Code of war: India and Pakistan take their battle to the (web)front

It’s no longer just bullets and bombs—now the battlefield stretches into cyberspace. Ever since the Pahalgam terror attack, tensions between India and Pakistan have taken a sharp turn into the digital world, with hacker groups from launching a series of high-stakes cyberattacks. From defacing military websites to spreading phishing malware, these digital skirmishes are far from being just geeky backdoor tactics. Instead, they’re a fierce extension of geopolitical strategy—testing each other’s limits. Let’s dive into the latest digital warfare unfolding between these two nations…Pakistan-sponsored hacker groups are intensifying their efforts to breach Indian military websites and databases, with a particular focus on sites linked to schools and veterans. In the latest wave of attacks, websites such as Army Public School Nagrota, Sunjuwan, and the Army Institute of Hotel Management were targeted, with several defaced pages mocking the victims of the Pahalgam incident.

ET sources have reported that at least two cyberattack groups, ‘Cyber Group HOAX1337’ and ‘National Cyber Crew’, have been active this week, launching repeated attempts to infiltrate Indian military-linked sites. “There have been consistent attacks aimed at websites connected to children, veterans, and civilians,” sources said, stressing that these are calculated provocations designed to test India’s restraint and provoke the armed forces.

These cyberattacks, they note, are part of a broader pattern of digital warfare by Pakistan, which has long used such tactics as an extension of its larger strategy of terrorism and information warfare. The continued ceasefire violations along the Line of Control (LoC) mirror this ongoing provocation.

Also Read: How Pakistan is preparing for the worst as India weighs response

In a particularly troubling development, a malicious PDF file, allegedly titled ‘Report & Update Regarding Pahalgam Terror Attack’, has been flagged by Indian cybersecurity experts. The document, linked to phishing domains that mimic official Indian government websites, is believed to be part of a larger scheme to compromise sensitive information.

India vs Pakistan on the cyber front

Experts predict that the cyberattacks will intensify, with Vishal Salvi, CEO of Quick Heal Technologies, highlighting a sharp escalation in Pakistan-backed cyber campaigns targeting Indian defence and critical infrastructure. His firm’s recent investigations revealed that hacker group APT36 (also known as Transparent Tribe) has been deploying advanced malware like CrimsonRAT and MeshAgent through sophisticated phishing attacks. “These cyber strikes coincide with rising DDoS surges and website defacements, all aimed at destabilizing public trust,” Salvi told ET earlier.Also Read: India eyes fund freeze for Pakistan after Pahalgam terror attack

Sundareshwar Krishnamurthy, a partner at PwC India, noted that cyberattacks have moved beyond isolated disruptions. “Cyberattacks have become deliberate extensions of geopolitical strategy,” he told ET earlier. “Every major flashpoint now triggers coordinated digital offensives aimed at undermining a country’s critical infrastructure.” The digital battlefield is evolving quickly, and both sides are adapting to evade detection and cause maximum disruption.

This escalation is not limited to government and military targets. Dhiraj Gupta, cofounder of mFilterIt, a fraud detection agency, revealed that social media bots and malicious ads have been increasingly used to shape narratives and spread chaos. mFilterIt reported a 10-15% rise in malicious ad placements on OTT platforms over the past week, with 70% of its clients affected by misleading ads.