#FactCheck - Digitally Altered Image Falsely Shows World Bank President Ajay Banga Holding Khalistani Flag

Introduction

The most recent cable outages in the Red Sea, which caused traffic to slow down throughout the Middle East, South Asia, and even India, Pakistan and several parts of the UAE, like Etilasat and Du networks, also experienced comparable internet outages, serve as a reminder that the physical backbone of the internet is both routine and extremely important. Cloud platforms reroute traffic, e-commerce stalls, financial transactions stutter, and governments face the fragility of something they long believed to be seamless when systems like SMW4 and IMEWE malfunction close to Jeddah. Concerns over the susceptibility of undersea information highways have been raised by the incident. Given the ongoing conflict in the Red Sea region, where Yemen’s Houthi rebels have been waging a campaign against commercial shipping in retaliation for the Israel-Hamas war in Gaza.  The effects are seen immediately. The argument over whether global connection is genuinely robust or just operating on borrowed time was reignited by these recent failures, which compelled key providers to reroute flows. 

A geopolitical signal is what looks like a “technical glitch.” Accidents in contested waters are rarely simply accidents, and the inability to quickly assign blame highlights how brittle this ostensibly flawless digital world is. 

The Paradox of Essential yet Exposed Infrastructure

This is not an isolated accident. Undersea cables, which carry more than 97% of all internet traffic worldwide, connect continents at the speed of light, and support the cloud infrastructures that contemporary societies rely on, are the brains of the digital economy., as cautioned by NATO’s Cooperative  Cyber Defence Centre of Excellence. In a sense, they are our unseen electrical grid; without them, connectivity breaks down. However, they continue to be incredibly fragile in spite of their significance. Anchors and fishing gear frequently damage cables, which are no thicker than a garden hose, and they break more than a hundred times annually on average. Most faults can be swiftly fixed or relocated, but when several cuts happen in strategic areas, like the 2022 Tonga eruption or the current Red Sea crisis, nations and economies are exposed to being isolated for days. 

The geopolitical risks are far more urgent. Subsea cables traverse disputed waters, land in hostile regimes, and cross oceans without regard for political boundaries. This makes them appealing for espionage, where state actors can tap or alter flows covertly, as well as sabotage, when service is interrupted to prevent access. Deliberate cable strikes have been likened by NATO specialists to the destruction of bridges or highways: if you choke the arteries, you choke the economy. Ironically, the most susceptible locations are not far below the surface but rather where cables emerge. These landing sites, which handle billions of dollars’ worth of trade, can have less security than a conventional bank office.

The New Theatre of Geopolitics 

Legal frameworks exist, but they are patchwork. Intentional damage is illegal under the UN Convention on the Law of the Sea and previous agreements, but attribution is still infamously challenging. Covert sabotage and intelligence operations are examples of legal grey areas in hybrid warfare scenarios. Even during times of peace, national governments that rely on their continuous operation but find it difficult to extend sovereignty into international waters, private telecom consortia, and content giants like Google and Amazon that now finance their own cables share the burden of protection.

Cables convey influence in addition to data. Strategic leverage belongs to whoever can secure them, tap them or cut them during a fight. Even though landing stations are the entry points for billions of dollars’ worth of international trade, they frequently offer less security than a commercial bank branch. 

India at the Crossroads of Digital Geopolitics 

India’s reliance on underwater cables presents both advantages and disadvantages. India presents a classic single-point-of-failure danger, with more than 95% of its international data traffic being routed through a 6-km coastal stretch close to Versova, Mumbai. Red Sea disruptions have previously demonstrated how swiftly chokepoints located far from India’s coast may impede its digital arteries, placing a burden on government functions, defence communications, and financial flows. However, this same vulnerability also makes India a crucial player in the global discussion around digital sovereignty. It is not only an infrastructure exercise; it is also a strategic and constitutional necessity to be able to diversify landing places, expedite clearances, and develop indigenous repair capability.

India’s geographic location also presents opportunities. India’s location along East-West cable lines makes it an ideal location for robust connectivity as the Indo-Pacific region becomes the defining region of geopolitics in the twenty-first century. India may change from being a passive recipient of connectivity to a shaper of its governance by investing in distributed cable architecture and strengthening partnerships through initiatives like Quad and IPEF. Its aspirations for global influence must be balanced with its home regulatory lethargy. By doing this, India can secure not only bandwidth but also sovereignty itself by converting subsea cables from hidden liabilities into tools of economic might and geopolitical leverage. 

CyberPeace Insights 

If cables are considered essential infrastructure, then their safety demands the same level of attention that we give to ports, airports, and electrical grids. Stronger landing station defences, redundancy in route, and sincere public-private collaborations are now a necessity rather than an option.

The Red Sea incident is a call to action rather than a singular disruption. The robustness of underwater cables will determine whether the internet is a sustainable resource or a brittle luxury susceptible to the next outage as reliance on the cloud grows and 5G spreads. 

References

• https://forumias.com/blog/answered-assess-the-strategic-significance-of-undersea-cable-networks-for-indias-digital-economy-and-national-security-discuss-the-vulnerabilities-of-this-infrastructure-and-suggest-measures-to-e/ 
• https://www.reuters.com/world/middle-east/red-sea-cable-cuts-disrupt-internet-across-asia-middle-east-2025-09-07/ 
• https://pulse.internetsociety.org/blog/what-can-we-learn-from-africas-multiple-submarine-cable-outages 

‍

In the digital era of the present day, a nation’s strength no longer gets measured only by the number of missiles or aircraft it has in its inventory. Rather, it also calls for defending the digital borders. Major infrastructures like power grids and dams are increasingly being targeted by cyberattacks in the global security environment that modern militaries operate in. When communication channels are vulnerable to an information breach, cybersecurity becomes a crucial component of national defence. 

‍

Why is cybersecurity a crucial national security concern in the modern era?

‍

The technologies and procedures that shield digital devices, networks, and systems from unwanted access or attacks are referred to as cybersecurity. Cyberattacks are silent in the context of national security, in contrast to conventional warfare. They are swift and are also capable of causing a massive disruption without even a single case of physical infiltration. However, hostile states, terrorist organisations, or criminal networks may be able to steal any classified information or disrupt military infrastructure due to a cybersecurity breach in a military network. 

To fully comprehend the significance of cybersecurity, let's examine the various approaches, such as: 

‍

• Protecting critical infrastructures- Today's nations rely heavily on digital networks to run vital services like banking, transportation, electricity, water supply, and healthcare. Therefore, a cyberattack on these systems could cause problems across the country and interfere with our daily activities. Therefore, it is also seen that the military forces of a nation closely work in synergy with other government agencies and private organizations to create a strong ecosystem of security in this sector. 

• Safeguarding military operations in the present age- The armed forces heavily rely on digital tools for communication, mission planning, surveillance, and coordination. In case the cyber intruders get access to those systems, then a lot of major operational hurdles can come up in the form of breach of mission details, disruption of channels, and compromise of the confidentiality of military operations. These are certain conditions that make cybersecurity an important aspect for protecting the physical bases and the security architectures. 
• Preventing cyber warfare- With the evolution of the geopolitical landscape, state and non-state actors are now resorting to cyberattacks to gather intelligence, disrupt security networks, and influence political outcomes. Still, strong cybersecurity can help nations to ensure, detect, defend, and respond to threats in an effective manner. 
• Securing government databases- The government databases are known for storing sensitive information about the citizens, military assets, diplomatic data, and vital information related to major national infrastructures. If these get compromised, then it can weaken the strategic position of the nation and put the national security of the nation at a grave risk. Therefore, it becomes necessary to protect government data as a priority. 

‍

How can countries improve their cybersecurity defences?

‍

Countries all over the world are developing their cyber capabilities using a variety of tactics to protect against the increasing number of cyber threats. A few of these can be interpreted as;

• Creating cyber defence units- The majority of contemporary armed forces have created specialised cyber domains devoted to threat identification. Their responsibilities have been centred on keeping an eye on those dangers, stopping intrusions, and reacting quickly to cyberattacks. 
• Public-Private Partnerships- To safeguard vital industries like energy grids, financial networks, and communication systems, the government collaborates with private businesses and technology suppliers. Additionally, these collaborations foster innovation to improve the overall defence against cyberattacks.

• Establishing international collaborations- Cyber threats do not respect our borders. As a result, which countries are increasing their share of intelligence, best practices, and defensive strategies with their allies? Groups like NATO have conducted a joint cyber defence exercise to prepare for dealing with a digital future. 

However, these collaborations can help to develop a united front against cybercrime. 

‍

Core Pillars of the modern military cyber defence

‍

The modern defence strategies have been built upon several key designated pillars that are designed to prevent, detect, and respond to cyber threats, which can be mentioned as; 

• Cyberspace as an operational domain- Militaries have now begun to treat cyberspace like the land, air, sea, and space as domains where wars can both begin and also end. Developing some dedicated cyber units to conduct digital operations to defend networks and engage in a range of counter-cyber activities when required. 
• Active and proactive defence- Instead of passively waiting for the attacks to happen, real-time monitoring tools are used for blocking the threats that arise. Proactive defence goes a step further by hunting for potential threats before they can reach the networks. 
• • Protection of vital infrastructures- The armed forces collaborate closely with civilian organisations and agencies to secure vital infrastructures that are important to the country. Critical infrastructure is protected from cyberattacks by layered defence, which includes encryption, stringent access control, and ongoing monitoring. 
• • Strengthening alliances- Countries can develop a strong and well-coordinated defence system by exchanging intelligence to carry out cooperative cyber operations. 
• Fostering innovation for the development of a workforce- Cyber threats evolve at a rapid pace, which calls for the military to invest in advanced technologies like AI-driven systems, secure cloud technologies, besides ensure continuous training related to cybersecurity.   

‍

Conclusion

‍

The modern militaries have adopted the method of protecting digital networks to defend their land and seas. Cybersecurity has become the new line of defence to protect government data and vital defence infrastructure from serious and unseen threats. The countries are building a secure, robust, and resilient digital future with the aid of solid alliances, cutting-edge technologies, knowledgeable workers, and a proactive defence strategy. 

‍

References

‍

• https://www.ssh.com/academy/cyber-defense-strategy-dod-perspective#:~:text=Defence%20organizations%20are%20prime%20targets,SSH%20Key%20Management%20and%20Compliance
• https://www.fortinet.com/resources/cyberglossary/cyber-warfare#:~:text=Advanced%20endpoint%20security%20adds%20proactive,information%20by%20halting%20unauthorized%20transfers
• https://medium.com/@lynnfdsouza/the-impact-of-cyber-warfare-on-modern-military-strategies-c77cf6d1a788
• https://ccoe.dsci.in/blog/why-cybersecurity-is-critical-for-national-defense-protecting-countries-in-the-digital-age 

‍

Introduction:

This report examines ongoing phishing scams targeting "State Bank of India (SBI)" customers, India's biggest public bank using fake SelfKYC APKs to trick people. The image plays a part in a phishing plan to get users to download bogus APK files by claiming they need to update or confirm their "Know Your Customer (KYC)" info.

Fake Claim:

A picture making the rounds on social media comes with an APK file. It shows a phishing message that says the user's SBI YONO account will stop working because of their "Old PAN card." It then tells the user to install the "WBI APK" APK (Android Application Package) to check documents and keep their account open. This message is fake and aims to get people to download a harmful app.

Key Characteristics of the Scam:

• The messages "URGENTLY REQUIRED" and "Your account will be blocked today" show how scammers try to scare people into acting fast without thinking.
• PAN Card Reference: Crooks often use PAN card verification and KYC updates as a trick because these are normal for Indian bank customers.
• Risky APK Downloads: The message pushes people to get APK files, which can be dangerous. APKs from places other than the Google Play Store often have harmful software.
• Copying the Brand: The message looks a lot like SBI's real words and logos to seem legit.
• Shady Source: You can't find the APK they mention on Google Play or SBI's website, which means you should ignore the app right away.

Modus Operandi:

• Delivery Mechanism: Typically, users of messaging services like "WhatsApp," "SMS," or "email" receive identical messages with an APK link, which is how the scam is distributed.
• APK Installation: The phony APK frequently asks for a lot of rights once it is  installed, including access to "SMS," "contacts," "calls," and "banking apps."
• Data Theft: Once installed, the program may have the ability to steal card numbers, personal information, OTPs, and banking credentials.
• Remote Access: These APKs may occasionally allow cybercriminals to remotely take control of the victim's device in order to carry out fraudulent financial activities.

While the user installs the application on their device the following interface opens: 

‍

‍

It asks the user to allow the following:

• SMS is used to send and receive info from the bank.
• User details such as Username, Password, Mobile Number, and Captcha. 

Technical Findings of the Application:

Static Analysis:

• File Name: SBI SELF KYC_015850.apk
• Package Name: com.mark.dot.comsbione.krishn
• Scan Date: Sept. 25, 2024, 6:45 a.m.
• App Security Score: 52/100 (MEDIUM RISK)
• Grade: B

File Information:

• File Name: SBI SELF KYC_015850.apk
• Size: 2.88MB
• MD5: 55fdb5ff999656ddbfa0284d0707d9ef
• SHA1: 8821ee6475576beb86d271bc15882247f1e83630
• SHA256: 54bab6a7a0b111763c726e161aa8a6eb43d10b76bb1c19728ace50e5afa40448

App Information:

• App Name: SBl Bank
• Package Name:: com.mark.dot.comsbione.krishn
• Main Activity: com.mark.dot.comsbione.krishn.MainActivity
• Target SDK: 34
• Min SDK: 24
• Max SDK:
• Android Version Name:: 1.0
• Android Version Code:: 1

App Components:

• Activities: 8
• Services: 2
• Receivers: 2
• Providers: 1
• Exported Activities: 0
• Exported Services: 1
• Exported Receivers: 2
• Exported Providers:: 0

Certificate Information:

• Binary is signed
• v1 signature: False
• v2 signature: True
• v3 signature: False
• v4 signature: False
• X.509 Subject: CN=PANDEY, OU=PANDEY, O=PANDEY, L=NK, ST=NK, C=91
• Signature Algorithm: rsassa_pkcs1v15
• Valid From: 20240904 07:38:35+00:00
• Valid To: 20490829 07:38:35+00:00
• Issuer: CN=PANDEY, OU=PANDEY, O=PANDEY, L=NK, ST=NK, C=91
• Serial Number: 0x1
• Hash Algorithm: sha256
• md5: 4536ca31b69fb68a34c6440072fca8b5
• sha1: 6f8825341186f39cfb864ba0044c034efb7cb8f4
• sha256: 6bc865a3f1371978e512fa4545850826bc29fa1d79cdedf69723b1e44bf3e23f
• sha512:05254668e1c12a2455c3224ef49a585b599d00796fab91b6f94d0b85ab48ae4b14868dabf16aa609c3b6a4b7ac14c7c8f753111b4291c4f3efa49f4edf41123d
• PublicKey Algorithm: RSA
• Bit Size: 2048
• Fingerprint: a84f890d7dfbf1514fc69313bf99aa8a826bade3927236f447af63fbb18a8ea6
• Found 1 unique certificate

‍

App Permission 

‍

‍

1. Normal Permissions

• Access_network_state: Allows the App to View the Network Status of All Networks.
• Foreground_service: Enables Regular Apps to Use Foreground Services.
• Foreground_service_data_sync: Allows Data Synchronization With Foreground Services.
• Internet: Grants Full Internet Access.

2. Signature Permission:

• Broadcast_sms: Sends Sms Received Broadcasts. It Can Be Abused by Malicious Apps to Forge Incoming Sms Messages.

3. Dangerous Permissions:

• Read_phone_numbers: Grants Access to the Device’s Phone Number(S).
• Read_phone_state: Reads the Phone’s State and Identity, Including Phone Features and Data.
• Read_sms: Allows the App to Read Sms or Mms Messages Stored on the Device or Sim Card. Malicious Apps Could Use This to Read Confidential Messages.
• Receive_sms: Enables the App to Receive and Process Sms Messages. Malicious Apps Could Monitor or Delete Messages Without Showing Them to the User.
• Send_sms: Allows the App to Send Sms Messages. Malicious Apps Could Send Messages Without the User’s Confirmation, Potentially Leading to Financial Costs.

On further analysis on virustotal platform using md5 hash file, the following results were retrieved where there are 24 security vendors out of 68, marked this apk file as malicious and the graph represents the distribution of malicious file in the environment.

‍

‍

Key Takeaways:

• Normal Permissions: Generally Safe for Accessing Basic Functionalities (Network State, Internet).
• Signature Permissions: May Pose Risks When Misused, Especially Related to Sms Broadcasts.
• Dangerous Permissions: Provide Sensitive Data Access, Such as Phone Numbers and Device Identity, Which Can Be Exploited by Malicious Apps.
• The Dangerous Permissions Pose Risks Regarding the Reading, Receiving, and Sending of Sms, Which Can Lead to Privacy Breaches or Financial Consequences.

How to Identify the Scam:

• Official Statement: SBI never asks clients to download unauthorized APKs for upgrades related to KYC or other services. All formal correspondence takes place via the SBI YONO app, which may be found in reputable app shops.
• No Immediate Threats: Bank correspondence never employs menacing language or issues harsh deadlines, such as "your account will be blocked today."
• Email Domain and SMS Number: Verified email addresses or phone numbers are used for official SBI correspondence. Generic, unauthorized numbers or addresses are frequently used in scams.
• Links and APK Files: Steer clear of downloading APK files from unreliable sources at all times. For app downloads, visit the Apple App Store or Google Play Store instead.

CyberPeace Advisory:

• The Research team recommends that people should avoid opening such messages sent via social platforms. One must always think before clicking on such links, or downloading any attachments from unauthorised sources.
• Downloading any application from any third party sources instead of the official app store should be avoided. This will greatly reduce the risk of downloading a malicious app, as official app stores have strict guidelines for app developers and review each app before it gets published on the store.
• Even if you download the application from an authorised source, check the app's permissions before you install it. Some malicious apps may request access to sensitive information or resources on your device. If an app is asking for too many permissions, it's best to avoid it.
• Keep your device and the app-store app up to date. This will ensure that you have the latest security updates and bug fixes.
• Falling into such a trap could result in a complete compromise of the system, including access to sensitive information such as microphone recordings, camera footage, text messages, contacts, pictures, videos, and even banking applications and could lead users to financial loss.
• Do not share confidential details like credentials, banking information with such types of Phishing scams.
• Never share or forward fake messages containing links on any social platform without proper verification.

Conclusion:

Fake APK phishing scams target financial institutions more often. This report outlines safety steps for SBI customers and ways to spot and steer clear of these cons. Keep in mind that legitimate banks never ask you to get an APK from shady websites or threaten to close your account right away. To stay safe, use SBI's official YONO app on both systems and get apps from trusted places like Google Play or the Apple App Store. Check if the info is true before you do anything turn on 2FA for all your bank and money accounts, and tell SBI or your local cyber police about any scams you see.

‍