Chinese State-Supported Actors Target India’s Power Grid

  • Chinese hackers are systematically targeting key power grid units in India, creating disruption when needed.
  • The hackers have been engaging in this activity for over a year now, and it seems to be a very specific group of actors.
  • India has a widespread problem with state-supported actors, and it won’t be easy to clean and protect all its crucial systems now.

The ongoing hostilities between India and China also extend to the cyber-space, and it appears that India isn’t exactly ready to thwart what comes from the other side of the Himalayas. According to a Recorded Future report, Chinese state-supported hackers have spent a full year targeting a significant part of India’s power sector, including ten individual power sector organizations.

All of these units are critical for the operational aspect of the country’s power grid, as they balance supply and demand. The targets include high-voltage transmission substations, coal-based thermal power plants, and even seaports.

The hackers are reportedly using the ‘ShadowPad’ backdoor, which is a modular malware previously linked to the APT41 group (aka Barium). FireEye has also reported seeing this malware being deployed by Chinese hackers who had cyber-espionage motives. Due to specific quirks in the techniques, infrastructure tactics, and infection procedures, Recorded Future actually believes the attacks against India’s power grid are the work of a group called "RedEcho," which shares many similarities and linkages with other state-supported actors from China but are distinct.

The researchers collected evidence of this activity since early 2020, using multiple data sources, tools, and techniques, so they could confirm that what they logged was a lengthy highly-sophisticated campaign and not just reconnaissance or small-scale attacks. The analysts also commend that the hacks' purpose wasn’t to collect intelligence but to send strategic messages.

Whenever the tensions between the two countries heated up, the Chinese hackers moved to cut the power or introduce disruption in the grid, using their previously established presence in these networks. The New York Times reported on several occasions of this kind, so the facts add up.

Of course, the Recorded Future team has already informed the Indian government about its findings and shared advice on what to do to protect these crucial systems from hackers. Still, it’s up to them to take action and mitigate the associated risks as quickly as possible.

For that to happen, first, they’ll have to uproot the presence of the Chinese hackers, which means finding and removing all malware and backdoors from intricate networks and systems. For countries of India's operational size, and at the point that its IT advancement stands right now, that's easier said than done.



How to Watch The Real Housewives of New Jersey Season 12 Online From Anywhere

Get ready for new plot twists, exploding tempers, and a lot of tension in a new season of The Real Housewives of...

How to Watch Chicago Blackhawks Games Online Without Cable

The Chicago Blackhawks are one of the most widely known teams in the NHL, with a lot of history and a fanbase...

How to Watch Pam & Tommy Online from Anywhere: Release Date, Cast, Plot, & Trailer

This biographical drama series surrounds the infamous controversial '90s tape of Motley Crue drummer Tommy Lee and then-wife actress Pamela Anderson that...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari