The  massive leaks of 'signature data' of six Scorpene submarines' to be supplied to Indian Navy by DCNS, a company two thirds owned by the French Government, has rocked our defense establishment. The news of the data leak was published by 'The Australian'.

Submarines are vital parts of any modern navy because of their ability to sneak underwater and strike. Stealth capabilities are essential for a submarine's sneak and surprise attacks. When a submarine moves it emits engine and propeller noise, creates acoustic waves underwater, and emit infra read (heat) and other electromagnetic radiation.  Every submarine has characteristics patterns of the above signals. A submarine's presence, location, and movement can be determined if its 'signatures' are known.

If 'signatures' of the Scorpenes meant for Indian Navy have fallen in enemy hands, their stealth capabilities are practically nullified. 

'The Australian' reported (source ) that

"The leaked DCNS data details the secret stealth capabilities of the six new Indian submarines, including what frequencies they gather intelligence at, what levels of noise they make at various speeds and their diving depths, range and endurance - all sensitive information that is highly classified. The data tells the submarine crew where on the boat they can speak safely to avoid ­detection by the enemy. It also discloses magnetic, electromagnetic and infra-red data as well as the specifications of the submarine’s torpedo launch system and the combat system."

Ascertaining the truth

The veracity of the leaked data is being ascertained, but the fact is that not just India, but Australia, Malaysia, Chile, and Russia are worried about the leaks of sensitive information related to their defense purchases from DCNS which are part of the leaked data.

It is quite likely that the India-bound Scorpene submarines' stealth capabilities are severely compromised as per these posts in The Quint , Quartz  and Livefist Defense

On the other hand, Vice Admiral (Retired) Arun Kumar Singh says the leaked information would be commercial in nature and that INS Kalvari's (one of the Scorpenes) noise ranging trials -which help pinpoint its audio fingerprint or signature -hasn't been done yet. So according to Vice Admiral Arun Kumar Singh there is little possibility our Scorpene 'signatures or 'fingerprints' falling into wrong hands.  (Source )

India's Defense Ministry and Indian Navy's experts will assess the extent of damage to Indian Navy's preparedness levels over next a couple of decades and will decide what all needs to be done to contain it.

In the worst case scenario, Indian Navy faces a setback of a decade of efforts.

Was it a data theft or a hack?

'The Australian' further reports that the Scorpene data was 'written' in France for India in 2011 and was possibly removed from France by a former French Navy officer, a DCNS subcontractor. The data then was taken to a company to in Southeast Asia for a regional Navy. It was passed a third party to another company in the region before being sent on a data disk by regular mail.

From the above it appears that it was a data 'theft' by an insider and not a 'hack' as stated by Defense Minister Manohar Parrikar: "The Navy Chief has been asked to analyze as to what exactly has been leaked,” Parrikar told reporters today. “This came to my knowledge at 12 midnight. It looks like a case of hacking,” Parrikar said, adding that the, “first step is to identify if it is related to us.” (Source )

There is a critical difference between a theft and a hack. In modern digital world, a hack doesn't need any physical access to a factory or a dockyard, design and engineering office, or a laboratory. Hackers can breach target computer systems from anywhere in the world and not just access data but they also trigger mala fide operations.

India's preparedness for cyber warfare

Countries like China are developing massive cyberwar capabilities like espionage, intellectual property thefts, and decapacitating enemy operations.  For example, M. K. Narayanan, India’s then National Security Adviser, said his office and other government departments were targeted on December 15, (2010) the same date that US companies reported cyber attacks from China. (Source )

The successive Congress governments have undermined India's defense preparedness in not just conventional military warfare but it also in cyber warfare.

If Scorpene data theft can cause so much damage, the consequences of cyber warfare can only be apocalyptic.  

Not much information on India's cyber war readiness is available. One hopes that India's defense preparedness plans include strong cyber warfare capabilities.