15.3 C
Athens
Σάββατο, Ιανουάριος 11, 2025

Chinese state-sponsored hackers target Indian power grid assets in Ladakh

Περισσότερα Νέα

- Advertisement -

Chinese state-sponsored hackers had targeted India’s power grids in Ladakh possibly for information on India’s critical infrastructure or to prepare for sabotage in the future.

Chinese state-sponsored hackers had targeted India’s power grids in Ladakh possibly for information on India’s critical infrastructure or to prepare for sabotage in the future, according to the American cybersecurity firm Recorded Future.

This report, released earlier this month, details a campaign conducted by a likely Chinese state-sponsored threat activity group targeting the Indian power sector.

The activity was identified through a combination of large-scale automated network traffic analytics and expert analysis. According to the report, this targeting is likely a long-term strategic priority for select Chinese state-sponsored threat actors active within India.

The prolonged targeting of Indian power grid assets by Chinese state-linked groups offers limited economic espionage or traditional intelligence-gathering opportunities.

- Advertisement -

“We believe this targeting is instead likely intended to enable information-gathering surrounding critical infrastructure systems or is pre-positioning for future activity,” the report said.

The objective for intrusions may include gaining an increased understanding of these complex systems in order to facilitate capability development for future use or gaining sufficient access across the system in preparation for future contingency operations.

In February 2021, Recorded Future’s Insikt Group reported on intrusion activity targeting operational assets within India’s power grid that it attributed to a likely Chinese state-sponsored threat activity group.

Following a short lull after the publication of RedEcho reporting, the American firm detected ongoing targeting of Indian power grid organizations by China-linked adversaries, frequently using the privately shared modular backdoor ShadowPad. ShadowPad continues to be employed by an ever-increasing number of People’s Liberation Army (PLA) and Ministry of State Security (MSS)-linked groups, with its origins linked to known MSS contractors first using the tool in their own operations and later likely acting as a digital quartermaster.

In recent months, the American firm observed likely network intrusions targeting at least 7 Indian State Load Despatch Centres (SLDCs) responsible for carrying out real-time operations for grid control and electricity dispatch within these respective states.

Notably, this targeting has been geographically concentrated, with the identified SLDCs located in North India, in proximity to the disputed India-China border in Ladakh. One of these SLDCs was also targeted in previous RedEcho activity.

iccording to the report, this latest set of intrusions, however, is composed of an almost entirely different set of victim organizations. In addition to the targeting of power grid assets,

“To achieve this, the group likely compromised and co-opted internet-facing DVR/IP camera devices for command and control (C2) of Shadowpad malware infections, as well as use of the open source tool FastReverseProxy (FRP),” the report said.

Despite a partial troop disengagement between India and China from February 2021, the prolonged targeting of Indian critical infrastructure continues to raise concerns over pre-positioning activity being conducted by Chinese adversaries.

While this latest activity displays targeting and capability consistencies with previously identified RedEcho activity, there are also some notable distinctions, the report added.

- Advertisement -

ΑΠΑΝΤΗΣΤΕ

εισάγετε το σχόλιό σας!
παρακαλώ εισάγετε το όνομά σας εδώ

The reCAPTCHA verification period has expired. Please reload the page.

Ροή ειδήσεων

ΣΧΕΤΙΚΑ ΑΡΘΡΑ

The Biggest Peacetime Crime—and Cover-up—in British History

LONDON — The grooming and serial rape of thousands of English girls by men of mostly Pakistani Muslim background over several decades is the...

New China spy revelations show why Trump is wrong to resist TikTok ban

The revelation this weekend that China was able to hack US wireless telecom networks undetected for months proves yet again that President-elect Donald Trump is dead...

Leading Baloch Human Rights body to present testimonies on enforced disappearances in Geneva conference

Leading Balochistan Human Rights group Paank shared on Sunday that it will participate in the first World Congress on Enforced disappearances in Geneva. During...

HMPV: What is human metapneumovirus, are cases surging in China, and should we be worried?

Human metapneumovirus (HMPV) is a respiratory disease that causes flu or cold-like symptoms, but can increase risks or lead to more serious complications like...

ΔΗΜΟΦΙΛΗ ΑΡΘΡΑ

Αποκλειστικό: Το μεγαλύτερο χτύπημα κατά των Χούθι: Πως Ισραήλ-ΗΠΑ & Βρετανία ισοπέδωσαν βάσεις των τρομοκρατών

Τι αναφέρει ισραηλινό ΜΜΕ: ''Η ισραηλινή αεροπορία, σε συντονισμό με τις Ηνωμένες Πολιτείες και τη Βρετανία, πραγματοποίησε αεροπορικές επιδρομές στην Υεμένη με στόχο έναν...

Αποκλειστικό: Τούρκοι κατάσκοποι στις ΗΠΑ – Ποιους παρακολουθούσαν – Τι ”χτύπημα” ετοιμάζουν οι αμερικανικές Αρχές κατά Ερντογάν

Τι αναφέρει το Nordic Monitor ''Η τουρκική κυβέρνηση στις 7 Ιανουαρίου πάγωσε τα περιουσιακά στοιχεία εννέα οργανώσεων με έδρα τις ΗΠΑ, συμπεριλαμβανομένων έξι εκπαιδευτικών ιδρυμάτων...

Ανάλυση: Η τρίτη προσπάθεια του Ερντογάν να ηγηθεί του σουνιτικού Ισλάμ, η Μουσουλμανική Αδελφότητα & η Συρία

Τι αναφέρει αμερικανικό ΜΜΕ: ''Ο Πρόεδρος της Τουρκίας Ρετζέπ Ταγίπ Ερντογάν λαχταρούσε από καιρό αυτή τη στιγμή δικαίωσης. Για αυτόν, είναι μια στιγμή ώριμη με...

Αποκλειστικό: Η αεροπορική εταιρεία Mahan Air, το Ιράν, οι διευκολύνσεις της Τουρκίας & η Χεζμπολάχ

Τι αναφέρει αμερικανικό ΜΜΕ: ''Η Δύναμη Qods του Σώματος των Φρουρών της Ισλαμικής Επανάστασης (IRGC) για δεκαετίες μετέφερε άνδρες και όπλα στη Χεζμπολάχ στο Λίβανο....