Hyderabad: Not all heroes wear capes or uniforms. Many lurk around in the deep, dark recesses of the cyber world to protect the country’s cyberspace, especially when the enemy comes calling.When the country came under attack from Pakistani drones, missiles, and artillery during Operation Sindoor in response to the Pahalgam terror attack, politically, socially, and religiously motivated hacktivist groups from countries such as Pakistan, Turkey, Bangladesh, Malaysia, Indonesia, and even Iran tried to breach India’s cyberspace.Countering the cyber missiles rained by pro-Pakistan hackers and hacktivist groups such as APT36 (Transparent Tribe), Team Insane PK, SideCopy, AnonSec, Keymous+, Mr Hamza, Anonymous VNLBN, Arabian Hosts, Islamic Hacker Army, Sylhet Gang, Red Wolf Cyber, and Iranian groups like Vulture, were pro-India hacker and hacktivist groups, who burned the midnight oil to defend the country’s cyber front.Dedicated Indian hacker and hacktivist groups such as Indian Cyber Force (ICF), Indian Cyber Defender, WhiteHorse, Cyber Warriors India, AnonOpsIndia, Kerala Cyber Warriors, Kerala Cyber Xtractors, and Unknown Cyber Cult, just to name a few, threw in cyber warfare moves of their own to counter the enemy, sources told TOI.“Indian groups too mounted attacks such as DDoS, spear phishing, ransomware, persistence to exploit the backdoor vulnerabilities in enemy systems, as well as social engineering attacks, among others,” said an Indian cyber expert, who declined to be identified.Among the most active and vocal on social media were groups such as Indian Cyber Force (ICF), Kerala Cyber Xtractors, and Indian Cyber Defender that listed out the victories they notched in breaching enemy systems even as Operation Sindoor was on in full swing.Indian Cyber Force claimed to breach the IRIS portal of the Federal Board of Revenue of Pakistan, the employee portal of Pakistan’s largest bank, Habib Bank Ltd, and Bahawalpur-based Pakistan Islamia University, exposing all the names on their databases along with phone numbers, residential addresses, and tax records, and said it was successful in getting their systems shut down after the breach.ICF also claimed it hacked into Pakistan’s surveillance systems with over 1,000 CCTV cameras of Pakistan govt facilities, industrial zones, private corporations, banks, and schools under its control.Kerala Cyber Xtractors announced it defaced the Pakistan Ordnance Factory website, took down websites of Islamabad and Karachi airports, and hacked and leaked Pakistan’s NADRA (National Database and Registration Authority) user data, among other exploits.On the other hand, Unknown Cyber Cult, which in March end this year announced they were shutting down permanently, decided to stage a comeback during Op Sindoor and announced they hacked Pakistan’s logistics management information system.Another pro-Indian hacker group, 7 Proxies Squad, claimed to have hacked Pakistan’s railway land management information systems.However, most preferred to work in the shadows of anonymity, quietly defending the country while chipping away at enemy defences.“The HR management systems, procurement systems of Pakistani govt, military and civilians, mail servers, and database servers of govt and quasi-govt organisations as well as private players were all targeted,” said another source, who is part of an Indian hacker group.Pointing to the rapidly changing face of warfare and shifting battlefields, armed forces veteran and cybersecurity expert Col Nidhish Bhatnagar said the enemy today no longer sports a uniform or mounts an attack across the country’s borders.“The enemy today is cloaked in digital deception and attacks you through code. It manipulates minds, cripples critical systems, and erodes morale without firing a single bullet. This is the new theatre of war where psychological manipulation, digital subversion, and algorithmic attacks precede kinetic action,” Col Bhatnagar said.He also termed India’s Operation Sindoor as a masterclass in contemporary warfare as it spanned multiple fronts.“The operation showcased strategic coordination, real-time intelligence, and dominance not just in air and ground, but in cyberspace where the battle for control now begins. We struck not just physical targets but also neutralised hostile command structures, crippled communication networks, exposed disinformation campaigns, and disrupted critical infrastructure. The intent was clearly to paralyse the adversary’s capacity before they could mobilise it,” Col Bhatnagar said.But we need a bigger army of cyber warriors, especially as rival nations like China have a huge cyberforce at their disposal.“India has just around 20,000 certified cybersecurity professionals vis-a-vis China’s around 1 lakh,” said Dr Prasad Patibandla, director of Research & Operations at the Centre for Research on Cyber Intelligence and Digital Forensics (CRCIDF) and digital forensic expert.“After the Pahalgam incident on April 22, 2025, when Pakistan launched 1.5 million cyberattacks, including DDoS attacks, made 10 SCADA (supervisory control and data acquisition) compromises in the energy sector, and 1,744 web server wipes,” he said.Cyber experts across the board stressed on the critical need for India to beef up its cybersecurity layers and preparedness.“The wide range of cyber-attacks attempted by state-sponsored and pro-Pakistani hackers and hacktivist groups mounted during Operation Sindoor highlight the evolving sophistication of cross-border cyber threats that our defence systems must continuously counter,” said Suhas Gopinath, CEO, Globals, a cybersecurity and threat intelligence company.“If we fail to defend our digital frontlines with the same resolve as our physical borders, we risk losing the war before it even begins,” said Col Bhatnagar, calling for India to have its own dedicated group like Israel’s Unit 8200 that specialises in cyberwarfare, surveillance, counterintelligence, and clandestine operations.Advocating a more aggressive approach, Manish Yadav of the Center for Research on Cyber Intelligence and Digital Forensics, pointed out that till now the Indian govt has adopted only a defensive approach to cyberwarfare but may to change its strategy to keep the option of online surgical strikes open, if need be, in future.Suggesting a holistic approach, Dr Patibandla said: “Policy reforms — unified strategy, counter-narrative units, and PPPs (public private partnerships) — combined with increased funding and training, can elevate India to a second-tier cyber power by 2030. Without these, India risks being a soft target in an era where cyberattacks are as critical as kinetic strikes.”India also needs to adopt key technologies on a war footing to boost its cyber warfare readiness, experts said.“India’s cyber warfare readiness is evolving but remains outpaced by adversaries like China and Pakistan, who exploit its fragmented policies, defensive focus, and infrastructure vulnerabilities. High-profile incidents like the 2020 Mumbai outage and 2022 AIIMS attack underscore the need for advanced technologies like AI, zero-trust, quantum cryptography, and a robust offensive doctrine,” said Dr Patibandla.Even during Op Sindoor, he pointed out how “Chinese-backed groups amplified the campaign with disinformation, falsely claiming 70% of India’s power grid was disabled. India’s decentralised cyber response and lack of offensive counter-strikes allowed adversaries to dominate the narrative and operational tempo.”To remedy this, Dr Patibandla mooted raising cybersecurity funding to around 1% of GDP from 0.1% or Rs759 crore to train 1 lakh cyber professionals by 2030 through programmes such as National Cyber Security Scholarship.“India needs around 3 million cyber experts by 2030 and next-gen tools like quantum cryptography. China’s $15 billion annual cyber budget currently supports a 1 lakh strong hacker ecosystem,” Dr Patibandla said.