No impact on any functionalities of power grid due to malware attack: Power Min

The Ministry of Power on Monday said there is no impact on operations of Power System Operation Corporation POSOCO due to any malware attack and that prompt actions are taken on advisories issued against such threatsThe ministry was responding to a study carried out by a private US company which suggested that a Chinalinked group targeted Indias power grid system through malware a software designed to cause damage to a computer networkThis study raised suspicion whether last years massive power outage in Mumbai was a result of the online intrusionHowever the ministry did not mention about the Mumbai outage in its statementResponding on the findings of the study the ministry said There is no impact on any of the functionalities carried out by POSOCO due to the referred threat No data breach data loss has been detected due to these incidentsThe ministry further said Prompt actions are being taken by the CISOs chief information security officers at all these control centres under operation by POSOCO for any incidentadvisory received from various agencies like CERTin NCIIPC CERTTrans etcThe CERTin Indian Computer Emergency Response Team is the nodal agency to deal with cyber security threats like hacking and phishingThe NCIIPC National Critical Information Infrastructure Protection Centre NCIIPC is national nodal agency for critical information infrastructure protectionA Chinese governmentlinked group of hackers targeted Indiarsquos critical power grid system through malware Recorded Future a Massachusettsbased company said in its latest studyRecorded Future which studies the use of the internet by state actors in its recent report details the campaign conducted by a Chinalinked threat activity group RedEcho targeting the Indian power sectorThe activity was identified through a combination of largescale automated network traffic analytics and expert analysisData sources include the Recorded Future Platform SecurityTrails Spur Farsight and common opensource tools and techniques the report saidIn response to the allegation Chinese Foreign Ministry spokesman Wang Wenbin on Monday rejected the criticism about Chinarsquos involvement in the hacking of Indiarsquos power grid saying it is ldquoirresponsible and illintentionedrdquo to make allegations without proofOn October 12 a grid failure in Mumbai resulted in massive power outages stopping trains on tracks hampering those working from home amidst the COVID19 pandemic and hitting the stuttering economic activity hardIt took two hours for the power supply to resume for essential services prompting Chief Minister Uddhav Thackeray to order an enquiry into the incidentIn its report Recorded Future notified the appropriate Indian government departments prior to publication of the suspected intrusions to support incident response and remediation investigations within the impacted organisationsThe ministry explained in its statement The IPs mentioned in Red Echo related advisory are matching with those given in Shadow pad Incidents already informed by CERTin in the month of November2020 Observations from all RLDCs regional load dispatch centres amp NLDC national load dispatch centre shows that there is no communication amp data transfer taking place to the IPs mentionedAll IPs and domains listed in NCIIPC mail have been blocked in the firewall at all control centres Log of firewall is being monitored for any connection attempt towards the listed IPs and domains Additionally all systems in control centres were scanned and cleaned by antivirus the ministry addedReferring to a report from Insikt talks about the imminent threat from the Red Echo group based in China the ministry said A system of monitoring and analysis of cyber activities is already in place at all RLDCs amp NLDC operated by POSOCO Further an email was received from CERTIn on 19th November 2020 on the threat of malware called Shadow Pad at some control centres of POSOCO Accordingly action has been taken to address these threatsSubsequently it stated that NCIIPC informed through a mail dated 12th February 2021 about the threat by Red Echo through a malware called Shadow PadIt had said Chinese statesponsored threat actor group known as Red Echo is targeting Indian Power sectors Regional Load Dispatch Centres RLDCs along with State Load Dispatch Centres SLDCs Some IP addresses and domain names were mentioned The report of Insikt also refers the threat actors already informed by CERTin amp NCIIPC the ministry explainedThis story has been sourced from a third party syndicated feed agencies Midday accepts no responsibility or liability for its dependability trustworthiness reliability and data of the text Midday managementmiddaycom reserves the sole right to alter delete or remove without notice the content in its absolute discretion for any reason whatsoever