Contemporary conflict between state actors increasingly unfolds in the grey-zone area, an ambiguous space that lies below the threshold of declared war, yet provides the strategic impact traditionally associated with dynamic campaigns. Central to this change is the cyber domain, which has emerged not just as an adjunct to military power but as a decisive battlefield in its own right. The pattern of development is typical, with cyber operations being used to weaken, confuse, or paralyze an adversary’s critical infrastructure before conventional forces and tactics can be deployed.
Power grids, telecommunications networks, transportation systems, and command-and-control architectures have become the first targets of what can be described as the non-dynamic opening salvo of modern warfare. One such recent case is the power grid failure in Venezuela in January 2026, following which the US captured its President Nicolas Maduro in Caracas, which is an example of the use of grey-zone tactics in conflicts between state actors. U.S. officials described the raid as the culmination of months of covert surveillance, operational planning, and the use of cyber and electronic capabilities, which played a role in disabling Venezuela’s air defenses and critical infrastructure before the kinetic attack.
This change reflects a deeper strategic logic. Disabling power or communications does not raise the immediate political costs of missile attacks, but it does have the power to paralyze a state’s ability to govern, organize, or defend itself. In grey-zone rivalry, the objective is not sudden battlefield victory but strategic confusion, forcing the opponent into paralysis while maintaining plausible deniability. Therefore, cyber operations serve as both an offensive tool and force multiplier for conventional military power.
The notion that cyber operations can serve as the “first strike” of a conflict is no longer theoretical. Over the past few years, several cases have established how cyber intrusions into critical infrastructure can shape the battlefield without triggering formal escalation. In this context, attacks on power grids are the most potent targets. Electricity is the backbone of modern society; Its disruption impacts military readiness, economic activity, health care, public morale and governance.
Unlike kinetic attacks, cyber operations can be pre-planned years in advance. Malware may lie dormant within supervisory control and data acquisition (SCADA) systems, industrial control networks, or supply-chain hardware, waiting to be activated at a politically or militarily opportune moment, such as the 2015–16 attack on the Ukrainian power grid. When triggered, such implants can produce effects that manifest as technical failure or natural outages, complicated implantation, and delayed response. This combination of secrecy, deniability, and strategic influence makes cyber operations an ideal means for gray-zone coercion.
Recent discussion regarding US cyber operations targeting Venezuelan electricity infrastructure has further sharpened global understanding of the integration of cyber and kinetic operations. While ground forces carried out the visual part of the operation, cyber operations created conditions that reduced resistance and reduced decision-making time for the Venezuelan military.
Cyber intrusions into power grids forced military installations to switch to backup power. This change typically introduces small but significant delays as the system reboots and stabilizes, creating a temporary blind spot or ‘moss-window’ period in surveillance and air defense coverage.
In parallel, cyber operations targeted Venezuelan air defense systems, including the radar network, focusing on infiltration of software that processes radar data. This manipulation of internal network systems results not only in an apparent system failure, but also in a confusing operational picture, which is often more dangerous because operators do not realize they have been compromised.
Equally important was the disruption of communications networks in the El Volcan area, including cyber interference with encrypted communications and severing of key fiber-optic links, which could disrupt this chain of command at critical moments. When communications fail, command systems also fail, delaying defensive action.
Another dimension of the operation appears to involve the exploitation of surveillance infrastructure. Many states, including Venezuela, have invested heavily in “smart city” technologies such as network cameras and biometric systems, often sourced from China, for example, from ZTE. These surveillance tools, designed for national security, can be reused as intelligence assets by an external actor.
Overall, these measures establish a clear model of cyber-kinetic synchronization. Cyber operations disrupted power supplies, distorted situational awareness, and paralyzed the decision-making process while conventional forces carried out the final stages.
What is particularly enlightening is the emphasis on long-term preparation. Such operations require years of intelligence gathering, supply-chain compromise, insider access, and passive malware implantation. This reinforces a central lesson for all states; Cyber vulnerabilities are often inherent long before a crisis emerges.
India’s recent experience highlights both increasing sensitivity and degree of resilience in the face of cyber-enabled pressures. During the India-China standoff following the 2020 Galwan clash, Chinese intrusions into the Indian power grid network suggested an intention to signal access to critical infrastructure rather than causing immediate disruption. The subsequent power outage in Mumbai (2020), which was attributed to Chinese state-sponsored cyber intrusions, reinforced concerns about how the civic grid could be leveraged as a strategic pressure point during geopolitical crises. At the same time, India managed to contain the escalation of tensions, restore services rapidly and avoid systemic collapse, which reflects institutional coping capacity even amid uncertainty.
Looking ahead, the challenge is compounded by the possibility of China-Pakistan collusion, where cyber operations against power, communications or transportation networks could be used to create friction and delay decision-making during a crisis without crossing the threshold of open conflict. These episodes reveal a persistent gap between India’s growing strategic risks and its still-evolving cyber deterrence stance, even though crisis management and restraint have so far prevented gray zone actions from turning into broader destabilization.
Assessing India’s preparedness: Structural shortcomings and strategic shortcomings
India has made measurable progress in identifying cyber threats, yet significant vulnerabilities remain, especially in the context of grey-zone warfare. Institutionally, cybersecurity remains disjointed across civilian, military, and sector-specific agencies. While institutions such as the National Critical Information Infrastructure Protection Center (NCIIPC) exist, coordination between central authorities, state governments and private power operators remains uneven.
A serious weakness lies in the civil-military divide; Power grids, ports, and telecommunications networks are largely civilian owned and operated, yet their disruption has direct national security implications. Cyber defense exercises rarely simulate integrated cyber-dynamic scenarios that involve extended pressure. This makes India better prepared for isolated cyber incidents compared to coordinated operations associated with military escalation.
Another concern is supply-chain weakness, as much of India’s infrastructure depends on imported hardware and software, including components from suppliers in geopolitically sensitive areas. While awareness of supply-chain risks has increased, comprehensive auditing and diversification remains incomplete. As global experience shows, compromised hardware does not announce itself during peacetime; Its effect appears only when activated.
India faces an acute shortage of human capital and specialized expertise linking information technology and operational technology; Cyber security of industrial control systems requires a dedicated area. The training, retention, and integration of such knowledge into strategic planning remains inconsistent.
Furthermore, grey-zone cyber warfare exploits one of India’s most enduring strategic dilemmas. India’s declarative posture on cyber retaliation remains underdeveloped. Without clear indications of red lines and proportionate response mechanisms, adversaries may calculate that the benefits of cyber coercion outweigh the risks. Deterrence in cyberspace, unlike nuclear deterrence, depends on capability as well as insight and credibility.
To deal with these challenges, an ideological shift is required. Cyber defense should be integrated into India’s broader military planning rather than being treated as a technological adjunct. Regular red-teaming of critical infrastructure, joint civil-military exercises and scenario planning for cyber-enabled gray zone conflict are essential.
Strategic communication is equally important. India must demonstrate its ability to detect, detect and respond to cyber aggression. Deterrence does not require mirroring an adversary’s methods, but rather convincing them that cyber coercion will come with a cost, whether through diplomatic, economic, or cyber means.
Grey-zone warfare has fundamentally changed the course of conflicts. Cyber operations targeting power grids and critical infrastructure are no longer the secondary function of espionage; They are emerging as the first strike in modern state-to-state conflict. India’s experience during tensions with China, the increasing complexity of strategic logic and cyber-kinetic integration illustrated by the operation against Venezuelan infrastructure.
The challenge for India is not only technical but also strategic. Without deep integration, clear doctrine, and strong deterrent signaling, cyber vulnerabilities will continue to provide adversaries with a low-risk, high-impact path to coercion. Lack of preparation in the gray zone is a weakness in itself, which can be exploited in the future.
This article is written by Soumya Awasthi, Fellow, Center for Security, Strategy and Technology, Observer Research Foundation, New Delhi.
