#FactCheck - Viral video of Defence Minister Rajnath Singh supporting Israeli attacks on Iran is a deepfake

Introduction

The most recent cable outages in the Red Sea, which caused traffic to slow down throughout the Middle East, South Asia, and even India, Pakistan and several parts of the UAE, like Etilasat and Du networks, also experienced comparable internet outages, serve as a reminder that the physical backbone of the internet is both routine and extremely important. Cloud platforms reroute traffic, e-commerce stalls, financial transactions stutter, and governments face the fragility of something they long believed to be seamless when systems like SMW4 and IMEWE malfunction close to Jeddah. Concerns over the susceptibility of undersea information highways have been raised by the incident. Given the ongoing conflict in the Red Sea region, where Yemen’s Houthi rebels have been waging a campaign against commercial shipping in retaliation for the Israel-Hamas war in Gaza.  The effects are seen immediately. The argument over whether global connection is genuinely robust or just operating on borrowed time was reignited by these recent failures, which compelled key providers to reroute flows. 

A geopolitical signal is what looks like a “technical glitch.” Accidents in contested waters are rarely simply accidents, and the inability to quickly assign blame highlights how brittle this ostensibly flawless digital world is. 

The Paradox of Essential yet Exposed Infrastructure

This is not an isolated accident. Undersea cables, which carry more than 97% of all internet traffic worldwide, connect continents at the speed of light, and support the cloud infrastructures that contemporary societies rely on, are the brains of the digital economy., as cautioned by NATO’s Cooperative  Cyber Defence Centre of Excellence. In a sense, they are our unseen electrical grid; without them, connectivity breaks down. However, they continue to be incredibly fragile in spite of their significance. Anchors and fishing gear frequently damage cables, which are no thicker than a garden hose, and they break more than a hundred times annually on average. Most faults can be swiftly fixed or relocated, but when several cuts happen in strategic areas, like the 2022 Tonga eruption or the current Red Sea crisis, nations and economies are exposed to being isolated for days. 

The geopolitical risks are far more urgent. Subsea cables traverse disputed waters, land in hostile regimes, and cross oceans without regard for political boundaries. This makes them appealing for espionage, where state actors can tap or alter flows covertly, as well as sabotage, when service is interrupted to prevent access. Deliberate cable strikes have been likened by NATO specialists to the destruction of bridges or highways: if you choke the arteries, you choke the economy. Ironically, the most susceptible locations are not far below the surface but rather where cables emerge. These landing sites, which handle billions of dollars’ worth of trade, can have less security than a conventional bank office.

The New Theatre of Geopolitics 

Legal frameworks exist, but they are patchwork. Intentional damage is illegal under the UN Convention on the Law of the Sea and previous agreements, but attribution is still infamously challenging. Covert sabotage and intelligence operations are examples of legal grey areas in hybrid warfare scenarios. Even during times of peace, national governments that rely on their continuous operation but find it difficult to extend sovereignty into international waters, private telecom consortia, and content giants like Google and Amazon that now finance their own cables share the burden of protection.

Cables convey influence in addition to data. Strategic leverage belongs to whoever can secure them, tap them or cut them during a fight. Even though landing stations are the entry points for billions of dollars’ worth of international trade, they frequently offer less security than a commercial bank branch. 

India at the Crossroads of Digital Geopolitics 

India’s reliance on underwater cables presents both advantages and disadvantages. India presents a classic single-point-of-failure danger, with more than 95% of its international data traffic being routed through a 6-km coastal stretch close to Versova, Mumbai. Red Sea disruptions have previously demonstrated how swiftly chokepoints located far from India’s coast may impede its digital arteries, placing a burden on government functions, defence communications, and financial flows. However, this same vulnerability also makes India a crucial player in the global discussion around digital sovereignty. It is not only an infrastructure exercise; it is also a strategic and constitutional necessity to be able to diversify landing places, expedite clearances, and develop indigenous repair capability.

India’s geographic location also presents opportunities. India’s location along East-West cable lines makes it an ideal location for robust connectivity as the Indo-Pacific region becomes the defining region of geopolitics in the twenty-first century. India may change from being a passive recipient of connectivity to a shaper of its governance by investing in distributed cable architecture and strengthening partnerships through initiatives like Quad and IPEF. Its aspirations for global influence must be balanced with its home regulatory lethargy. By doing this, India can secure not only bandwidth but also sovereignty itself by converting subsea cables from hidden liabilities into tools of economic might and geopolitical leverage. 

CyberPeace Insights 

If cables are considered essential infrastructure, then their safety demands the same level of attention that we give to ports, airports, and electrical grids. Stronger landing station defences, redundancy in route, and sincere public-private collaborations are now a necessity rather than an option.

The Red Sea incident is a call to action rather than a singular disruption. The robustness of underwater cables will determine whether the internet is a sustainable resource or a brittle luxury susceptible to the next outage as reliance on the cloud grows and 5G spreads. 

References

• https://forumias.com/blog/answered-assess-the-strategic-significance-of-undersea-cable-networks-for-indias-digital-economy-and-national-security-discuss-the-vulnerabilities-of-this-infrastructure-and-suggest-measures-to-e/ 
• https://www.reuters.com/world/middle-east/red-sea-cable-cuts-disrupt-internet-across-asia-middle-east-2025-09-07/ 
• https://pulse.internetsociety.org/blog/what-can-we-learn-from-africas-multiple-submarine-cable-outages 

‍

Introduction

The digital realm is evolving at a rapid pace, revolutionising cyberspace at a breakneck speed. However, this dynamic growth has left several operational and regulatory lacunae in the fabric of cyberspace, which are exploited by cybercriminals for their ulterior motives. One of the threats that emerged rapidly in 2024 is proxyjacking, in which vulnerable systems are exploited by cyber criminals to sell their bandwidth to third-party proxy servers. This cyber threat poses a significant threat to organisations and individual servers. 

Proxyjacking is a kind of cyber attack that leverages legit bandwidth sharing services such as Peer2Profit and HoneyGain. These are legitimate platforms but proxyjacking occurs when such services are exploited without user consent. These services provide the opportunity to monetize their surplus internet bandwidth by sharing with other users. The model itself is harmless but provides an avenue for numerous cyber hostilities.  The participants install net-sharing software and add the participating system to the proxy network, enabling users to route their traffic through the system. This setup intends to enhance privacy and provide access to geo-locked content. 

The Modus Operandi

These systems are hijacked by cybercriminals, who sell the bandwidth of infected devices. This is achieved by establishing Secure Shell (SSH) connections to vulnerable servers. While hackers rarely use honeypots to render elaborate scams, the technical possibility of them doing so cannot be discounted. Cowrie Honeypots, for instance, are engineered to emulate UNIX systems. Attackers can use similar tactics to gain unauthorized access to poorly secured systems. Once inside the system, attackers utilise legit tools such as public docker images to take over proxy monetization services. These tools are undetectable to anti-malware software due to being genuine software in and of themselves. Endpoint detection and response (EDR) tools also struggle with the same threats.

The Major Challenges 

Limitation Of Current Safeguards – current malware detection software is unable to distinguish between malicious and genuine use of bandwidth services, as the nature of the attack is not inherently malicious. 

Bigger Threat Than Crypto-Jacking – Proxyjacking poses a bigger threat than cryptojacking, where systems are compromised to mine crypto-currency. Proxyjacking uses minimal system resources rendering it more challenging to identify. As such, proxyjacking offers perpetrators a higher degree of stealth because it is a resource-light technique, whereas cryptojacking can leave CPU and GPU usage footprints.

Role of Technology in the Fight Against Proxyjacking

Advanced Safety Measures- Implementing advanced safety measures is crucial in combating proxyjacking. Network monitoring tools can help detect unusual traffic patterns indicative of proxyjacking. Key-based authentication for SSH can significantly reduce the risk of unauthorized access, ensuring that only trusted devices can establish connections. Intrusion Detection Systems and Intrusion Prevention Systems can go a long way towards monitoring unusual outbound traffic.

Robust Verification Processes- sharing services must adopt robust verification processes to ensure that only legitimate users are sharing bandwidth. This could include stricter identity verification methods and continuous monitoring of user activities to identify and block suspicious behaviour. 

Policy Recommendations

Verification for Bandwidth Sharing Services – Mandatory verification standards should be enforced for bandwidth-sharing services, including stringent Know Your Customer (KYC) protocols to verify the identity of users. A strong regulatory body would ensure proper compliance with verification standards and impose penalties. The transparency reports must document the user base, verification processes and incidents. 

Robust SSH Security Protocols – Key-based authentication for SSH across organisations should be mandated, to neutralize the risk of brute force attacks. Mandatory security audits of SSH configuration within organisations to ensure best practices are complied with and vulnerabilities are identified will help. Detailed logging of SSH attempts will streamline the process of identification and investigation of suspicious behaviour. 

Effective Anomaly Detection System – Design a standard anomaly detection system to monitor networks. The industry-wide detection system should focus on detecting inconsistencies in traffic patterns indicating proxy-jacking. Establishing mandatory protocols for incident reporting to centralised authority should be implemented. The system should incorporate machine learning in order to stay abreast with evolving attack methodologies.

Framework for Incident Response – A national framework should include guidelines for investigation, response and remediation to be followed by organisations. A centralized database can be used for logging and tracking all proxy hacking incidents, allowing for information sharing on a real-time basis. This mechanism will aid in identifying emerging trends and common attack vectors. 

Whistleblower Incentives – Enacting whistleblower protection laws will ensure the proper safety of individuals reporting proxyjacking activities. Monetary rewards provide extra incentives and motivate individuals to join whistleblowing programs. To provide further protection to whistleblowers, secure communication channels can be established which will ensure full anonymity to individuals. 

Conclusion

Proxyjacking represents an insidious and complicated threat in cyberspace. By exploiting legitimate bandwidth-sharing services, cybercriminals can profit while remaining entirely anonymous. Addressing this issue requires a multifaceted approach, including advanced anomaly detection systems, effective verification systems, and comprehensive incident response frameworks. These measures of strong cyber awareness among netizens will ensure a healthy and robust cyberspace. 

References 

• https://gridinsoft.com/blogs/what-is-proxyjacking/
• https://www.darkreading.com/cyber-risk/ssh-servers-hit-in-proxyjacking-cyberattacks
• https://therecord.media/hackers-use-log4j-in-proxyjacking-scheme

‍

Introduction

The Chairman of Vardhman Group, Mr SP Oswal, an India-based textile manufacturer, fell victim to a cyber fraud scheme that cost him ₹7 crore. The scam unfolded on August 28 and 29, conning Mr Oswal into transferring Rs 7 crore into multiple bank accounts. As per the recent reports, the Police have managed to freeze these accounts and recover over Rs 5 crore as of now. The fraudsters convinced Mr SP Oswal that he was a suspect in a money laundering investigation and held on a “Digital Arrest”. These are sophisticated cyber frauds where cyber-criminals impersonate law enforcement officials or other authorities and target innocent individuals with manipulative tactics. The scam targets are often contacted out of the blue, on Instant messaging apps like WhatsApp and informed that their bank accounts, digital identities, or other online assets have been compromised. Criminals play into the victims' fear by threatening them with imminent arrest, legal consequences, or public humiliation if they don't cooperate with a series of urgent demands.

Posing as Officials, Fraudsters Orchestrate ₹7 Crore Scam

The investigation revealed that the fraudsters posed as members of the Central Bureau of Investigation (CBI). They had contacted Mr Oswal and claimed that his Aadhaar had been misused in a case involving fake passports and financial fraud. The imposter conducted a video call in a police uniform using a background with the CBI logo. The fraud escalated further, Mr Oswal got a fake "arrest warrant" on  WhatsApp allegedly authorised by the Supreme Court. Fraudsters convinced Mr Oswal to transfer ₹7 crores to facilitate bail proceedings, claiming he was under "digital arrest". The meticulously planned scam involved fake documents, a virtual courtroom, and relentless intimidation tactics leaving Mr Oswal effectively under "digital arrest" for two days. While the police have successfully recovered over Rs 5 crore so far, this case highlights the alarming threat of digital impersonation of law enforcement authorities.

Legal Outlook on the Validity of Digital Arrests

In India, the main laws governing cyber crimes are the Information Technology Act, of 2000 and the rules made under therein, and the newly enacted Bhartiya Nyaya Sanhita, 2023. Recently enacted new criminal laws do not provide for any provision for law enforcement agencies conducting a digital arrest.  The law only provides for service of the summons and the proceedings in an electronic mode. Hence, there are no provisions for conducting 'digital arrests' as per the laws of the country. 

Further, It should be noted that the Indian Cyber Crime Coordination Centre (I4C), under the Ministry of Home Affairs, coordinates the activities related to combating cybercrime in the country. MHA works closely with other ministries to counter these frauds. The I4C also provides technical support to the police authorities of states/UTs for the identification and investigation of these cases. 

Best Practices to Avoid Digital Arrest Scams 

• To protect yourself from scams, it is crucial to verify the identity of individuals claiming to be law enforcement or government officials and use official contact channels to confirm their credentials. 
• Be cautious of pressure tactics used by fraudsters, especially demands for quick payment over unverified communication platforms like WhatsApp. 
• Cross-check official documents with legal advisors or relevant authorities. 
• Never share sensitive personal information, such as your Aadhaar number, over phone calls, emails, or messages without verifying the request's authenticity. 
• Avoid untraceable payments, such as cryptocurrency or prepaid cards, without validating the transaction's legitimacy, especially under duress. 
• Stay informed on scam techniques, particularly those involving impersonation and digital threats. 
• Enable Two-Factor Authentication (2FA) for sensitive online accounts to prevent misuse. 
• Consult advice from legal professionals if you receive threatening communication involving digital arrest or legal actions and do not take any action on the asks of persons posing as legitimate authorities. 
• In case of any cybercrime, you can file a complaint at cybercrime.gov.in or helpline number 1930. You can also seek assistance from the CyberPeace helpline at +91 9570000066.

Conclusion

The digital arrest of Vardhman Group's CEO underscores the increasing sophistication of cyber fraud schemes, which exploit fear and urgency, leading to severe financial and reputational harm. No one is immune from cybercrime, vigilance is essential at all leadership levels. While laws like the IT Act and initiatives taken by the I4C help combat cybercrime, rapidly evolving threats demand proactive safety measures. Beyond the possibility of financial loss, incidents like this jeopardise brand reputation, investor confidence, and operational stability. Be cautious of such threats and exercise due care and caution while navigating the digital landscape. Be aware of such kinds of scams and the manipulative tactics used by fraudsters to avoid them. By staying vigilant and aware we can avoid the growing scam of digital arrests. 

References

• https://www.business-standard.com/companies/news/digital-arrest-and-rs-7-crore-heist-how-vardhman-group-head-was-tricked-124100100832_1.html
• https://www.hindustantimes.com/business/vardhman-group-chairman-sp-oswal-duped-of-rs-7-crore-fraudsters-posed-as-cbi-101727666912738.html 
• https://www.msspalert.com/native/digital-arrests-the-new-frontier-of-cybercrime

‍