New Delhi (TIP)- Chinese hackers targeted power grids in north India over the last several months including in March this year, a US-based private cybersecurity firm has claimed. It said the seven targeted State Load Despatch Centres (SLDCs) were “in proximity to the disputed India-China border in Ladakh”. Using a family of malware called ShadowPad, these hackers targeted SLDCs in north Indian states, according to a report released by Recorded Future, a Massachusetts-based cyber security firm that describes itself as specialising in the collection, processing, analysis and dissemination of threat intelligence.
The hackers are backed by Chinese state entities, the report said, linking the use of the trojan ShadowPad and hacking groups to the People’s Liberation Army and the Chinese Ministry of State Security.
It said the company had informed the Indian authorities before publication of the report.
“In recent months, we observed likely network intrusions targeting at least 7 Indian State Load Despatch Centres (SLDCs) responsible for carrying out real-time operations for grid control and electricity dispatch within these respective states. Notably, this targeting has been geographically concentrated, with the identified SLDCs located in North India, in proximity to the disputed India-China border in Ladakh,” the report said.
The report said the hackers, named by the firm as Threat Activity Group (TAG) 38, also targeted an emergency response force, and an Indian subsidiary of a multinational logistics company.
Although the report did not identify the targets, a blank map in the report pinpoints the locations of the attacks in the areas of Jammu, Punjab, Himachal Pradesh, Delhi and Haryana-Rajasthan.
Speaking on the sidelines of a clean energy ministerial meet in the national capital, Power Minister R K Singh acknowledged attempts were made by China, but added India’s defences against such intrusions were strong.
“Our defence against cyber attack is strong. These were probing attacks in December, January and February. They did not succeed. But we are aware,” he said. He also said action was taken way back in 2018 against suspected cyber attacks on the country’s power supply system. “We had put protocols in place. Those protocols are working and we are strengthening those protocols every day. So, our cyber defence against cyber attack is strong. We are confident about that,” Singh asserted.
Ministry of External Affairs spokesperson Arindam Bagchi said, “We have seen the reports. There is a mechanism in place so that our critical infrastructure remains resilient in such cases… We have systems in place to safeguard critical infrastructure… I don’t have any information that we have raised the issue with China.”