A report released by a US based company revealed that a Chinese government-linked group of hackers targeted India’s critical power grid system through malware, raising suspicion whether last year’s massive power outage in Mumbai was a result of the online intrusion.
Recorded Future, a Massachusetts-based company which studies the use of the internet by state actors, in its recent report details the campaign conducted by a China-linked threat activity group RedEcho targeting the Indian power sector.
The activity was identified through a combination of large-scale automated network traffic analytics and expert analysis.
On October 12, a grid failure in Mumbai resulted in massive power outages, stopping trains on tracks, hampering those working from home amidst the COVID-19 pandemic and hitting the stuttering economic activity hard. It took two hours for the power supply to resume for essential services, prompting Chief Minister Uddhav Thackeray to order an enquiry into the incident.
Since early 2020, Recorded Future’s Insikt Group observed a large increase in suspected targeted intrusion activity against Indian organisations from the Chinese state-sponsored group. As per a US media report, the discovery raises the question about whether the Mumbai outage was meant as a message from Beijing to India to not push its border claims too vigorously.
Reacting to the report, the Union power ministry said said in New Delhi that an e-mail was received on 12th of last month about the threat posed by Red Echo group based in China through a malware called Shadow Pad. Authorities blocked of all IPs and domains listed in the mail and cleaned all systems in control centres by anti-virus. Power Ministry said that no loss of data due to these incidents was detected.
Chinese Foreign Ministry has however rejected the criticism about China’s involvement in the hacking of India’s power grid. It termed the report as irresponsible, ill-intentioned and said one cannot make wanton guesses without proof.