Chinese State-Sponsored Hackers Might Have Also Targeted Indian Railways Infrastructure, Says US Cyber Intelligence Firm
Besides 10 organisations in the Indian power sector and two ports, Chinese state-sponsored hackers might also have targeted Indian Railways infrastructure, an expert with cyber intelligence company Recorded Future said on Thursday (4 March).
However, there is still not enough data to confirm that Indian Railways infrastructure were actually attacked, Charity Wright, Cyber Threat Intelligence Expert, Recorded Future, said during a virtual briefing with reporters.
Recorded Future had earlier released a report in which it had identified 10 distinct Indian organisations in the power generation and transmission sector and two in the maritime sector which were targeted by Chinese hackers.
The intrusions were conducted by a China-linked activity group that Recorded Future termed as "RedEcho".
The 12 "victim" organisations are - Power System Operation Corporation Ltd, NTPC Ltd, NTPC Kudgi STPP, Western Regional Load Despatch Centre, Southern Regional Load Despatch Centre, North Eastern Regional Load Despatch Centre, Eastern Regional Load Despatch Centre, Telangana State Load Despatch Centre, Delhi State Load Despatch Centre, DTL Tikri Kalan (Mundka) of Delhi Transco Ltd, V.O. Chidambaranar Port, Mumbai Port Trust.
Recorded Future observed the intrusions in the Indian power sector beginning in mid-2020 amid heightened border tensions between India and China.
Relations between India and China deteriorated significantly following the border clashes in June 2020 that resulted in the first combat deaths in 45 years between the world's two most populous nations, the report noted.
"The attack was unsettling because the hackers targeted the civilian infrastructure. It should not have happened," said Christopher Ahlberg, Recorded Future's CEO and Co-Founder.
It now appears that the Chinese state-backed hackers are winding down their operations, he said.
They appeared to be active till 28 February, but over the past few days, their activities appear to be winding down, Ahlberg said.
From the nature of the attacks, it appears that the Chinese hackers were not interested in any economic gain and espionage advantage. They might have wanted to show their capability for disruptions or it could be a sign of their preparation for any future operations, he said.
"The Chinese will continue this sort of targeting in the future...China will continue to exert pressure on their neighbours," Ahlberg said.
He, however, said that there is not enough data to support any link between the October 2020 power outage in Mumbai and a malware at a Padgha Load Despatch Centre in Thane district.
(This story has been published from a wire agency feed without modifications to the text. Only the headline has been changed.)
As you are no doubt aware, Swarajya is a media product that is directly dependent on support from its readers in the form of subscriptions. We do not have the muscle and backing of a large media conglomerate nor are we playing for the large advertisement sweep-stake.
Our business model is you and your subscription. And in challenging times like these, we need your support now more than ever.
We deliver over 10 - 15 high quality articles with expert insights and views. From 7AM in the morning to 10PM late night we operate to ensure you, the reader, get to see what is just right.
Becoming a Patron or a subscriber for as little as Rs 1200/year is the best way you can support our efforts.