1. Home
  2. 'Amidst border tension, Chinese hackers targeted India’s power through malware'

'Amidst border tension, Chinese hackers targeted India’s power through malware'

Agencies
March 1, 2021

Amidst heightened border tension, Chinese hackers targeted India's power through malware: US firm | Law-Order

Washington, Mar 1: Amidst the tense border tension between India and China, a Chinese government-linked group of hackers targeted India's critical power grid system through malware, a US company has claimed in its latest study, raising suspicion whether last year's massive power outage in Mumbai was a result of the online intrusion.

Recorded Future, a Massachusetts-based company which studies the use of the internet by state actors, in its recent report details the campaign conducted by a China-linked threat activity group RedEcho targeting the Indian power sector.

The activity was identified through a combination of large-scale automated network traffic analytics and expert analysis.

Data sources include the Recorded Future Platform, SecurityTrails, Spur, Farsight and common open-source tools and techniques, the report said.

On October 12, a grid failure in Mumbai resulted in massive power outages, stopping trains on tracks, hampering those working from home amidst the COVID-19 pandemic and hitting the stuttering economic activity hard.

It took two hours for the power supply to resume for essential services, prompting Chief Minister Uddhav Thackeray to order an enquiry into the incident.

In its report, Recorded Future notified the appropriate Indian government departments prior to publication of the suspected intrusions to support incident response and remediation investigations within the impacted organisations.

There was no immediate response from the Indian government on the study by the US company.

Since early 2020, Recorded Future's Insikt Group observed a large increase in suspected targeted intrusion activity against Indian organisations from the Chinese state-sponsored group.

The New York Times, in a report, said that the discovery raises the question about whether the Mumbai outage was meant as a message from Beijing about what might happen if India pushed its border claims too vigorously.

According to the Recorded Future report, from mid-2020 onwards, Recorded Future's midpoint collection revealed a steep rise in the use of infrastructure tracked as AXIOMATICASYMPTOTE, which encompasses ShadowPad command and control (C2) servers, to target a large swathe of India's power sector.

Ten distinct Indian power sector organisations, including four of the five Regional Load Despatch Centres (RLDC) responsible for operation of the power grid through balancing electricity supply and demand, have been identified as targets in a concerted campaign against India's critical infrastructure.

Other targets identified included two Indian seaports, it said.

According to the report, the targeting of Indian critical infrastructure offers limited economic espionage opportunities.

However, we assess they pose significant concerns over potential pre-positioning of network access to support Chinese strategic objectives, it said.

Pre-positioning on energy assets may support several potential outcomes, including geostrategic signalling during heightened bilateral tensions, supporting influence operations, or as a precursor to kinetic escalation, Recorded Future said.

RedEcho has strong infrastructure and victimology overlaps with Chinese groups APT41/Barium and Tonto Team, while ShadowPad is used by at least five distinct Chinese groups, it said.

The high concentration of IPs (Internet Protocols) resolving to Indian critical infrastructure entities communicating over several months with a distinct subset of AXIOMATICASYMPTOTE servers used by RedEcho indicate a targeted campaign, with little evidence of wider targeting in Recorded Future's network telemetry, it said.

Recorded Future said that in the lead-up to the May 2020 border skirmishes, it observed a noticeable increase in the provisioning of PlugX malware C2 infrastructure, much of which was subsequently used in intrusion activity targeting Indian organisations.

The PlugX activity included the targeting of multiple Indian government, public sector and defence organisations from at least May 2020, it said.

While not unique to Chinese cyber espionage activity, PlugX has been heavily used by China-nexus groups for many years.

Throughout the remainder of 2020, we identified a heavy focus on the targeting of Indian government and private sector organisations by multiple Chinese state-sponsored threat activity groups, it said.

In its report, Recorder Future alleged that it also observed the suspected Indian state-sponsored group Sidewinder target Chinese military and government entities in 2020, in activity overlapping with recent Trend Micro research.

The Massachusetts-based company's report came as the armies of the two countries began disengagement of troops locked in over eight-month-long standoff in eastern Ladakh.

Both countries reached a mutual agreement last month for the disengagement of troops from the most contentious area of North and South banks of the Pangong Lake.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
May 18,2024

Devegowda.jpg

Bengaluru, May 18: JD(S) patriarch HD Deve Gowda, who turned 92 on Saturday, broke his silence on the sexual abuse charges leveled against his grandson and MP Prajwal Revanna. He stated that he has no objection to the action taken against him if found guilty. However, he mentioned that the cases against his son, JD(S) MLA HD Revanna, who is facing charges of sexual harassment and kidnapping of a woman, were 'created'. He refrained from further commenting as the matter is sub judice.

Recently, Gowda announced his decision not to celebrate his birthday and requested well-wishers and party workers to wish him from wherever they are.

"... I don't want to comment on things that are going on in the court regarding Revanna. Prajwal Revanna has gone abroad. Regarding that, Kumaraswamy (Gowda's other son and state JD(S) chief) has, on behalf of our family, said it is the duty of the government to take action in accordance with the law of the land," Gowda said.

Addressing reporters, the former PM said, "There are several people connected to these sexual abuse cases. I don't want to mention anyone's names. Kumaraswamy has stated that those involved in this matter should face action, and the affected women should get justice and compensation."

"There is no objection from us to taking action against Prajwal. But people have come to know the facts about the allegations made against Revanna, how the case has been created. In one case, he has been granted bail, and in another case, the judgment is expected day after tomorrow... I don't want to comment on it," he said, concurring with Kumaraswamy's statement that if found guilty, no one should be spared.

Prajwal (33) is facing charges of multiple instances of sexually abusing women. The scandal has sparked a political storm with the ruling Congress and BJP-JD(S) engaged in a slugfest.

Prajwal reportedly left for Germany on April 27 and is still at large. An Interpol Blue Corner Notice has been issued against him in an effort to bring him back.

He was the BJP-JD(S) alliance's joint candidate from the Hassan Lok Sabha segment, which went to polls on April 26.

Meanwhile, Gowda's 66-year-old son, Revanna, a former Minister, has been granted interim anticipatory bail from a court here in a sexual harassment case in which his son Prajwal is also an accused.

Asked whether there was a conspiracy to defame and politically scuttle his family, Gowda said, "It is true... considering all that has happened, several people are involved. I won't mention names. Kumaraswamy will address what action needs to be taken."

Responding to a query on BJP leader and advocate G Devaraje Gowda's allegations that Deputy Chief Minister DK Shivakumar is behind the circulation of a pen drive containing explicit videos involving Prajwal Revanna, Gowda said Kumaraswamy will respond to all of this.

"We have seen in the media what Devaraje Gowda has said. Kumaraswamy, as the party's state President, has been actively responding to all this. He will speak. I won't at this point. I had campaigned for the Lok Sabha polls. On June 4, after the Lok Sabha poll results are announced, I will meet with you (media)," he added.

Gowda also appealed to media persons campaigning near his house to end it. "I also appeal to your owners."

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
May 10,2024

AKejrival.jpg

The Supreme Court Friday granted interim bail to Delhi Chief Minister Arvind Kejriwal till June 1 in the excise policy case.

The top court, however, stated that it will be passing a detailed order over the matter soon.

On Thursday, the Enforcement Directorate had opposed the move to grant interim bail to Kejriwal saying that “any special concession” to him will “amount to anathema to the rule of law and equality… thereby creating two separate classes in the country viz. ordinary people, who are bound by the rule of law as well as the laws of the country, and politicians who can seek exemption from the laws”.

The ED had arrested Kejriwal on March 21 in the excise policy case.

“The right to campaign for an election is neither a fundamental right nor a constitutional right and not even a legal right,” the ED said, maintaining that to its knowledge, “no political leader has been granted interim bail for campaigning even though he is not the contesting candidate”.

After the ED filed its affidavit, the AAP, in a press release, said, “The legal team of Delhi Chief Minister and AAP National Convenor, Shri Arvind Kejriwal, has raised strong objection to the affidavit filed by the Enforcement Directorate opposing interim bail in the Supreme Court.”

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
May 10,2024

brijbhushan.jpg

New Delhi: In a big blow to Brij Bhushan Sharan Singh, a Delhi court has ordered the framing of charges against the former Wrestling Federation of India chief in the sexual harassment allegations levelled by women wrestlers. The court has said there is sufficient evidence on record to do so, and the trial against him can now begin. 

Friday's order by the Rouse Avenue court comes days after the BJP decided not to repeat Mr Singh, who is the party MP from Uttar Pradesh's Kaiserganj, as the candidate from the constituency and decided to field his son Karan Bhushan Singh instead. 

The court has ordered the framing of charges under Indian Penal Code sections Ordered to frame charges against Brij Bhushan under sections 354 (outraging a woman's modesty), 354-A (sexual harassment) and 506 (criminal intimidation). The Delhi Police had filed a chargesheet against under these sections and one additional section - 354D (stalking) - on June 15 last year. 

Charges should also be framed against the former assistant secretary of the Federation, Vinod Tomar, under Section 506, the court said. 

Additional Chief Metropolitan Magistrate Priyanka Rajpoot said the charges will be framed against Mr Singh for sexually harassing five wrestlers and that he stands discharged in the allegations levelled by the sixth.

The six-time MP has been at the centre of a huge political storm since last year, when sexual harassment charges were levelled against him and protesters had hit the streets led by Olympic medallists Sakshee Malikkh and Bajrang Punia, as well as Commonwealth Games and Asian Games medallist Vinesh Phogat.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.