Amidst the tense border tension between India and China, a Chinese government-linked group of hackers targeted India’s critical power grid system through malware, a US company has said in its latest study, raising suspicion whether last year’s massive power outage in Mumbai was a result of the online intrusion.
Recorded Future, a Massachusetts-based company which studies the use of the internet by state actors, in its recent report details the campaign conducted by a China-linked threat activity group RedEcho targeting the Indian power sector.
The activity was identified through a combination of large-scale automated network traffic analytics and expert analysis.
Data sources include the Recorded Future Platform, SecurityTrails, Spur, Farsight and common open-source tools and techniques, the report said.
On October 12, a grid failure in Mumbai resulted in massive power outages, stopping trains on tracks, hampering those working from home amidst the COVID-19 pandemic and hitting the stuttering economic activity hard.
It took two hours for the power supply to resume for essential services, prompting Chief Minister Uddhav Thackeray to order an enquiry into the incident.
In its report, Recorded Future notified the appropriate Indian government departments prior to publication of the suspected intrusions to support incident response and remediation investigations within the impacted organisations.
There was no immediate response from the Indian government on the study by the US company.
Since early 2020, Recorded Future’s Insikt Group observed a large increase in suspected targeted intrusion activity against Indian organisations from the Chinese state-sponsored group.
The New York Times, in a report, said that the discovery raises the question about whether the Mumbai outage was meant as a message from Beijing about what might happen if India pushed its border claims too vigorously.
In response to the allegation, Chinese Foreign Ministry spokesman Wang Wenbin on Monday rejected the criticism about China’s involvement in the hacking of India’s power grid, saying it is “irresponsible and ill-intentioned” to make allegations without proof.