Chinese cyber-attack threat raises head again, PowerMin accepts past cases
Accusations of sabotage by Chinese malware agencies on India’s power grid started flying again with a report by Somerville-based Recorded Future citing the same and Maharashtra government ordering an investigation into whether or not the Mumbai outage in October 2020 was due to any Chinese sabotage.
Cyber intelligence firm, Recorded Future in latest report said, China-linked Group RedEcho targeted the Indian power sector amid heightened border tensions.
“Since early 2020, Recorded Future’s Insikt Group observed a large increase in suspected targeted intrusion activity against Indian organisations from Chinese state-sponsored groups,” the report said.
Recorded Future further said ten Indian power sector organisations, including four of the five Regional Load Despatch Centres (RLDC) are targets in a concerted campaign against India’s critical infrastructure.
The union ministry of power in a statement said, an alarm was raised on threat to RLDCs and National Load Despatch Centre (NLDC), operated by Power Systems Operations Company (POSOCO), but it was resolved.
“An email was received from CERT-In on 19th November, 2020 on the threat of malware called Shadow Pad at some control centres of POSOCO,” said the statement. CERT-In or Indian Computer Emergency Response Team under the Ministry of Electronics and Information Technology is the nodal agency to deal with cyber security threats.
Also Read: Chinese firms dominate power infra in states; industry warns of data breach
The power ministry further said, National Critical Information Infrastructure Protection Centre informed through a mail dated February 12, 2021 about the threat by Red Echo through a malware called Shadow Pad. It stated that: “Chinese state-sponsored threat Actor group known as Red Echo is targeting Indian Power sector’s Regional Load Dispatch Centres (RLDCs) along with State Load Dispatch Centres (SLDCs). “
The ministry said, following the reports, all IPs and domains listed in the emails were blocked in the firewall at all control centres and all systems in control centres were scanned and cleaned by antivirus.
“Observations from all RLDCs & NLDC shows that there is no communication & data transfer taking place to the IPs mentioned. There is no impact on any of the functionalities carried out by POSOCO due to the referred threat. No data breach/data loss has been detected due to these incidents,” said the statement.
Also Read: After Mumbai’s power outage, Tata power to upgrade city’s islanding system
Post the Galwan border skirmish between Indian and Chinese troops, and India banning Chinese power imports, this paper reported that 5 cities across 12 states have awarded contracts of real-time power supply and data management, communication infrastructure to Chinese companies, thereby elevating threat of cyber-attack.
A New York Times article on Monday cited the report by Recorded Future to indicate that the power outage which gripped the city of Mumbai and sub-urban areas on October 12, 2020 was a result of a cyber-malware inducted by Chinese agencies.
Dinesh Waghmare, principal secretary of the state energy department in a press conference on Monday said, “We had asked Maharashtra cyber police to investigate the matter as there was suspicion of sabotage. However, the investigation is still on and they have not come to a conclusion as yet. Preventive measures will also be taken.”
Senior government officials and executives from the power supply companies in Mumbai denied any cyber-attack link. In the meetings held since October, cyber-attack was discussed but could not be proved. The final report on the incident by a High level committee is awaited,” said a senior official.
Dear Reader,
Business Standard has always strived hard to provide up-to-date information and commentary on developments that are of interest to you and have wider political and economic implications for the country and the world. Your encouragement and constant feedback on how to improve our offering have only made our resolve and commitment to these ideals stronger. Even during these difficult times arising out of Covid-19, we continue to remain committed to keeping you informed and updated with credible news, authoritative views and incisive commentary on topical issues of relevance.
We, however, have a request.
As we battle the economic impact of the pandemic, we need your support even more, so that we can continue to offer you more quality content. Our subscription model has seen an encouraging response from many of you, who have subscribed to our online content. More subscription to our online content can only help us achieve the goals of offering you even better and more relevant content. We believe in free, fair and credible journalism. Your support through more subscriptions can help us practise the journalism to which we are committed.
Support quality journalism and subscribe to Business Standard.
Digital Editor