With just a mouse click, it is possible to bring down industrial infrastructures, like nuclear infrastructures. Changing characteristics of warfare has given the grounds for hybrid warfare to thrive and deploy cyber technology for its advantage. The lack of precision and consensus regarding what constitutes hybrid warfare and the possible responses to tackle this means of warfare has given an extraordinary edge for those actors honing their hybrid warfare capabilities. Of many means, cyber technology has been among the most relied upon to carry out operations without being physically proximate to the target, with a massive amount of uncertainty. The pace at which cyber weapons have been evolving points at the manifestation of cyber conflicts and their role in affecting global stability. The issues of deniability and ambiguity, making attribution dicey, have given cyber-attacks the catbird seat. Difficulty in swiftly processing forensics details hampers chances of tracing the address of the cyber-attack as it gives the hacker to morph or foul up the address, therefore, misdirecting forensic investigations. Attribution of attacks is necessary to know the what, why, who and how of the attack, which in turn can contribute to the identification of threat sources and formulation of mitigation strategies. Approaches like that established by the Q model can resolve the attribution hiccup to an extent, though it is not possible to develop an infallible model. This limitation is because of how cyber technology metamorphizes and presents newer zero-day vulnerabilities that can be exploited. Evolving trends in warfare have given state and criminal non-state actors a lucrative alternative to traditional means of confrontation that needs physical presence and is expensive. Instead, attacking the critical infrastructures with a cyber weapon can inflict equal, if not more, damage to the target actors. Nuclear infrastructures are growingly becoming targets of such attacks as they can potentially provoke a broad spectrum of ramifications that can cause irrevocable destruction to the human race. Nuclear accidents in the past have revealed the various impacts on society, from human fatalities and economic depletion to environmental degradation. Cyber technology can inflict just the same amount of damage by attacking nuclear infrastructures. A cyber-attack on NC3 of India’s nuclear forces, a possibility that the state cannot neglect, can cause confusion and inadvertent repercussions that disturb geopolitical stability. Such threats can arise from within the state or outside, both being tricky to cull out. India has employed the defence-in-depth approach to protecting nuclear infrastructures from cyber-attacks, involving complex layers of technical and personnel security measures. Nevertheless, the delay in the introduction of a national policy for cyber security has slowed down the efforts to strengthen the state’s cyber resilience. The speedy implementation of the National Cyber Security Strategy will benefit India’s cyber security efforts. Other supplementary means construe confidence-building measures, incentives for compliance with nuclear-cyber security measures, and garnering convergence on the need for an international agreement on cyber security. These initiatives are essential to attain a wholesome cyber defence mechanism. The ubiquitous, transboundary, and cost-effective platform offered by cyberspace has bestowed the power of relevance and superiority on it. Quoting Oleksiy Yasinskiy, a cyber specialist, ‘Who controls cyberspace controls the world’ (Luhn, 2017). The discourse on cyber security must continually evolve to cater to the emerging cyber threats to critical information infrastructures, including nuclear infrastructures.