5 MB of data was exfiltrated, and the possible reason was that Madhya Pradesh Chief Minister Shivraj Singh Chouhan was critical of China after the violent border clashes with Chinese troops in the Ladakh region in June 2020, calling for the state’s residents to boycott Chinese products. It appeared that the strike on the MP police was a warning against open criticism of China.

 

Winnti malware has been used by several Chinese state-sponsored groups, including APT41/Barium and APT17, acting on behalf of China’s Ministry of State Security (MSS). These examples demonstrate the vulnerability of India’s cyber frontiers and emphasise the urgent need to secure our cyber defences and enhance our capacity to counter threats.

 

The Strategic Importance of Cybersecurity for India

 

The Indian Computer Emergency Response Team (CERT-In) has reported over 2.04 million registered cyber incidents in India in 2024, representing a significant increase from 1.39 million in 2022.^[xvii]

 

India has emerged as the second most targeted country for cyberattacks after the USA and Israel. According to dark web data, over 95 Indian entities in banking and finance, government, healthcare, pharmaceuticals, and telecommunications have been affected. The number of unreported cases is likely to be about double that figure. As reliance on digital technologies increases and attacks become more sophisticated, the government must develop and maintain efficient and proactive cybersecurity systems to prevent losses to critical infrastructure and consumers.

 

The digital economy is a key driver of India’s economic growth. According to a report by the Indian Council for Research on International Economic Relations (ICRIER), the digital economy is expected to contribute $1 trillion to India’s GDP by 2025. However, this growth depends on the security and resilience of digital infrastructure. Cyberattacks can disrupt business operations, erode consumer trust, and lead to significant financial losses. For India to realise its economic potential, it must ensure the security of its digital ecosystem.

 

Moreover, the internet has become an integral part of everyday life for millions of Indians, enabling access to information, education, healthcare, and financial services. However, the spread of misinformation, hate speech, and online harassment on digital platforms can undermine social stability. Cybersecurity measures are essential to protect individuals from online threats and ensure that the internet remains safe and inclusive.

 

Road Map for Sustainable Cyber Security

 

1. Capacity building for cybersecurity is a sine qua non for protecting our cyber frontiers. We need to establish effective systems to train a sizable workforce, which is currently in short supply.
2. We must also monitor the threat landscape to understand the tools and infrastructure tactics used for cyber terrorism, extortion, and subversion.
3. Identify state-sponsored groups. While the threats from Pakistan are easily countered due to a lack of sophistication, we must remain vigilant about a third country using Pakistani and now Bangladeshi IPs for phishing or creating deep fakes, etc.
4. Domain Name Systems (DNS) and web filtering solutions must be set up promptly to block access to known malicious domains and prevent users from accessing suspicious or harmful sites.
5. We must prevent any use of compromised infrastructure, especially in strategic and critical areas.
6. We must develop a deeper understanding of AI-powered cyber threats that leverage artificial intelligence to bypass traditional security measures and create more targeted, personalised, and automated attacks. These threats include AI-driven social engineering, phishing, malware generation, deepfakes, and data poisoning.
7. AI can also be used to automate the creation of malware and evasion techniques, and even exploit AI systems themselves, making them a significant concern for businesses and individuals.
8. We need to urgently promote Public-Private Partnerships, as there is often a lack of talent in either the PSUs or government institutions. The government should incentivise the private sector to invest in cybersecurity research and development, share threat intelligence, and participate in cybersecurity exercises and drills. This would also encourage innovation and research and development in cybersecurity issues, enabling us to stay ahead of the curve in anticipating and preventing cyberattacks.

 

To sum up, Indians are highly skilled in software development and digital usage. We need to leverage our strengths and enhance our expertise in this crucial area of cybersecurity. We need to realise that our cybersecurity is as critical as the physical guarding of our frontiers.

 

As a rising global power, India has the opportunity to play a leadership role in shaping the future of the internet and cybersecurity. By developing a robust cybersecurity framework and promoting international cooperation, India can establish itself as a responsible stakeholder in the global digital economy. This will not only enhance India’s global standing but also contribute to creating a secure and open internet for all.

 

 

Author Brief Bio: Ms. Prabha Rao is Distinguished Fellow, India Foundation. She is also the Executive Director, South Asian Institute for Strategic Affairs and Distinguished Scholar at the Institute for Defence Studies and Analyses, New Delhi. She is a former IPS officer from Karnataka cadre (1982 batch) who went on a deputation to cabinet secretariat and served in several locations abroad. She also runs an NGO — Encourage India, for skilling victims of trafficking and left-wing extremism.

 

 

References:

^[i] Sharma, S. (2024, January 20). Securing India’s Digital Future: Cybersecurity Urgency and Opportunities. Thediplomat.com. https://thediplomat.com/2024/01/securing-indias-digital-future-cybersecurity-urgency-and-opportunities/

 

^[ii] Mahender Singh Manral. (2025, February 5). Cyber frauds jump 900% in 4 years: Small cities like Deoghar, Nuh, Mathura emerge as new scam Capitals. The Indian Express. https://indianexpress.com/article/india/cybercrime-sharp-rise-complaints-2024-govt-data-9816845

 

^[iii] https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m03/cybersecurity-readiness-index-2024.India

 

^[iv] https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m03/cybersecurity-readiness-index-2024.India

 

^[v] RecordedFuture. (2025, February 28). 2024 Malicious infrastructure report. Recorded Future.

https://www.recordedfuture.com/research/2024-malicious-infrastructure-report

 

^[vi] DSCI. (2025). Data Security Council of India. https://www.dsci.in/resource/content/india-cyber-threat-report-2025

 

^[vii] DSCI. (2025). Data Security Council of India. https://www.dsci.in/resource/content/india-cyber-threat-report-2025

 

^[viii] Potentially Unwanted Program (PUP). (2024, July 26). Malwarebytes. https://www.malwarebytes.com/cybersecurity/basics/what-is-pup#:

 

^[ix] PUP and PUM FAQs. (2024, November 6). ThreatDown, Powered by Malwarebytes, Support Site. https://support.threatdown.com/hc/en-us/articles/4413802548755-PUP-and-PUM-FAQs#:

 

^[x] ᴍᴏᴏɴD4ʀᴋ. (2023, August 18). HackBrowserData. GitHub. https://github.com/moonD4rk/HackBrowserData

 

^[xi] RecordedFuture. (2021). China-linked Group RedEcho Targets the Indian Power Sector Amid Heightened Border Tensions. Recordedfuture.com. https://www.recordedfuture.com/research/redecho-targeting-indian-power-sector

 

^[xii] Fraunhofer FKIE. (2025). Tonto Team (Threat Actor). Fraunhofer.de. https://malpedia.caad.fkie.fraunhofer.de/actor/tonto_team

 

^[xiii] RecordedFuture. (2021). China-linked Group RedEcho Targets the Indian Power Sector Amid Heightened Border Tensions. Recordedfuture.com. https://www.recordedfuture.com/research/redecho-targeting-indian-power-sector

^[xiv] Insikt Group. (2021). CYBER THREAT ANALYSIS CHINA [Report]. Recorded Future. https://www.fbcinc.com/source/virtualhall_images/NLIT_June_21/Recorded_Future/cta-2021-0228.pdf

 

^[xv] Sircar, S. (2021, March 5). AXIOMATICASYMPTOTE: How an 18-Letter Word Exposed Chinese RedEcho. TheQuint; The Quint. https://www.thequint.com/cyber/security/chinese-redecho-hacker-cyber-threat-intrusion-power-sector-ports#read-more%23read-more

 

^[xvi] Chamelgang & Friends | Cyberespionage Groups Attacking Critical Infrastructure with Ransomware. (2024). SentinelOne Inc. https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

 

^[xvii] Government of India Taking Measures to Protect Critical Infrastructure and Private Data Against Cyber Attacks. (2025). Pib.gov.in. https://pib.gov.in/PressReleasePage.aspx?PRID=2116341

The massive excitement- some might call it hype- surrounding Generative AI, which began with the arrival of OpenAI’s ChatGPT in late 2022, continues to unfold. There have been a few recent dips, first with the announcement of competition from China’s Deepseek and then with the general decline of the NASDAQ and the Magnificent Seven tech companies, even prior to the tariff tantrums.

The market valuations remain enormous. OpenAI was valued at $300 billion in a funding round, while xAI (Elon Musk’s company that has productised Grok using real-time data from X, (formerly Twitter) is valued at $80 billion.

On the other hand, there are questions about intellectual property: ChatGPT reproduced the trademark look and feel of the Japanese animation studio Ghibli, with no clarity regarding whether a license for the IPR was obtained. There is also a sinister outcome: the photographs you Ghibli-ize become the property of OpenAI.

There are three broad and interesting questions: first, whether we are witnessing a genuine, life-changing innovation as dramatic as the arrival of electricity; second, where the significant returns on investment will come from; and third, what India’s current and future roles may entail, especially in light of the recent national AI mission announcements.

 

1. Is Generative AI a Truly Disruptive Innovation?

First, let’s discuss the nomenclature. Traditional AI and Machine Learning are now referred to as predictive AI. This approach utilises vast amounts of numerical data to identify patterns. Significant advancements in recent years, such as AlphaFold, have originated from this field. It examines historical data to predict future outcomes or trends. Statistical models and machine learning algorithms predict events like customer behaviour, market trends, or equipment failures.

Generative AI, on the other hand, focuses on creating new content or data, such as images, text, music, or even software code. It is designed to produce novel outputs based on patterns learned from existing data, primarily unstructured data like text.

Predictive AI has yielded valuable results, enhancing everything from retail inventory planning to more precise X-ray interpretations. The challenge with generative AI is that it has yet to produce a compelling enterprise use case.

Currently, there is no clear use case for B2C Generative AI either.  While generative AI is likely to soon become as common as email and video conferencing, few people would be willing to pay for these products. For the most part, major vendors are using generative AI to “enhance the user experience.” Having accomplished this, they are quite willing to release their code to the public at large.  There is a potential use case for software companies to assist enterprises in improving their internal processes with AI; these companies would function like consultants but with a tangible impact on operations.

There is a belief that AI-based “agents” might revolutionise workflows and enterprise computing. Similarly, the increasingly popular “vibe-coding” may enable non-technical users to generate software using simple English prompts. All of this remains to be seen, and despite enthusiastic announcements, a decisive use case is elusive. Therefore, at this moment, generative AI is not an earth-shaking innovation like electricity or the Internet.

 

2. What is Behind the Meteoric Rise of Generative AI?

Several factors have established the basis for its popularity. In addition to those mentioned below, there is the ongoing pursuit of an “economic moat,” the development of a hype cycle as a regular aspect of the technology industry, and the use of “standards” as a competitive weapon.

 

Technical Breakthroughs that Enabled a Better User Interface

Since ChatGPT first appeared in late 2023, the rapid uptake of Generative AI was primarily attributed to its excellent user experience. Additionally, the AI generated responses to questions quickly and with impressive confidence, even though users knew these responses were statistical rather than deterministic and could be prone to errors (hallucinations).

The example of Eliza, an early AI chatbot from the 1960s, is instructive. Eliza functioned like a psychotherapist—rephrasing what the user said into questions or prompts to encourage further elaboration. This method created a surprisingly conversational experience despite its simplicity. People weren’t merely interacting with a program—they were filling in the gaps with their humanity, making it feel personal and responsive.

Eliza also focused on the conversation, enhancing the illusion of a one-on-one exchange with a thoughtful listener. When its internal code did not allow it to generate a sensible answer, it simply responded with “Tell me more about …” (the last topic). It didn’t inundate users with options or technical jargon—it just “listened” and responded, which felt intuitive and natural.

Much the same is true of today’s chatbots, which give the (mistaken) impression that a profoundly empathetic person is at the other end of the conversation. This anthropomorphisation, unfortunately, has sometimes led to addictive behaviour, resulting in depression, mental illness, and even suicide.

Cinema thrives on viewers’ “willing suspension of disbelief.” Similarly, generative AI burst onto the scene with believable answers to common questions, and unsurprisingly, it became the technology with the fastest adoption rate ever.

The Gold Rush Paradox

During the 1849 Gold Rush, miners flocked to California, dreaming of striking it rich. Still, the reality was harsh—most barely broke even, while real wealth accumulated in the hands of intermediaries. These included merchants selling picks, shovels, pans, jeans, and provisions and those who built shanty towns and ran nightclubs. They thrived because they provided the essential tools and infrastructure that every miner needed, regardless of whether those miners found gold. The demand was predictable and widespread, and intermediaries didn’t bear the same risks as the prospectors digging for an uncertain payoff.

A similar dynamic is unfolding with generative AI today. Companies developing and selling enterprise AI solutions—such as those providing custom chatbots, content generators, or industry-specific AI platforms—are akin to the miners. They’re pursuing the “gold” of widespread adoption and transformative use cases, but their success is far from assured. Developing AI models is expensive, competitive, and risky; it requires significant investment in talent, data, and computing power, and the payoff relies on market acceptance and differentiation in a crowded landscape.

In the meantime, chip makers like Nvidia and cloud computing giants such as Amazon (AWS), Microsoft (Azure), and Google (GCP) serve as modern intermediaries. Every AI company, from startups to tech titans, depends on these tools. For example, Nvidia’s chips represent the gold standard for training large language models (LLMs). Similarly, cloud providers supply the storage, networking, and computing resources necessary to make AI development and deployment feasible at scale.

The intermediaries thrive because their products are essential, and their revenue streams are more stable. In contrast, enterprise AI companies confront intense competition and unpredictable margins. They are counting on providing value to end users, but they’re frequently just one innovation or pricing battle away from being undercut. The intermediaries, with established positions and extensive customer bases, capture most of the value without facing the same risks. Just as Levi Strauss created a denim empire while many miners failed, Nvidia and the cloud giants earn billions while AI startups struggle for survival.

Microsoft’s Strategic Vision, Reinvention, and Competitive Skills

Microsoft’s strategic vision has been pivotal in expanding generative AI. By leveraging its partnership with OpenAI, it created an entirely new market. Consequently, Microsoft is the only company in the top 10 in market capitalisation in 2001 and 2025.

In the earlier era, it utilised its co-ownership of the dominant Wintel franchise to establish this position. Then, transitioning from desktop to cloud computing, it positioned itself among the top three cloud computing platforms, alongside Amazon’s AWS (the pioneer) and Google Cloud (which lags far behind).

As discussed, cloud computing and chips represent the most lucrative aspects of the generative AI ecosystem. In a sense, this mirrors the re-creation of the Wintel duopoly. Microsoft has positioned itself advantageously by partnering with OpenAI and capitalising on enterprise customers who are already committed to Windows, Office, Teams, and other products.

There is also a fascinating saga of corporate competition, where Microsoft has turned the tables on Google in their decades-long rivalry. It is ironic that Google, through its DeepMind subsidiary (e.g., AlphaFold and AlphaGo) and its invention of Transformer technology, was a pioneer in both predictive and generative AI. Additionally, it succeeded in creating a search engine franchise.

However, Microsoft has effectively positioned itself as the leader in AI. Google’s core search and corresponding $200 billion advertising business now face jeopardy as users abandon its offerings in favour of new AI search engines like Perplexity or Grok.

The Chinese Challenge

The arrival of Chinese Generative AI products such as DeepSeek significantly reshaped the AI marketplace by 2025, introducing a blend of innovation, competition, and disruption that has resonated globally.

First, there was DeepSeek, which claimed cost-effectiveness, although some experts are sceptical about their assertions of an order-of-magnitude improvement. Reports suggest that DeepSeek-V3 was trained for under $6 million using fewer, less advanced Nvidia chips (e.g., H800s) compared to the billions spent by U.S. firms. This efficiency arises from techniques such as sparsity in model training (focusing only on relevant parameters) and data compression, enabling high performance with lower resource demands. This lowered the barriers to entry.

Second, there is open-source momentum. Unlike OpenAI’s proprietary models, DeepSeek has embraced an open-source approach, similar to Google’s GEMINI and Facebook’s LLaMA. Chinese tech giants like Alibaba and Tencent have also open-sourced their models (e.g., Qwen 2.5, Hunyuan), creating an “Android moment” for AI. These Chinese alternatives have eroded the pricing power of Western firms.

Third, there were geopolitical ripples: the US advocated for new investment, such as the $500 billion Stargate initiative. Concerns arose regarding Chinese products collecting data from various sources, especially as the Chinese government began treating its AI companies as “national champions” deserving of support.

The Chinese players changed the rules of the game: it is no longer solely about massive investments in the billions of dollars in proprietary systems, as seen in the US model, but rather enticingly about the potential to create LLMs using open-source Chinese products.

 

3. India’s path to having a role in this domain

Objectives of Indian AI

The Indian government and society need to clearly understand how they want to position themselves within the expansive realm of Generative AI. In the authors’ opinion, the focus should be on leveraging AI’s capabilities for India’s benefit; therefore, striving to build products that compete globally with current market leaders would be unrealistic.

 

Two essential steps are required to develop AI products that address the needs of Indian society: debiasing and localisation. Each of these steps is briefly described.

Current open-source models, even on matters that concern India, are primarily trained on sources from outside the country.  Two examples will serve to illustrate the downside of this: (1) If Deep Seek is asked a question about Arunachal Pradesh, it responds that no such place exists. This is because Deep Seek, a Chinese product, does not acknowledge that Arunachal Pradesh is part of India.  (2) If any Western model is queried about the RSS, the answer will likely be that the RSS is a Hindu terrorist organisation. This is due to these models being trained on sources like Wikipedia, which are irredeemably hostile to India.

Eliminating such distortions is referred to as “debiasing.” It may be overly ambitious to believe that we can prevent individuals outside India from receiving a distorted answer to a query. However, at the very least, we can ensure an alternative query engine provides more accurate information.

For several decades, there has been a notable trend of Westerners appropriating India’s intellectual property. Examples abound: the healing powers of turmeric, Basmati rice, yoga, pranayama, and more. A strong nation with self-respect should aim to prevent future thefts and rectify past thefts.

Additionally, LLMs may begin to run out of training data, which could lead them to rely on “synthetic data” generated by AI or other artificial processes. This presents several issues: the amplification of existing biases in the models, a lack of real-world grounding, and the possibility of “model collapse,” where genAI starts producing gibberish. Consequently, genAI companies would need to seek new real training data, and IKS could be “digested. ”

In particular, traditional Indian Knowledge Systems (IKS) contain a wealth of material that can now be mined and appropriated by language models. To forestall this, it is essential to codify IKS in a format that unambiguously establishes the origin of the knowledge.  This, in turn, requires incorporating IKS into an Indian Generative AI model, a process known as “localisation.”

Specifically, building LLMs that specialise in IKS would be desirable. For example, there could be one trained almost exclusively on Panini’s Ashtadyayi, which researchers could use to mine the depths of that masterwork and gather deep insights. In another example, recent cryptographic deciphering of the Indus-Sarasvati script might have been accelerated if there were an LLM that focused narrowly on the topic. Steps for achieving both objectives are described further below.

Approaches to Building an Indian AI Solution

Broadly speaking, two possible approaches to building a language model are foundational and fine-tuned (this phrase is not universally used). We discuss the advantages and disadvantages of each approach, placing particular emphasis on the Indian scenario.

A foundational model is essentially an ab initio model in which the model builders create their own pool of tokens from various data sources (public, proprietary, or both), select the model architecture, and then train the model by selecting the “weights” of the model. Generating a sufficiently rich corpus to produce realistic language models would require between 10 trillion and 100 trillion tokens and 500 billion to one trillion parameters.

Current models such as GEMINI, LLaMA, ChatGPT4, and Deep Seek all fall within this range. However, the cost would be substantially higher than for developing fine-tuned models. The IndiaAI mission envisages an outlay of Rs. 2000 crore, distributed over 6 to 10 projects (or Rs. 200 to 300 crore per project), with a six—to twelve-month development timeline for foundational models. In the authors’ view, it is unrealistic to expect any impactful foundational model to be developed with this level of funding.

To build a fine-tuned model, builders start with an open-source model that best meets their requirements and then adjust the weights so that the model performs well on their own additional data set, which may be proprietary. The key is to ensure that while adjusting the weights, the performance of the corpus used to train the original model does not deteriorate.

This is tricky because, while the weights of an open-source model are freely available, the corpus used to derive these weights is not.  Fortunately, a decades-old idea from statistics comes to the rescue.  If the size of the additional data used for fine-tuning is several orders of magnitude smaller than the original corpus, an approach known as “Low-Rank Adaptation (LoRA)” can be employed. Currently available open-source models are estimated to be based on 100 trillion (10^14) tokens. Any additional Indian data would not exceed a trillion (10^12) tokens, or 1% of the original (unknown) corpus. This suggests that fine-tuning would work well in an Indian context.

Developing a high-quality, refined model would be significantly cheaper than creating a meaningful foundational model. This is because the initial step would involve an open-source model that has already gone through rigorous development and testing.  However, according to the rules of the software community, any model built upon an open-source model must be put back into the open-source world. This would not be a drawback for India and might even be an advantage because it may lead to India being perceived as a significant player in this domain. In contrast, developing numerous relatively small models, distinguished only by their foundational nature, would not improve how the rest of the world perceives India.

What are the Skill Sets Required?

To build even a fine-tuned model, two distinct sets of skills are necessary: algorithms and software engineering. Most algorithms used in training LLMs are available in “pseudo-code” form in the open literature. Therefore, it is relatively straightforward (assuming one is familiar with the literature, which is not always a valid assumption) to convert this pseudo-code into working code, typically in Python.

No additional software engineering is required for relatively small models, such as those with 5 to 20 billion parameters. Environments like PyTorch handle issues such as parallelisation and memory allocation. It is highly desirable for the engineers involved in this project to begin with an open-source model of this size and to establish programmatic solutions for fine-tuning, including debiasing and localisation. This approach will help them gain insight into the algorithmic issues at play.

However, no meaningful model will be so small.  The models on which we will be working, even if the starting point is open-source, will be a minimum of half a trillion parameters.  Scaling up the solutions mentioned in the previous paragraph to this size would require an understanding of software engineering, including optimisation and algorithmic knowledge.

This is tacit know-how: “underground knowledge” that is usually not written down anywhere.  Normally, only those who have “been there and done that” would know these aspects. Ideally, we should attempt to attract at least a few people who have worked on the large open-source models currently available.  These people could, in turn, train others.

Budget and Time-Frame

A Phase-1 Proof of Concept based on an open-source model of approximately 20 billion parameters that achieves both debiasing and localisation can be prepared in six to nine months and would cost roughly Rs 600 crore. Phase 2, a fully functional version, would aim for a complete solution and would require around nine to twelve months, with a budget of about Rs 1200 crore.

 

However, this cannot remain a government-run initiative; the private sector must also contribute. Initially, this may occur through pilot projects using CSR funds. Still, in the future, comprehensive LLM development, training, data centres, and marketing must come from the private sector at a scale significantly greater than the initial public-sector investment. Targeted incentives are necessary to stimulate private-sector participation.

Potential Applications in Indian Society

While there are numerous ways in which Generative AI investment can benefit Indian society, we will focus on one area: education. Concerns persist regarding the poor educational attainment of Indian students, particularly in standardised global tests such as PISA, in which India has stopped participating due to dismal scores.

A significant factor in achieving success may be mother-tongue education at the primary and secondary levels, particularly in the hard sciences. Countries with high PISA scores, such as Finland, Japan, South Korea, and Germany, implement this approach. There may also be a cognitive advantage: you grasp concepts rather than grapple with unfamiliar English words.

By using LLMs trained with appropriate sources, we can provide high-quality translations into Indian languages, facilitating mother-tongue-based primary and secondary education. Numerous nations have demonstrated that this is not a disadvantage for future R&D. Additionally, in an environment where the Internet and social media encourage deracination, it may assist students in maintaining a certain cultural grounding.

Some argue that tertiary education should primarily be in English, but this can also be managed if LLMs provide real-time translation of lectures, allowing students to listen in whichever language they prefer. A significant side benefit of this approach would be the ability to conduct simultaneous translation between any Indian languages, making everyday communication much easier and effectively reducing some of the ongoing language conflicts.

Conclusion

Generative AI is here to stay, warts and all. It is up to the Indian state and private sector to take advantage of its presence and to participate in ways that do not directly confront the free-spending American and Chinese market leaders. There are niche/leapfrog or disruptive innovation plays that can create substantial value for Indian society by improving education, nurturing and protecting Indian Knowledge Systems, and easing multilingual communication.

 

Authors Brief Bio: Shri Rajeev Srinivasan is an adjunct faculty member at IIM Bangalore, Dr M. Vidyasagar, FRS, is a former National Chair Professor at IIT Hyderabad, and Dr Abhishek Puri is a Radiation Oncologist at Fortis Hospital, Mohali. The authors can be contacted at rajeev@alumni.stanford.edu.

 

In the first few decades after independence, the euphoria of freedom did not translate into the rapid economic growth that had been hoped for. There were, undeniably, serious governance challenges. Literacy levels were abysmally low, agricultural output was weak, the partition had caused significant economic disruption, especially in agriculture and trade, and inadequate infrastructure hindered growth and investment. However, all these issues could have been addressed within a decade or two. The fact that India continued to wallow in poverty four decades after independence points to fundamental policy failures and a lack of strategic vision.

 

A primary factor keeping India poor was an overreliance on state control based on the Soviet model. The overregulated economy and excessive permits and controls discouraged entrepreneurship and innovation. To bolster the socialist narrative, Indian cinema embraced themes that saw virtue in poverty and regarded wealth as a symbol of corruption. The entrepreneur was portrayed as the villain when, rightly, the focus should have been on India’s bureaucracy and political class, which stifled growth to maintain its dominance in society. In most cinematic narratives, the entrepreneur was depicted as exploitative and greedy, while workers were shown as paragons of virtue. This, perhaps, appeased the sentiments of the masses but did little to elevate India out of poverty. This mindset may have been deliberately cultivated among the masses to encourage acceptance of their situation and discourage clamouring for a better, more dignified life.

 

The economic reforms of 1991, 44 years after independence, marked the first steps toward change. These reforms were not the result of a deliberate policy shift but were imposed on India as it faced a significant trade deficit and a critical shortage of foreign exchange, barely sufficient to cover 2 to 3 weeks of imports. A high fiscal deficit, unsustainable debt, and rampant inflation compelled the government to seek assistance from the IMF and World Bank for a bailout. The conditions stipulated for receiving funds included structural reforms to liberalise the economy and make it more market-oriented. This turned out to be a blessing in disguise. The Narasimha Rao era reforms led to the removal of many licensing and regulatory restrictions on the government’s role in business and also opened the economy to foreign investment and trade.

 

In 1999, another significant change occurred with the coming in of the Atal Bihari Vajpayee-led NDA government. Under Vajpayee’s leadership, India took a substantial step in envisioning a grander Bharat. This gave birth to the idea of connecting the four metro cities—Mumbai, Delhi, Kolkata, and Chennai with four-lane national highways and led to the inauguration of the gigantic Golden Quadrilateral project by the then Prime Minister, Shri Atal Bihari Vajpayee. A project of this scale had not been attempted earlier. It changed the face of Indian highways and set new benchmarks for a range of development projects.

 

The third significant change occurred when the Modi-led NDA government provided a long-term development vision for the country. The ‘Viksit Bharat’ goal is to make India a developed country by the country’s 100th anniversary of independence in 2047. The Prime Minister set a growth target to achieve developed status, which translates to a USD 30 trillion economy by 2047.

 

This was a welcome change from the five-year plans based on the Soviet model. The plan is ambitious but achievable. However, every Indian will have to strive hard to achieve that outcome. As of now, India’s economy is approximately USD 4.3 trillion. It is the world’s fifth-largest economy, following the US (30.34 trillion), China (19.35 trillion), Germany (4.92 trillion), and Japan (4.39 trillion). India will soon surpass Japan and Germany to become the third-largest economy in the world. But while India’s GDP is rising, the country remains poor, as indicated by its per capita GDP, which stands at USD 2.94 thousand.

 

The per capita GDP of the developed world is significantly higher, with the US, Germany, Japan, and China at USD 89.68 thousand, 57.91 thousand, 35.61 thousand, and 13.87 thousand, respectively. If India can achieve a GDP of USD 30 trillion by 2047 and maintain its population at the current level, it would have a per capita GDP of USD 20 thousand, become a middle-income country, and poverty would no longer afflict the nation.

 

While India’s growth trajectory has been steady over the past decade, many challenges must be overcome to achieve the above target. These lie in different domains: Technology, demography, social cohesion, military preparedness, and governance.

 

Technology

Technology will be the key driver for India’s growth story, especially in fields such as Generative AI, quantum computing, and chip manufacturing. We need Indian solutions to India’s problems and not copy-paste efforts from what the West is doing. We need mother-tongue-based learning even at the university level. Innovations could include introducing large language models (LLMs) in phones that can translate speech and lectures instantly. This would revolutionise education and lead to a spurt in innovation and original thought, led by India’s youth.

 

India does not need to reinvent the wheel to build foundational LLMS, as these are now more or less available as open-source material. Competing head-on with the US and China by creating a new foundational model is neither feasible nor desirable. The locus of competition has shifted to what can be built atop a freely available foundational model, and this is where India’s focus area should lie. Indian Knowledge Systems (IKS) are unique, offer India-specific solutions, and come with intellectual property rights and core competence. This is where our focus area should lie. Build solutions for India to address India’s unique problems. The Unified Payments Interface (UPI) for digital payments is an apt example of using technology for Indian needs. To remain in the game, we need a really smart industrial policy that should include a) IPR law, b) data protection that prevents the siphoning off of sensitive indian medical, financial and genetic data, among others, c) identifying niche segments to focus on.

 

Demography

A large population is not an asset if vast millions are poor and semi-literate. There is a need to check population growth by incentivising small family norms. Population growth has not been even across states and across religious groups, which has the potential to create discord. Towards this end, the anticipated increase in parliamentary seats should not be based on a population census but should be carried out proportionately. Increasing the representation of each state by 50 per cent would ensure that those states that have done well in controlling their population are not penalised. Similarly, there should be a system of incentives and disincentives to promote small family norms. This will ensure social cohesion, assist in poverty alleviation and enable India to achieve its vision of a developed nation by 2047.

 

Social Cohesion

Since independence, the country has been riven with social strife on various issues—ethnic, communal, caste, farmers, etc. While protest is a legitimate function in any democracy, vandalising property or forcing the closure of roads and rail networks in pursuance of one’s demands impinges on the rights and freedoms of others. A consensus must develop among all political parties to adhere to basic norms of protest. The courts, too, should be sensitised to these matters and desist from interfering with the executive. The government of the day is accountable to the people who have elected them, and the courts should desist from interfering in legislation passed by the respective state governments or the Centre.

 

Another aspect impinging on social cohesion is the influx of a large number of illegal Bangladeshi and Rohingya into India. As per some estimates, this number could be more than 20 million. We need to identify such individuals and deport them back to their own countries. India’s precious resources cannot be diverted to causes other than the improvement of the lives of its citizens.

 

Military Preparedness

India’s growth trajectory must also include the development of its military capability. This encompasses developing all border areas, including communication networks and infrastructure for military purposes, as well as the development of border villages. The communities living in these border areas must be empowered, as the local civilian population is the first line of defence. Initiatives taken in this regard over the last decade must continue until the infrastructure of the border areas matches what the Chinese have constructed on the opposite side. Alongside this, the defence manufacturing sector must be ramped up to further reduce India’s import dependence. The private sector must play a significant role in defence manufacturing and be incentivised accordingly.

 

Governance

Finally, India’s growth story is a function of its political will and administrative acumen. Politically, the country has great stability, which augurs well for economic growth. However, administrative and judicial reforms are needed. Administrative reforms are required to create a conducive climate for growth, and judicial reforms are required to ensure that justice is administered swiftly and fairly. This will encourage business and economic development.

 

India has made rapid strides in its development effort over the last decade. This is no mean achievement, and India is currently the fastest-growing large economy in the world. The target of Viksit Bharat by 2047 is achievable, but it would necessitate a concerted effort by all stakeholders. The government has a major role to play, but civil society must also get involved in the development effort to achieve the vision laid out.

 

Author Brief Bio: Major General Dhruv C Katoch is Director, India Foundation and Editor, India Foundation Journal.