1. Home
  2. 'Amidst border tension, Chinese hackers targeted India’s power through malware'

'Amidst border tension, Chinese hackers targeted India’s power through malware'

Agencies
March 1, 2021

Amidst heightened border tension, Chinese hackers targeted India's power through malware: US firm | Law-Order

Washington, Mar 1: Amidst the tense border tension between India and China, a Chinese government-linked group of hackers targeted India's critical power grid system through malware, a US company has claimed in its latest study, raising suspicion whether last year's massive power outage in Mumbai was a result of the online intrusion.

Recorded Future, a Massachusetts-based company which studies the use of the internet by state actors, in its recent report details the campaign conducted by a China-linked threat activity group RedEcho targeting the Indian power sector.

The activity was identified through a combination of large-scale automated network traffic analytics and expert analysis.

Data sources include the Recorded Future Platform, SecurityTrails, Spur, Farsight and common open-source tools and techniques, the report said.

On October 12, a grid failure in Mumbai resulted in massive power outages, stopping trains on tracks, hampering those working from home amidst the COVID-19 pandemic and hitting the stuttering economic activity hard.

It took two hours for the power supply to resume for essential services, prompting Chief Minister Uddhav Thackeray to order an enquiry into the incident.

In its report, Recorded Future notified the appropriate Indian government departments prior to publication of the suspected intrusions to support incident response and remediation investigations within the impacted organisations.

There was no immediate response from the Indian government on the study by the US company.

Since early 2020, Recorded Future's Insikt Group observed a large increase in suspected targeted intrusion activity against Indian organisations from the Chinese state-sponsored group.

The New York Times, in a report, said that the discovery raises the question about whether the Mumbai outage was meant as a message from Beijing about what might happen if India pushed its border claims too vigorously.

According to the Recorded Future report, from mid-2020 onwards, Recorded Future's midpoint collection revealed a steep rise in the use of infrastructure tracked as AXIOMATICASYMPTOTE, which encompasses ShadowPad command and control (C2) servers, to target a large swathe of India's power sector.

Ten distinct Indian power sector organisations, including four of the five Regional Load Despatch Centres (RLDC) responsible for operation of the power grid through balancing electricity supply and demand, have been identified as targets in a concerted campaign against India's critical infrastructure.

Other targets identified included two Indian seaports, it said.

According to the report, the targeting of Indian critical infrastructure offers limited economic espionage opportunities.

However, we assess they pose significant concerns over potential pre-positioning of network access to support Chinese strategic objectives, it said.

Pre-positioning on energy assets may support several potential outcomes, including geostrategic signalling during heightened bilateral tensions, supporting influence operations, or as a precursor to kinetic escalation, Recorded Future said.

RedEcho has strong infrastructure and victimology overlaps with Chinese groups APT41/Barium and Tonto Team, while ShadowPad is used by at least five distinct Chinese groups, it said.

The high concentration of IPs (Internet Protocols) resolving to Indian critical infrastructure entities communicating over several months with a distinct subset of AXIOMATICASYMPTOTE servers used by RedEcho indicate a targeted campaign, with little evidence of wider targeting in Recorded Future's network telemetry, it said.

Recorded Future said that in the lead-up to the May 2020 border skirmishes, it observed a noticeable increase in the provisioning of PlugX malware C2 infrastructure, much of which was subsequently used in intrusion activity targeting Indian organisations.

The PlugX activity included the targeting of multiple Indian government, public sector and defence organisations from at least May 2020, it said.

While not unique to Chinese cyber espionage activity, PlugX has been heavily used by China-nexus groups for many years.

Throughout the remainder of 2020, we identified a heavy focus on the targeting of Indian government and private sector organisations by multiple Chinese state-sponsored threat activity groups, it said.

In its report, Recorder Future alleged that it also observed the suspected Indian state-sponsored group Sidewinder target Chinese military and government entities in 2020, in activity overlapping with recent Trend Micro research.

The Massachusetts-based company's report came as the armies of the two countries began disengagement of troops locked in over eight-month-long standoff in eastern Ladakh.

Both countries reached a mutual agreement last month for the disengagement of troops from the most contentious area of North and South banks of the Pangong Lake.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 30,2025

girlnomore.jpg

Mangaluru, Nov 30: A 22-year-old college student succumbed to her injuries at a private hospital in Mangaluru today, days after she was hit by a goods tempo while crossing a road in Padubidri.

The deceased has been identified as Preksha, a resident of Nadsalu Billitota in Padubidri. The fatal incident occurred as Preksha, who was returning home after completing her examination, attempted to cross the service road towards Mangaluru. She was struck by a goods tempo approaching from the Udupi side, causing her to fall and sustain a severe head injury.

Prompt action from local residents ensured she received immediate first aid before being rushed to a hospital in Mangaluru for specialised treatment. Despite medical efforts, she passed away while undergoing care.

Preksha was a student at Karavali College, Vamanjoor on the outskirts of Mangaluru city. The tragedy is compounded by the fact that she belonged to a financially vulnerable family, having previously lost her father. She is survived by her mother and brother.

A case related to the accident has been registered at the Padubidri police station, and an investigation is underway to determine the exact circumstances that led to the collision. The incident highlights the growing concerns over road safety, particularly on busy service roads, and serves as a tragic reminder of the human cost of traffic accidents.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 21,2025

israel.jpg

Local authorities say the Israeli military has expanded the so-called “yellow line” truce demarcation in Gaza City and repositioned its forces deeper into the territory in violation of a ceasefire agreement that came into force on October 10, besieging dozens of Palestinian families.

Gaza’s Government Media Office announced in a statement on Thursday that Israeli forces widened the boundary by shifting the markers, and advanced roughly 300 meters (984 feet) into the neighborhoods of Ash-Shaaf, An-Nazzaz and Baghdad Street.

The move pushed further into civilian areas, trapping families who were unable to flee as tanks rolled forward, it added.

“The fate of many of these families remains unknown amidst the shelling that targeted the area,” the office said, adding that the expansion of the yellow line shows a “blatant disregard” for the ceasefire deal.

On Friday, sources said the Israeli military carried out continued air and artillery strikes inside the so-called “yellow line” east of Khan Younis in the southern Gaza Strip.

According to the reports, Israeli warplanes and tanks targeted areas within the zone. One Palestinian was reported killed and several others wounded in the strikes, the sources said.

The fresh aggression came only a day after 25 Palestinians were killed in Israeli airstrikes on Gaza City and Khan Younis on Wednesday.

The media office reported that Israel has consistently violated the truce deal since its implementation last month, with near-daily attacks by air, artillery and direct shootings.

The office said over 400 violations have been documented. These breaches have resulted in the deaths of more than 300 Palestinians and left hundreds injured.

The Government Media Office in Gaza urged the guarantors of the ceasefire — the US, Egypt, Qatar and Turkey — to take swift action to halt the ongoing violations and facilitate the delivery of food, shelter materials, medical aid, and infrastructure equipment.

The so-called “yellow line,” set out in the agreement between Israel and Hamas resistance movement, refers to a non-physical partition where the Israeli military repositioned itself when the truce deal took effect.

It has allowed Israel, which routinely fires at Palestinians who approach the line, to retain control over more than half of the Gaza Strip.

International bodies, including the UN Independent International Commission of Inquiry, the International Association of Genocide Scholars, Amnesty International, Human Rights Watch, B’Tselem, and other rights groups, have concluded that the Israeli war on Gaza amounts to genocide.

In the attacks in Gaza since October 2023, Israel has killed at least 69,546 people and injured 170,833 others, leveling large swaths of the territory and displacing almost all of the population. 

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 21,2025

Bantwal: A domestic dispute appears to have led to a violent confrontation in BC Road area, where the owner of a textile shop was allegedly attacked with a knife by his wife on Wednesday evening.

Krishna Kumar Somayaji, the owner of Somayaji Textiles, sustained serious injuries in the incident and was immediately taken to a hospital for treatment. He is currently receiving care in the intensive care unit and is reported to have survived the assault, according to police.

The Bantwal Town police have registered a case against Somayaji's wife, Jyothi KT, who has since been taken into custody.

Police stated that the complainant, Namita, an employee at the shop, reported the sequence of events. She stated that around 7 p.m. on Wednesday, the suspect entered the shop, wearing a burqa and disguised as a customer, before attacking Somayaji with a knife. The employee then transported the injured owner to a local hospital via an autorickshaw.

Superintendent of Police Arun K confirmed that an ongoing domestic dispute between Somayaji and his wife reportedly preceded the attack. Police noted that Jyothi KT had previously visited the shop and issued threats.

Based on the complaint, Bantwal Town police have registered a case under relevant sections of the Bharatiya Nyaya Sanhita (BNS) and the Indian Arms Act-1959. An investigation into the incident is currently underway.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.