China hit Mumbai with blackout as troops clashed in Ladakh last year: Report

China launched a cybercampaign hit against Indias power grid targeting Mumbai on October 13 last year in a warning message after the tension at Ladakh borderThe New York Times reported that a new study lends weight to the idea that those two events may have been connected as part of a broad Chinese cyber campaign against Indias power grid timed to send a message that if India pressed its claims too hard the lights could go out across the countryThe study shows that as the battles raged in the Himalayas taking at least two dozen lives Chinese malware was flowing into the control systems that manage electric supply across India along with a highvoltage transmission substation and a coalfired power plant NYT saidThe report said the flow of malware was pieced together by Recorded Future a Somerville Massachusetts company that studies the use of the internet by state actors It found that most of the malware was never activatedAnd because Recorded Future could not get inside Indias power systems it could not examine the details of the code itself which was placed in strategic powerdistribution systems across the country While it has notified Indian authorities so far they are not reporting what they have found NYT saidStuart Solomon Recorded Futures chief operating officer said that the Chinese statesponsored group which the firm named Red Echo has been seen to systematically utilize advanced cyber intrusion techniques to quietly gain a foothold in nearly a dozen critical nodes across the Indian power generation and transmission infrastructureThe discovery raises the question about whether an outage that struck on October 13 in Mumbai one of the countrys busiest business hubs was meant as a message from Beijing about what might happen if India pushed its border claims too vigorously NYT saidIt added that news reports at the time quoted Indian officials as saying that the cause was a Chineseorigin cyberattack on a nearby electricity loadmanagement center Authorities began a formal investigation which is due to report in the coming weeks Since then Indian officials have gone silent about the Chinese code whether it set off the Mumbai blackout and the evidence provided to them by Recorded Future that many elements of the nations electric grid were the target of a sophisticated Chinese hacking effortNYT said the investigators who wrote the Recorded Future study which is set to be published Monday said that the alleged link between the outage and the discovery of the unspecified malware in the system remains unsubstantiated But they noted that additional evidence suggested the coordinated targeting of the Indian load dispatch centers which balance the electrical demands across regions of the countryI think the signaling is being done by China to indicate that we can and we have the capability to do this in times of a crisis said retired Lt Gen DS Hooda a cyber expert who oversaw Indias borders with Pakistan and China Its like sending a warning to India that this capability exists with us NYT quotedIn the Indian case Recorded Future sent its findings to Indias Computer Emergency Response Team or CERTIn a kind of investigative and earlywarning agency most nations maintain to keep track of threats to critical infrastructure Twice the center has acknowledged receipt of the information but said nothing about whether it too found the code in the electric grid NYT saidRepeated efforts by The New York Times to seek comment from the center and several of its officials over the past two weeks yielded no responseIn India a patchwork of statebacked hackers were caught using coronavirusthemed phishing emails to target Chinese organizations in Wuhan last February A Chinese security company 360 Security Technology accused statebacked Indian hackers of targeting hospitals and medical research organizations with phishing emails in an espionage campaignFour months later as tensions rose between the two countries on the border Chinese hackers unleashed a swarm of 40300 hacking attempts on Indias technology and banking infrastructure in just five days Some of the incursions were socalled denialofservice attacks that knocked these systems offline others were phishing attacks according to the police in Maharashtra as per NYTYashasvi Yadav a police official in charge of Maharashtras cyberintelligence unit said authorities found suspicious activity that suggested the intervention of a state actorBut Yadav declined to elaborate saying the investigations full report would be released in early March Nitin Raut a state government minister quoted in local reports in November blaming sabotage for the Mumbai outage did not respond to questions about the blackout NYT reportedThis story has been sourced from a third party syndicated feed agencies Midday accepts no responsibility or liability for its dependability trustworthiness reliability and data of the text Midday managementmiddaycom reserves the sole right to alter delete or remove without notice the content in its absolute discretion for any reason whatsoever