A report detailing the Operational Technology Cyber Attack on India’s power grid by Chinese state-sponsored threat actors ‘Red Echo’, has sparked accusations and denials this week.
On October 12th 2020, grid failure in Mumbai resulted in a 2 hour power outage, shutting business and stopping national transport. The outage even shutdown the Mumbai’s stock exchange. The report by the US-based Recorded Futures released on Sunday, through large-scale automated network traffic analytics and security analysis, discovered that large increases in suspicious targeted intrusion activity had been found.
The hacker group affiliated with the Chinese government are said to have continually targeted the control rooms that manage India’s critical power grids, in a massive prolonged campaign that could have caused widespread blackouts. Among the organisations that were targeted were NTPC Limited (India’s Largest Power Utility), numerous key regional load dispatch centres that manage power distribution across the grid, and two seaports: the V.O. Chidambaranar Port and Mumbai Port Trust.
The ministry of power (POSOCO) officially stated “There is no impact on any of the functionalities carried out by POSOCO due to the referred threat. No data breach/ data loss has been detected due to these incidents.”
China has official denied responsibility, stating it is ‘firmly opposed’ to such irresponsible and ill-intentioned practices.
If the report is correct, it exposes another incident demonstrating that cyberwarfare is now very much a real thing. State-organised and coordinated hacking that takes down national services affects us all, and can have devastating consequences.
Cyber security is an ongoing fight against unknown actors. With more state backing, these attacks are becoming increasingly well funded, driving more and more complexity and potential damage. If you are running a production plant and want an Operational Technology Cyber Security Assessment of your estate, get in contact with Fundamentals First to start the journey of mitigating your cyber risk.