Suspected state-sponsored Chinese hackers are said to have been targeting India’s power sector as part of an evident cyber-espionage campaign. According to a report by the threat intelligence firm Recorded Future Inc. published on Wednesday, the hackers targeted at least seven Load Despatch Centres (SLDCs) in northern India responsible for carrying out real-time operations for grid control and electricity dispatch in the areas they are situated in.
The SLDCs are located near the disputed India-China border in Ladakh, the report notes.
One of the SLDCs was targeted earlier by another hacking group, RedEcho, which Recorded Future said shares "strong overlaps" with a hacking group that the US has linked to the Chinese government.
"The prolonged targeting of Indian power grid assets by Chinese state-linked groups offers limited economic espionage or traditional intelligence-gathering opportunities," the report states.
"We believe this is instead likely intended to enable information-gathering surrounding critical infrastructure and/or pre-positioning for future activity," it adds.
Furthermore, the report states that hackers also compromised an Indian national emergency response system as well as a subsidiary of a multinational logistics firm. The hacking group, named TAG-38, has used ShadowPad malware, which is a kind of malicious software that steals data from a victim computer and automatically communicates with the computer servers at the hacker's end.
The malware was earlier associated with China's People's Liberation Army (PLA) and the Ministry of State Security, as per Recorded Future.
Despite several accusations of sponsoring criminal contract hackers, China has constantly refuted its involvement in malicious cyber activity.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
