Chinese hackers reportedly target India’s power grid


PTI, Apr 8, 2022, 8:26 AM IST

Image source: Reddit

India’s power sector has been targeted by hackers in a long-term operation thought to have been carried out by a state-sponsored Chinese group, a U.S.-based private cybersecurity company detailed in a new report.

Over the last several months, the Insikt Group, the threat research division of Massachusetts-based Recorded Future, said it has collected evidence that hackers targeted seven Indian state centers responsible for carrying out electrical dispatch and grid control near a border area disputed by the two nuclear neighbors.

The group primarily used the trojan ShadowPad, which is believed to have been developed by contractors for China’s Ministry of State Security, leading to the conclusion that this was a state-sponsored hacking effort, the group reported.

“ShadowPad continues to be employed by an ever-increasing number of People’s Liberation Army and Ministry of State Security-linked groups, with its origins linked to known MSS contractors first using the tool in their own operations and later likely acting as a digital quartermaster,” Recorded Future said in the report late Wednesday.

China’s Foreign Ministry spokesman Zhao Lijian said Thursday the report had been “noted” by Beijing, but that China “firmly opposes and combats any form of cyberattacks, and will not encourage, support or condone any cyberattacks.” “I would like to advise the company concerned that if they really care about global cybersecurity, they should pay more attention to the cyberattacks by the U.S. government hackers on China and other countries, and do more to help promote dialogue and cooperation among countries, instead of using the cyberattack issue to stir up trouble and throw mud at China,” he told reporters.

Indian External Affairs Ministry spokesperson Arindam Bagchi said India hasn’t discussed the issue with China. ”We have seen reports. There is a mechanism to safeguard our critical infrastructure to keep it resilient. We haven’t raised this issue with China,” he said. Indian Minister of Power R.K. Singh said the report was not a cause for concern.

“We are always prepared,” he said. ”We have a very robust security system. We are always alert.” Insikt Group already detected and reported a suspected Chinese-sponsored hack of 10 Indian power sector organizations in February 2021 by a group known as RedEcho. The more recent hack “displays targeting and capability consistencies” with RedEcho, but there are also “notable distinctions” between the two so the group has been given the working name of Threat Activity Group 38, or TAG-38, as more information is gathered.

Following a short lull after its first report, Recorded Future said the Insikt Group again started tracking hacking attempts on India’s power grid organizations. Over the last several months, through late March, it identified likely network intrusions targeting at least seven of India’s so-called “State Load Dispatch Centers” — all in proximity to the disputed border in Ladakh, where Chinese and Indian troops clashed in June 2020, leaving 20 Indian soldiers and four Chinese dead.

“Recorded Future continues to track Chinese state-sponsored activity groups targeting a wide variety of sectors globally — a large majority of this conforms to longstanding cyberespionage efforts, such as targeting of foreign governments, surveillance of dissident and minority groups, and economic espionage,” the report said. “However, the coordinated effort to target Indian power grid assets in recent years is notably distinct from our perspective and, given the continued heightened tension and border disputes between the two countries, we believe is a cause for concern,” it added.

Hackers are thought to have gained access through third-party devices connected to the internet, like IP cameras, which had been compromised, the company said.

Investigators have not yet determined how they had been compromised, but Recorded Future suggested they may have originally been installed using default credentials, leaving them vulnerable. Because the prolonged targeting of India’s power grid “offers limited economic espionage or traditional intelligence-gathering opportunities,” Recorded Future said it seems more likely the goal is to enable information-gathering around surrounding critical infrastructure systems or to be pre-positioned for future activity.

“The objective for intrusions may include gaining an increased understanding into these complex systems in order to facilitate capability development for future use or gaining sufficient access across the system in preparation for future contingency operations,” Recorded Future said.

Udayavani is now on Telegram. Click here to join our channel and stay updated with the latest news.

Top News

BCCI vs PCB spar on CT venue as Naqvi denies receiving any official note from Indian board

After Yogi’s ‘batenge, katenge’ slogan, PM pitches for unity with ‘Ek hai, toh safe hai’ message

“Coming soon.. 2025”: KL Rahul and Athiya Shetty announce first pregnancy

Mangaluru: Unauthorized bus stops at signals fuel traffic woes and safety concerns

SC notice to Karnataka, DK Shivakumar on CBI plea against withdrawal of consent by state govt

Will remain active in politics till my last breath: JD(S) patriarch & ex-PM Deve Gowda

BJP calls Congress govt ‘laughing stock’ as ‘samosa politics’ heats up in Himachal

Related Articles More

Don’t trust caller ID info; can be spoofed easily: Cyber advisory to govt officials

Stay Safe Online: Tips to avoid cyber fraud!

Three Chinese astronauts enter space station after successful launch

What is AI superintelligence? Could it destroy humanity? And is it really almost here?

IIT-B develops method to maintain comfortable temperature inside homes in joint research

MUST WATCH

Gho Pooja in Deepavali Festival

Melukote Deepavali

Ganapathi Co-operative Society Ltd

Udayavani Chinnara Banna 2024

Annapoorna Aahar | Food Places In Mysore


Latest Additions

BCCI vs PCB spar on CT venue as Naqvi denies receiving any official note from Indian board

Use Carnatic music to promote Kannada language: Nirmala Sitharaman

Udupi: Car collides with bike; Rider injured

UP women’s body proposes men shouldn’t tailor women’s clothes or cut their hair

NSE, BSE to be closed on Nov 20 for Maharashtra assembly polls

Thanks for visiting Udayavani

You seem to have an Ad Blocker on.
To continue reading, please turn it off or whitelist Udayavani.