Future Indo-Pak Tensions May Be Driven by Cyber Attacks and GPS Disruptions: CPS Security Expert

India, Nov 10 : Traditional visions of India–Pakistan conflict involving tanks, fighter jets, and troop deployments are rapidly becoming outdated, says K.S. Manoj, a leading Cyber Physical System (CPS) security expert. In a recent analysis, Manoj highlights that future hostilities are likely to unfold through cyber physical attacks and GPS disruptions rather than conventional warfare.

According to Manoj, Pakistan’s economic challenges, political instability, and nuclear deterrence reduce the likelihood of a full-scale war. However, cyber operations offer a low-cost, deniable, and strategically advantageous alternative. “In the new domain, attackers don’t need missiles  they only need access,” he notes.

CPS systems, which integrate software with real world processes to control power grids, water systems, railways, factories, aviation, and hospitals, are increasingly vulnerable due to internet connectivity and remote management. A primary target is India’s GPS/GNSS-based timing infrastructure, crucial for power grid synchronization, telecom networks, aviation, stock markets, and emergency services. Even minor tampering could trigger cascading blackouts, communication failures, or aviation risks.

Manoj warns that adversaries can exploit GPS without controlling satellites, using low-cost jammers or spoofers to manipulate timing and location data. Hybrid attacks combining radio-frequency interference with cyber infiltration further increase detection difficulty. Legacy industrial protocols like Modbus, DNP3, and IEC-101/104, lacking encryption and authentication, remain key vulnerabilities.

To defend against these threats, Manoj recommends strict network segmentation, zero-trust access, firmware integrity monitoring, operator training for GPS-denied scenarios, and multi constellation navigation systems including GPS, GLONASS, Galileo, and India’s NavIC. He also urges RF monitoring at airports, ports, and substations, and regular emergency drills.

Policy reforms are critical, including secure by design procurement, supply-chain audits, mandatory CPS incident reporting, and joint simulations across sectors such as power, aviation, and telecom. Coordination between CERT-IN, NCIIPC, and sector-specific CERTs is vital for real-time threat response.

“A coordinated campaign targeting CPS could disrupt electricity, scramble flights, distort telecom traffic, and destabilize financial markets   all without a single soldier on the move,” Manoj warns. He concludes that India must treat CPS and GPS protection with the same strategic importance as physical border security. “In tomorrow’s conflicts, stability may hinge less on firepower and more on defending invisible signals and the silent logic of machines.”