Chinese state-sponsored hackers target Indian power grids yet again, a year after 10 different Indian organisations in the power generation and transmission sector fell victim to their cyberattacks.
According to articles in The Hindu and The Economic Times, The Power Minister R.K Singh said that the Chinese hackers attempted to disrupt the power distribution centres in Ladakh twice, but unsuccessfully. This information from the Power Minister came shortly after the threat intelligence firm Recorded Future Inc. exposed the Chinese cyber-espionage campaign happening over the past few months in a report published on Wednesday.
The hackers deliberately targeted seven load dispatch centres that are very crucial for the real-time grid control operations and electricity dispersal in regions located near the LAC(Line of Actual Control) situated near the highly disputed Ladakh-China Border area.
One of the targeted load dispatch centres was previously targeted by RedEcho back in 2021 which according to the US, is a Chinese state-sponsored hacking group.
The RedEcho launched a series of deadly cyberattacks in 2021 to which six regional and state load dispatch centres, two ports, a national powerplant and a substation fell victims. One of the biggest victims included one power plant owned by the NTPC(National Thermal Power Corporation).
The Hindu notes that the Ministry of External Affairs(MEA) can’t connect the hacker's identity to China with certitude, but says that India’s critical infrastructure has adequate safeguard mechanisms to guard itself against any such attacks in the future.
It is now known that the most such hacks utilised a backdoor named ShadowPad, which is an extremely sophisticated piece of remote access trojan, and is a privately sold malware exclusively designed for cyberespionage.
Recorded Future Inc. has tied the latest set of malicious activities to an emerging threat cluster group which is linked to the Threat Activity Group TAG-38, which is completely different from the previously identified tactics and procedures of RedEcho.
Tensions have been flaring up between India and China following the Galwan border dispute in 2020, and subsequently, China has been resorting to cyber espionage with the help of RedEcho and various other adversaries.
The Chinese foreign ministry’s response was exactly like the Indian side had expected. The foreign ministry’s spokesperson Zhao Lijian denied the state’s involvement in any sort of cyber espionage/terrorism activities. Instead, he blamed the US by declaring it as the empire of hacking.
A series of reports released suggest the role of the US in cyberattacks against various countries including China, backed by some Chinese cybersecurity companies. It seriously puts the critical infrastructure of such countries at risk and later claimed that Beijing and its allies will expose the true intentions of the US.
Share This Post On
Leave a comment
You need to login to leave a comment. Log-in