According to the US firm, even as authorities block attempts to penetrate the nation’s electrical sector, at least one connection opened by Chinese state-sponsored hackers is still active in the network system of an Indian port.
The COO of firm, Stuart Solomon said that they could see a ‘handshake’ between a China-linked group and an Indian maritime port.
On February 10, when Recorded Future first notified the Computer Emergency Response Team that the group which it calls RedEcho, has targeted as many as 10 entities under India’s power grid as well as two maritime ports. According to the COO, most of the connections were operational as recently as February 28.
Referring to the port, Mr. Solomon said that a connection still exits between attacker and attackee.
On Wednesday, Chinese Foreign Ministry spokesman Wang Wenbin said that it is irresponsible as well as ill-intentioned behaviour to slander a specific side without any proof.
Attacks Can be Traced To The Indo-China Border Dispute
According to the cyber security firm, the intrusions into the critical infrastructure have been occurring since at least the middle of last year and can be traced to the start of altercations between the troops of Indian and Chinese army at a border post in the Himalayas.
In October last year, there was a collapse of the power grid that supplies Mumbai. These power outage brought the nation’s financial capital to a standstill eventually impacting stock markets, transport networks and thousands of households. There have been discussions across India’s federal and state governments about whether or not cyber security was responsible for such a collapse.
Though no connection or assertion of any kind has between made by Recorded Future about the Mumbai power outage and RedEcho. However the COO said that such a technique to exert power is not unusual in the security circles.
This technique is in turn used to exert pressure to manipulate operations by influencing either the people or the government as the attackers have a leverage.
Denying any cyberattack, Federal officials have confirmed that malware was found. On Tuesday, Power Ministry said that they were emailed by The National Critical Information Infrastructure Protection Centre about the threat from RedEcho. User credentials and vulnerable equipment were changed.
Investigators are due to present about their findings to the local lawmakers on Wednesday.
Cyber-attack Not Attributed To Any Country or Entity By State Home Minister
Referring to the Mumbai power outage, Maharashtra state’s home minister Anil Deshmukh on Monday said that the according to the initial information 14 Trojan Horses and 8 gigabyte of unaccounted foreign data could have been transferred to the main electricity board. However, he hasn’t attributed the cyber-attack to any specific country or entity.
Of all the 10 entities that have been infiltrated by RedEcho, account for nearly 80% of the country’s land mass from an electricity-coverage perspective. COO Solomon also said that until these are needed as a leverage, such intrusions go unexposed and undetected.
Comments are closed, but trackbacks and pingbacks are open.