India has accused Pakistan-linked hacker groups of carrying out a coordinated cyber campaign targeting its military and government systems using artificial intelligence powered spyware, according to a report published by CNN-News18.
The report cites unnamed intelligence officials claiming that the cyberattacks were aimed at infiltrating sensitive defence communication networks, intelligence databases, and government portals. The alleged operations reportedly leveraged AI-driven malware designed to evade traditional security detection by learning system patterns and adapting in real time.
“These intrusions are not routine phishing or defacement attempts. The tools being deployed show advanced automation and persistent targeting consistent with state-backed cyber operations,” an Indian cybersecurity official told News18.
The Alleged AI Spyware Campaign
According to Indian media, the malicious tools were capable of autonomous reconnaissance, credential harvesting, and data exfiltration from military networks. The campaign allegedly targeted infrastructure linked to the Military Engineering Services (MES), Defence Research and Development Organisation (DRDO), and various government data centres.
Officials claimed the command-and-control servers used in the operation were traced to Pakistan-based IP addresses and third-party servers in West Asia, suggesting what they called “deliberate masking” to obscure origin.
The alleged malware is said to have used machine learning algorithms to bypass endpoint security systems and encrypt communications, making it significantly harder to detect through conventional antivirus or firewall tools.
India’s Position: State-Backed Involvement Suspected
Indian security sources have linked the attack pattern to APT36 (Transparent Tribe) — a hacker collective that cybersecurity firms have previously associated with Pakistan. The group has been accused in earlier reports of targeting Indian military personnel through phishing campaigns and Android-based spyware.
The current operation, however, appears more advanced. Indian media reports describe the attacks as part of a “persistent, AI-enhanced espionage effort”, allegedly backed by Pakistani cyber intelligence networks.
“The use of artificial intelligence in spyware suggests access to substantial resources and expertise. These are not amateur operations,” said a cybersecurity analyst quoted in CNN-News18’s coverage.
Pakistan’s Reaction
As of Friday, Pakistan’s Foreign Ministry and the Inter-Services Public Relations (ISPR) have not issued an official response to the allegations. Pakistani cyber experts, however, have criticized the claims as politically motivated and lacking evidence.
“India has a pattern of attributing cyber incidents to Pakistan without publishing any verifiable forensic data—such as code samples, network logs, or malware signatures,” said a senior cybersecurity researcher in Islamabad. “Attribution in cyberspace is extremely complex. Without transparent evidence, such claims remain speculative.”
Independent analysts also noted that AI-enabled malware is becoming common across global threat actors, including those in Europe, the Middle East, and East Asia, and warned that assigning blame without technical validation could escalate regional tensions.
A Pattern of Escalation
The allegations come shortly after Delhi’s Indira Gandhi International Airport faced GPS spoofing incidents and an air traffic control system failure, which caused massive flight delays earlier this week. Although Indian authorities have not officially connected the two events, the timing has intensified debate around potential cyber vulnerabilities in India’s critical infrastructure.
Defence watchers in New Delhi have called for enhanced coordination between military cyber commands and civilian CERT-In agencies, emphasizing that the threat landscape is evolving beyond traditional phishing or ransomware into AI-assisted espionage and information warfare.
The reported attacks underscore a broader shift in cyber warfare, where artificial intelligence is used to automate intrusion, mimic human behavior, and alter digital fingerprints dynamically. Security experts say these developments are reshaping modern espionage.
“This is the future of digital conflict—AI-driven, stealthy, and persistent,” said a London-based cybersecurity consultant. “Whether or not Pakistan is involved, the South Asian cyber domain is entering a new era where human analysts alone can no longer keep pace.”
Indian authorities have reportedly escalated the investigation to the National Critical Information Infrastructure Protection Centre (NCIIPC) and CERT-In, while seeking regional cybersecurity cooperation.
Pakistan’s cyber policy community, meanwhile, has urged for evidence based dialogue rather than blame-based reporting.
For now, both countries remain on high alert as cybersecurity analysts warn that AI-powered attacks and attribution disputes could become the next frontier of Indo-Pak digital rivalry.
