Chinese hackers hacked into least seven ‘load dispatch’ centers in northern India that are responsible for carrying out real-time operations for grid control and electricity dispersal in the disputed India-China border in Ladakh, according to threat intelligence firm Recorded Future Inc.
A report published Wednesday said the one of the load dispatch centers previously was the target of another hacking group, RedEcho, which has been on the target list of the U.S. for having ties to the Chinese government.
‘The prolonged targeting of Indian power grid assets by Chinese state-linked groups offers limited economic espionage or traditional intelligence gathering opportunities,] the report states.
‘We believe this is instead likely intended to enable information gathering surrounding critical infrastructure and/or pre-positioning for future activity.’
In addition to the power grid, the hackers are reported to have breached a national emergency response system as well as a subsidiary of a multinational logistics company.
The hacking group, dubbed TAG-38, has used a kind of malicious software called ‘ShadowPad’, previously associated with China’s People’s Liberation Army and the Ministry of State Security.
The attackers are said to have used an ‘unusual; method of attack through ‘compromised internet of things devices’ such as cameras.
The devices used to launch the intrusions were based in Taiwan, with some in South Korea as well.
The Chinese Ministry for Foreign Affairs didn’t respond to the allegations.
China has consistently denied involvement in any malicious cyber activity against other sovereign nations.
Indian authorities are yet to comment on the development.
Stay updated with all the insights.
Navigate news, 1 email day.
Subscribe to Qrius