Chinese hackers recently targeted Indian electricity distribution centres near Ladakh, finds report

Chinese state-sponsored hackers recently targeted Indian electricity distribution centres near Ladakh, according to a report by a private intelligence firm. “In recent months, we observed likely network intrusions targeting at least 7 Indian State Load Despatch Centres (SLDCs) responsible for carrying out real-time operations for grid control and electricity dispatch within these respective states” reads the report Continued Targeting of Indian Power Grid Assets by Chinese State-Sponsored Activity Group by Recorded Future. Furthermore, the report also states that the company “identified the compromise of a national emergency response system and the Indian subsidiary of a multinational logistics company by the same threat activity group. To achieve this, the group likely compromised and coopted internet-facing DVR/IP camera devices for command and control (C2) of Shadowpad malware infections, as well as the use of the open-source tool FastReverseProxy (FRP). It was also found out that this is not the first that India’s critical infrastructure was targeted. The report states, “Given the continued targeting of State and Regional Load Despatch Centres in India over the past 18 months, first from RedEcho and now in this latest TAG-38 activity, this targeting is likely a long-term strategic priority for select Chinese state-sponsored threat actors active within India.” Explaining the reasons for the repeated and prolonged attack, the report states, “The prolonged targeting of Indian power grid assets by Chinese state-linked groups offers limited economic espionage or traditional intelligence-gathering opportunities. We believe this targeting is instead likely intended to enable information-gathering surrounding critical infrastructure systems or is pre-positioning for future activity. The objective for intrusions may include gaining an increased understanding into these complex systems in order to facilitate capability development for future use or gaining sufficient access across the system in preparation for future contingency operations.” The report was first carried out by Bloomberg, which said that Beijing has consistently denied involvement in malicious cyber activity. India’s relationship with China since the escalation of border tensions in May 2020 has been tense despite the latter emerging as its second-largest trading partner. India is not only aware of the cyber threat from China but has acknowledged it repeatedly. Last April, former Chief of Defence Staff late Bipin Rawat had pointed out gaps between the countries with regard to technology while adding that India has been catching up. “We know that China is capable of launching cyberattacks on us and that it can disrupt a large amount of our systems. What we are trying to do is to create a system which would ensure cyber defence,” he said. He said the aim has been to create firewalls to deal with the cyberattacks and that the issue is being addressed in a “serious way”. After being alerted about the recent cyberattack, Power Minister RK Singh was quoted as saying by news agency ANI.  “Two attempts by Chinese hackers were made to target electricity distribution centres near Ladakh but were not successful… We’ve already strengthened our defence system to counter such cyber attacks.” In India, the government’s Indian Computer Emergency Response Team (CERT-In) tracks and monitors cyber security incidents. According to CERT-In, a total of 14.02 lakh cyber security incidents were recorded in 2021. In the first two months of 2022, 2.12 lakh cyber security incidents were recorded, according to a report by the Times of India. With inputs from agencies Read all the Latest News , Trending News , Cricket News , Bollywood News , India News and Entertainment News here. Follow us on Facebook, Twitter and Instagram.