China sponsored hackers target Indian energy distribution centres near Ladakh

According to the report, the attacks occurred between August of last year and March of this year. According to the research, data was moving in and out of Indian Load Despatch Centres to Chinese state-sponsored command and control servers located all over the world.

China sponsored hackers target Indian energy distribution centres near Ladakh

New Delhi: Chinese state-sponsored hackers have targeted Indian energy distribution centres near Ladakh during the last eight months, according to a report released on Wednesday by the private intelligence firm Recorded Future.
 
Following a prolonged military standoff between the two countries in the region, a new potential flashpoint has emerged. According to the administration, the attacks were not successful.

"In recent months, we have seen suspected network breaches targeting at least seven Indian State Load Despatch Centres (SLDCs), which are responsible for performing real-time operations for grid control and energy dispatch inside their respective states," the firm says. Notably, the discovered SLDCs are all in North India, close to the sensitive India-China boundary in Ladakh."

According to the report, the attacks occurred between August of last year and March of this year. According to the research, data was moving in and out of Indian Load Despatch Centres to Chinese state-sponsored command and control servers located all over the world.

"In addition to power grid assets, we identified the compromise of a national emergency response system and the Indian affiliate of a multinational logistics corporation by the same threat activity group," Recorded Future stated.

Before publishing the paper, the group stated that they informed the government of their findings.

"Chinese hackers attempted to assault energy distribution centres in Ladakh twice, but both failed... To combat such cyber attacks, we have already strengthened our defence mechanism. " RK Singh Minister Union Minister for Power said.

According to the intelligence firm, which is regarded as one of the largest in the world and specialises in spotting risks from state-sponsored hackers, the Chinese attackers were attempting to obtain information about vital infrastructure systems.

"Due to the continuing targeting of State and Regional Load Despatch Centres in India over the last 18 months, first from RedEcho and now in this latest TAG-38 activity, the above targeting is likely a long-term key initiative for select Chinese government malicious attackers operating within India," the report says.

"The extended targeting of Indian power grid assets by Chinese state-linked entities provides limited prospects for economic espionage or traditional intelligence gathering." We feel that this targeting is more likely to be used to obtain information about critical infrastructure systems or to position for future activity "it was added
"The intension of the intervention may include acquiring a better idea of these complex systems to allow capacity development for future use or gaining sufficient access across the system given the potential contingency operations," Recorded Future explained.

High-profile cyber-attacks are becoming more common around the world. Last year, a ransomware attack on a major gas pipeline endangered millions of people on the US east coast, while a significant section of Australia was on the verge of losing electricity after a crucial energy network was compromised.

The group announced in February last year the compromise of ten different Indian power sector organisations, including four of the five Regional Load Despatch Centres (RLDC), two ports, a big generation operator, and other operational facilities.

It is said that the group Recorded Future continuing its efforts to track Chinese government activity groups trying to target a wide range of sectors worldwide... Even so, the concerted effort to target Indian power grid assets in recent times is notably distinct from our point of view and, given the two countries' continued increased tensions and border conflicts, we believe is cause for concern," it said.