After reports had emerged that Chinese hackers had infused malware that resulted in the power outrage in Mumbai and the surrounding areas last year, the Centre has denied any data breach in the attempt made by Chinese hackers to target the country’s power grid system. The Power Ministry also said that there has no impact from the alleged Chinese hacking attempt against India’s power grid system.
A report from New York Times had suggested that the power outage that occurred across Mumbai, Thane and Navi Mumbai was suspected to be the result of a sophisticated sabotage attempt to target the country’s power utilities. The report had said the power outrage in Mumbai and the surrounding areas last year might have been the handiwork of the Chinese, who wanted to launch a widespread cyber campaign against India’s power grid as to send a message that “if India pushed too hard, the light could go out”.
The Mumbai blackout had come just a few months after Chinese and Indian troops had clashed in Galwan Valley. The India China standoff had lasted months and had caused casualties on both sides.
Responding to the news reports, the power ministry said, “An email was received from CERT-In on 19th November 2020 on the threat of malware called Shadow Pad at some control centres of POSOCO. Accordingly, action has been taken to address these threats.”
The Power Ministry further said that NCIIPC informed them through mail on February 12 about the threat by a Chinese state-sponsored threat actor – Red Echo through malware Shadow Pad, targeting the Indian Power sector’s Regional Load Dispatch Centres along with State Load Dispatch Centres.
NCIIPC informed through mail on Feb 12 about threat by Red Echo through malware Shadow Pad that “Chinese state-sponsored threat Actor group known as Red Echo is targeting Indian Power sector’s Regional Load Dispatch Centres along with State Load Dispatch Centres”: Power Ministry— ANI (@ANI) March 1, 2021
The power ministry also said that the government took prompt action by blocking all IP addresses and domains listed in NCIIPC mail. All systems in control centres were scanned and cleaned by antivirus, the ministry further said.
“Observations from all RLDCs and NLDC shows that there is no communication & data transfer taking place to the IPs mentioned. There is no impact on any of the functionalities carried out by POSOCO due to the referred threat. No data breach/data loss has been detected due to these incidents,” the ministry’s statement said.
Chinese hackers behind malware attack against Mumbai power grid, claimed US research org
Earlier, a US firm named Recorded Future had quoted in NYT, claiming that the Chinese are targeting India’s power grid system through malware. The report said that the massive power outage in Mumbai last year was also a result of the online intrusion.
The new research quoted by NYT showed that the two incidents might have been related as China may have played a role in Mumbai blackout by initiating a malware attack against the power grid. The research organisation claimed that as the stand-off continued between the two sides at the Himalayas, the Chinese had hacked the power grid’s control systems through malware.
According to Recorded Future, most of the malware infused into the power grid was never activated. As Recorded Future was unable to enter the Indian power system, they could not look into the details of the code placed in strategic power distribution systems across the country. It has notified Indian authorities, but so far, they have not reported what they have found.
The finding raised serious questions about the security of the country’s strategic assets, especially in a city like Mumbai, and hints at whether it was a message from Beijing about what would happen if India pushed hard more aggressively.
As per the report, Indian officials had cautioned about the cyberattack originating in China against a nearby power load management centre. They had also launched a formal investigation. The Indian officials were also concerned with the malware intrusion into the country’s power grid.