By Elishya Perera
NEW DELHI (CU)_A “State-sponsored” Chinese cyber-attack targeting several Indian power centres have been thwarted, after government cyber agencies warned these centres, the Union Power Ministry said on Monday (March 1).
“There is no impact on any of the functionalities carried out by the Power Sector Operations Corporation (POSOCO) due to the referred threat,” the Ministry said in a statement. “No data breach/ data loss has been detected due to these incidents.”
It added that the Chief Information Security Officers (CISOs) at the centres operated by the POSOCO have promptly acted on the warnings received from agencies such as CERT-in, NCIIPC and CERT-Trans.
The Ministry also listed several steps taken in response to the warnings, in order to ensure that there is no “communication and data transfers” taking place to the Internet Protocol addresses (IPs) mentioned as dangerous by the National Critical Information Infrastructure Protection Centre (NCIIPC).
“All IPs and domains listed in NCIIPC mail have been blocked in the firewall at all control centres. Log of firewall is being monitored for any connection attempt towards the listed IPs and domains. Additionally, all systems in control centres were scanned and cleaned by antivirus,” it said.
Officials noted that in November 2020 and in February 2021 they were warned by several government agencies regarding a threat by the Chinese group “Red Echo”, through a malware called “ShadowPad”, which is said to be responsible for the recent attack as well.
Meanwhile, the New York Times reported of a report issued by Recorded Future, a US cyber security firm, that the Mumbai power outage in October 2020 was part of a coordinated cyber-attack by China, while Red Echo was once again said to be responsible for the incident.
Referring to the report, a top American lawmaker, Congressman Frank Pallone, on Monday urged the Biden administration to stand by India in relation to the attack.
“The US must stand by our strategic partner and condemn China’s dangerous cyber-attack on India’s grid, which forced hospitals to go on generators in the midst of a pandemic,” he said in a tweet. “We cannot allow China to dominate the region through force and intimidation.”
The US State Department said it is aware of these reports, adding that it works with partners around the world to respond to shared threats in cyberspace. “In general, we continue to have concerns about states’ dangerous and coercive actions, including in cyberspace, and we reaffirm the importance of joint action on cybersecurity, critical infrastructure, and supply chain security,” a spokesperson for the Department said.
Nevertheless, New Delhi has not commented on the report and the Ministry of Power made no reference to it in the recent statement.
