The Pegasus spyware has been alleged to have been found on phones of some Indian politicians and journalists, which makes the alarm bells go louder with Apple’s latest warning. GoI has not acknowledged any dealings with NSO, the Israeli company that made Pegasus, and a technical committee set up by the Supreme Court could not confirm its use. India’s surveillance laws have an absolute ban on hacking. India has cybersecurity agreements with the US, which blacklists companies like NSO, and with Israel.
Technology companies are also flagging heightened security risks from Indian antitrust action that seeks to unbundle software and hardware. Vulnerabilities to malware are appearing in areas opening up for third-party developers. This renders the cybersecurity environment more vulnerable to attacks, particularly from targeted ones by state actors harder to detect. Cybersecurity requires continually evolving engagement between lawmakers and the tech industry. This requires harmonised regulatory structures across jurisdictions.