Chinese state-sponsored hackers targeted Indian electricity distribution centers near Ladakh in recent months, according to a report by a private intelligence firm recorded, Future said. On Wednesday.
In a potential flashpoint following a month-long military standoff between the two countries in the region. The intelligence firm recorded future incorporate is considered to be among the world’s largest with specialization and identifying threats from state-sponsored hackers.
Victim states
Recorded Future Inc. A press release said “in recent months, we observed lightly network intrusion targeting at least seven Indian state low dispatching centers (SLDCs) responsible for carrying out real-time operations for grid control and electricity dispatch within these respective states.
Notably, this targeting has been geographically concentrated within the identified SLDCs located in northern India and proximity to the disputed India-China border in Ladakh.”
What is SLDC?
The State Load-based Data Center is the apex body to ensure integrated operation of the power system in the state and assess possible to ensure. Integrated operations of the power system, are responsible for optimum scheduling and dispatch of electricity in a state and a breach here can lead to the failure of electricity in the entire state.
Recorded future said they alerted the government of their findings before publishing the report and added,
“In addition to the targeting of power grid assets. We also identified the compromise of a national emergency response system and the Indian subsidiary of a multinational logistic company by the same threat.”
What China is trying to achieve?
According to the intelligence firm the Chinese attackers were trying to gather information surrounding critical infrastructure systems.
Given the continued targeting of state and regional load dispatch centers in India over the last 18 months with the first being Red Echo and now in this latest TAG-38 activity, this targeting is likely a long-term strategic priority.
Further, adding the intelligence firm said, “the prolonged targeting of Indian power grid assets by Chinese state-linked groups offers limited economic espionage or traditional intelligence gathering opportunities with an objective for intrusions may include gaining an increased understanding into these complex systems.
We believe this targeting is instead likely intended to enable information-gathering, surroundings, and critical infrastructure system or is pre-positioning for future activities. Last year, Chinese hackers had attacked the Mumbai-based Power Distribution system to destabilize the power supplies.
The intelligence firm said in February last year it had reported the compromise of 10 distinct Indian power sector organizations, including four of the five regional load dispatch centers to port and a large power generation operator with other operational assets.
Steps were taken for prevention
- · The Ministry of Power has advised all these state assemblies to do a cyber security audit of IT as well as operational technology systems every six months.
- · Install next-generation firewall and use updated AV solutions.
- · The ministry has further asked load dispatch centers to trace and isolate the system from where the malicious connections were made.
- · Some states have already adopted firewalls like Gaj shield and Sophos to check such cyber attempts of
hackers.
.
Published By – Damandeep Singh
Edited By-Kritika Kashyap
