Chinese-state backed hackers targeted Indian electricity dispatch centres near Ladakh. (Representational)
New Delhi: Chinese state-sponsored hackers targeted Indian electricity distribution centres near Ladakh over the last eight months, a report by private intelligence firm Recorded Future said on Wednesday, in a new potential flashpoint following a protracted military standoff between the two countries in the region. The government said the attacks were not successful.
''In recent months, we observed likely network intrusions targeting at least seven Indian State Load Despatch Centres (SLDCs) responsible for carrying out real-time operations for grid control and electricity dispatch within these respective states. Notably, this targeting has been geographically concentrated, with the identified SLDCs located in North India, in proximity to the disputed India-China border in Ladakh," the group said.
The attacks took place between August last year and March, sources said. The investigation found the data passing in and out of Indian Load Despatch Centres to the Chinese state-sponsored command and control servers spread across the world, they said.
"In addition to the targeting of power grid assets, we also identified the compromise of a national emergency response system and the Indian subsidiary of a multinational logistics company by the same threat activity group," Recorded Future said.
The group said they alerted the government of their findings before publishing the report.
"Two attempts by Chinese hackers were made to target electricity distribution centres near Ladakh but were not successful... We've already strengthened our defence system to counter such cyber attacks," Power Minister RK Singh was quoted as saying by news agency ANI.
According to the intelligence firm, considered to be among the world's largest with a specialisation in identifying threats from state-sponsored hackers, the Chinese attackers were trying to gather information surrounding critical infrastructure systems.
''Given the continued targeting of State and Regional Load Despatch Centres in India over the past 18 months, first from RedEcho and now in this latest TAG-38 activity, this targeting is likely a long-term strategic priority for select Chinese state-sponsored threat actors active within India," it said.
''The prolonged targeting of Indian power grid assets by Chinese state-linked groups offers limited economic espionage or traditional intelligence-gathering opportunities. We believe this targeting is instead likely intended to enable information gathering surrounding critical infrastructure systems or is pre-positioning for future activity," it added.
''The objective for intrusions may include gaining an increased understanding into these complex systems in order to facilitate capability development for future use or gaining sufficient access across the system in preparation for future contingency operations," Recorded Future said.
High profile cyber-attacks have been growing around the world. Last year millions of people on the US east coast were affected by a ransomware attack on a major gas pipeline while a large swathe of Australia was moments away from losing power after a key energy network was hit.
The group said in February last year, it had reported the compromise of 10 distinct Indian power sector organisations, including four of the five Regional Load Despatch Centres (RLDC), two ports, a large generation operator, and other operational assets.
''Recorded Future continues to track Chinese state-sponsored activity groups targeting a wide variety of sectors globally... However, the coordinated effort to target Indian power grid assets in recent years is notably distinct from our perspective and, given the continued heightened tension and border disputes between the two countries, we believe is a cause for concern," it said.
India and China have long disputed their vast 3,500-km-long frontier and fought a brief border war in Arunachal Pradesh in 1962.
Tensions flared in 2020 after a lethal high-altitude skirmish in the far-northern region of Ladakh, which saw hand-to-hand combat between troops in the contested Galwan Valley.
Since then, multiple rounds of talks have had limited success in de-escalating tensions and both sides have reinforced the region with additional military hardware and thousands of extra soldiers.
Last month, India said ties with China could not be normal until their troops pulled back from each other, but Beijing struck a conciliatory note during a meeting of their foreign ministers in New Delhi.