OPINION | The Blurring Battlefield: How Espionage, Cyber-Warfare, and Disinformation Are Redefining India–Pakistan Rivalry

by Prathik Jayaprakash

For the majority of the post-Independence era, espionage between India and Pakistan operated within the traditional paradigms of border infiltration, covert asset management in third-party nations, and diplomatic expulsions following counter-intelligence successes. While politically significant, these activities maintained a relatively distinct boundary between intelligence gathering and conventional warfare.

In the 21st century, this operational distinction has become increasingly blurred. The "target set" for intelligence agencies has expanded to encompass critical national infrastructure, including power grids, financial networks, satellite communications, and defense supply chains. Furthermore, public opinion and societal cohesion have emerged as primary engagements.

For India and Pakistan, two nuclear-armed states with a history of protracted conflict, this shift is strategically destabilizing. The migration of conflict into the "grey zone" lowers the threshold for confrontation while complicating attribution. Consequently, espionage has evolved from a supportive function of statecraft into a central instrument of hybrid warfare, integrating cyber intrusions, information operations, and economic coercion.

Conceptualizing Hybrid Warfare in the South Asian Security Complex

While "hybrid warfare" is often employed as a blanket term in security studies, it has specific relevance to the India-Pakistan dynamic. It denotes a synchronized strategy that blends conventional military capabilities with irregular tactics, cyber warfare, and influence operations to achieve strategic objectives below the threshold of declared war.

The possession of nuclear weapons by both states deters full-scale conventional conflict, thereby incentivizing non-conventional aggression. In this ecosystem, espionage serves as the operational prerequisite. It provides the intelligence required to map the adversary’s digital vulnerabilities, the access necessary to implant malware or other cyber-surveillance technology, and the plausibility required for deniability. Rather than operating in silos, intelligence agencies now coordinate activities across overlapping domains like digital networks, the information environment, and transnational financial systems. This approach allows states to impose costs without triggering the automatic escalation mechanisms associated with conventional military incursions.

The Cyber-Intelligence Nexus: From Reconnaissance to Offensive Capability

The fusion of espionage and warfare is most pronounced in the cyber domain. Historically, network breaches were primarily aimed at data exfiltration. Contemporary operations, however, are increasingly dual-use in nature. The same tactics used for intelligence collection can serve as a mechanism for pre-positioning malware that can be activated to degrade infrastructure during a crisis.

The scale of this threat is significant. Data from India’s Computer Emergency Response Team (CERT-In) indicates a sharp rise in incidents targeting government and critical infrastructure. Similarly, Pakistan’s digital infrastructure remains vulnerable, as evidenced by major breaches in its Federal Board of Revenue (FBR) and power sectors.

Critical infrastructure has thus become a frontline for "operational preparation of the environment," and a state actor may penetrate a power utility not to disrupt it immediately, but to map its architecture and fail-safes. This ambiguity presents a severe escalation risk. In the India-Pakistan context, a technical malfunction in a strategic sector, such as railway signaling or grid management, could be misattributed as a hostile act, potentially precipitating a response before forensic verification is possible.

Information Warfare: Weaponizing Narratives

If cyber operations target the state's hardware, information warfare targets its societal software. The ubiquity of internet access in South Asia has transformed social media platforms into the primary vector for psychological operations.

Modern espionage feeds this apparatus. Intercepted communications, hacked documents, or leaked intelligence are weaponized to construct narratives that undermine institutional trust and inflame nationalist sentiments. The objective shifts from persuasion to informational saturation, flooding the discourse with conflicting narratives to induce cognitive dissonance.

Empirical examples illustrate this trend. The "Indian Chronicles" investigation (2020) by EU DisinfoLab revealed a long-term influence operation utilizing fake media outlets to shape international perceptions against Pakistan. Conversely, Pakistan has effectively employed "5th Generation Warfare" narratives to frame internal dissent as externally sponsored subversion.

In this environment, high-value intelligence is sociological, requiring an understanding of the adversary's societal fault lines and the potential of specific narratives. During crisis events, such as terrorist attacks or border skirmishes, the actor who establishes information dominance in the initial hours often dictates the strategic narrative, constraining the diplomatic options of the opposing leadership.

Proxy Warfare and the Attribution Dilemma

The use of proxies is a well-established feature of the region's security architecture. However, the digital age has expanded the definition of a proxy to include non-state cyber actors, such as "hacktivist" collectives and independent nationalist groups.

These digital proxies offer states a layer of plausible deniability. Attacks on government websites or digital defacement campaigns can be attributed to independent actors, allowing the state to disavow responsibility. This lowers the barrier to entry for offensive operations; small groups with limited resources can inflict reputational damage or service disruption.

However, this creates a principal-agent problem. While states may foster a permissive environment for these actors, they risk losing operational control. A proxy group might target sensitive facilities such as hospitals or nuclear infrastructure, triggering an escalation that the state did not intend. As the distinction between state and non-state actions blurs, victim states are increasingly likely to hold sponsor states directly accountable for proxy actions.

Economic Espionage and Financial Weaponization

Hybrid warfare expands the scope of national security to include economic stability. Consequently, intelligence activities have increasingly targeted the financial domain. This extends beyond industrial espionage to the weaponization of financial intelligence for diplomatic leverage.

For Pakistan, the scrutiny of the Financial Action Task Force (FATF) demonstrated this dynamic. Intelligence regarding financial flows and regulatory deficiencies was instrumental in maintaining pressure via the "Grey List," resulting in high economic costs. Agencies are now tasked with mapping the adversary's financial networks to support sanctions regimes and diplomatic isolation.

Furthermore, direct threats to financial infrastructure constitute a potent coercive tool. Disinformation regarding banking stability, data leaks involving consumer financial data, or Distributed Denial-of-Service (DDoS) attacks on payment gateways can destabilize markets and erode investor confidence. In an era where sovereign credit ratings influence national defense procurement capabilities, economic espionage has become a critical front in the war of attrition.

Strategic Risks: Miscalculation and Unintended Escalation

The defining danger of this multi-domain environment is the absence of established rules of engagement. In conventional warfare, metrics such as troop mobilization offer observable indicators of escalation. In the hybrid domain, signals are ambiguous and prone to misinterpretation.

The speed of digital conflict exacerbates the risk of miscalculation. Malware designed for surveillance can unintentionally mutate or spread beyond its intended target, as seen in global incidents like NotPetya. If such an event impacts a critical sector in India or Pakistan during a period of heightened tension, the victim state faces a "use it or lose it" security dilemma. Domestic pressure, amplified by a hyperactive media ecosystem, may compel leadership to respond kinetically to a perceived digital provocation.

This creates a paradox, as states can employ hybrid tactics to avoid full-scale war; the cumulative effect of continuous cyber-probing and information warfare erodes strategic trust, thereby increasing the probability of conflict.

Looking Ahead

The trajectory of the India–Pakistan rivalry suggests a deepening of hybrid engagements, where the boundaries between peace and conflict are increasingly indistinct. However, this inherent volatility necessitates the urgent development of new stability mechanisms. To mitigate the risk of inadvertent escalation, several strategic measures must be prioritized.

Ultimately, the most effective deterrent against hybrid warfare is the cultivation of domestic resilience. This involves a two-pronged approach: significant investment in modernizing cybersecurity standards for aging legacy infrastructure and the widespread promotion of digital literacy to neutralize the efficacy of disinformation campaigns. As the convergence of espionage and warfare continues to challenge regional stability, recognizing the escalatory potential of these “grey-zone” activities is paramount. Establishing these measures is the only way to prevent a localized digital engagement from triggering a catastrophic conflict.

About Author

Prathik Jayaprakash is a journalist and researcher at Access Hub’s News and Editorials Division. His research areas include global affairs with a focus on historical context and theoretical analysis. E-mail: prathik@accesshub.world