Chinese hackers target India's power grid near Ladakh, says report
Suspected Chinese state-sponsored hackers targeted the Indian power grid in recent months as part of an apparent cyber-espionage campaign, according to a report by the threat intelligence firm Recorded Future Inc. According to the report which was published on Wednesday, the hackers targeted at least seven "load dispatch" centres in northern India, which are responsible for executing real-time grid control and electricity dispersal, near the disputed India-China border in Ladakh. Another hacking group, RedEcho, previously targeted one of the load dispatch centres, which Recorded Future believes has "strong overlaps" with a hacking group linked to the Chinese government. ''In recent months, we observed likely network intrusions targeting at least seven Indian State Load Despatch Centres (SLDCs) responsible for carrying out real-time operations for grid control and electricity dispatch within these respective states. Notably, this targeting has been geographically concentrated, with the identified SLDCs located in North India, in proximity to the disputed India-China border in Ladakh," the report said. According to the Recorded Future report, “the prolonged targeting of Indian power grid assets by Chinese state-linked groups offers limited economic espionage or traditional intelligence gathering opportunities...We believe this is instead likely intended to enable information gathering surrounding critical infrastructure and/or pre-positioning for future activity.” Also Read | JEE Main 2022 postponed for both sessions; check new dates ''The objective for intrusions may include gaining an increased understanding into these complex systems to facilitate capability development for future use or gaining sufficient access across the system in preparation for future contingency operations," the agency added. According to the report, the hackers also infiltrated an Indian national emergency response system and a subsidiary of a multinational logistics firm. Recorded Future says, the hacker group TAG-38 employed a type of malicious software called ShadowPad, which was previously linked to China's People's Liberation Army and the Ministry of State Security. 'The method the attackers used to make the intrusions, using compromised internet of things devices and cameras, was unusual. The devices used to launch the intrusions were based in South Korea and Taiwan," said Jonathan Condra, senior manager at Recorded Future. Also Read | World Health Day 2022: Ministry of Ayush starts countdown for International Yoga Day -PTC News