Dharamshala, 15th April: Chinese hacking is well-known around the world, and government-backed Chinese hacking is not uncommon these days. According to a new assessment from a private cybersecurity firm based in the United States, India’s electricity sector has been targeted by hackers in a long-term operation thought to have been carried out by a state-sponsored Chinese group.
The state-sponsored Chinese hackers have targeted India’s electricity sector in recent months as part of an apparent cyber-espionage effort. The group primarily used the trojan ShadowPad as per the report, which is thought to have been built by Chinese Ministry of State Security contractors, leading to the conclusion that this was a state-sponsored hacking activity, according to the organization. the hackers also hacked into an Indian national emergency response system and a subsidiary of a multinational logistics firm.
The Insikt Group, a threat research division of Massachusetts-based Recorded Future, said it has gathered evidence that hackers targeted seven Indian state centers responsible for electrical dispatch and grid control near a border area that the two nuclear neighbors dispute over the last several months.
The technique the attackers used to make the attacks – employing hijacked internet of things devices and cameras – was unusual, according to Jonathan Condra, a senior manager at Recorded Future. South Korean and Taiwanese devices were used to launch the breaches, he claimed. Investigators have yet to figure out how they were hacked, but Recorded Future speculated that they may have been installed using default credentials, making them vulnerable.
Beijing has denied any involvement in hostile cyber operations on several occasions, which is laughable.
Because the long-term targeting of India’s power grid “offers limited economic espionage or traditional intelligence-gathering opportunities,” Recorded Future believes the goal is more likely to enable information-gathering around nearby critical infrastructure systems or to be pre-positioned for future activity.
Image credit: thecybersecurity.news
Leave a Reply