'No impact' on power grid operations due to malware attack: Centre
New Delhi, Mar 01: The Ministry of Power on Monday said there is no impact on operations of Power System Operation Corporation (POSOCO) due to any malware attack and that prompt actions are taken on advisories issued against such threats.
Recommended Video
The ministry was responding to a study carried out by a private US company which suggested that a China-linked group targeted India''s power grid system through malware, a software designed to cause damage to a computer network.
This study raised suspicion whether last year's massive power outage in Mumbai was a result of the online intrusion.
However, the ministry did not mention about the Mumbai outage in its statement.
Responding on the findings of the study, the ministry said, "There is no impact on any of the functionalities carried out by POSOCO due to the referred threat. No data breach/ data loss has been detected due to these incidents."
The ministry further said, "Prompt actions are being taken by the CISOs (chief information security officers) at all these control centres under operation by POSOCO for any incident/advisory received from various agencies like CERT-in, NCIIPC, CERT-Trans etc."
The CERT-in (Indian Computer Emergency Response Team) is the nodal agency to deal with cyber security threats like hacking and phishing.
The NCIIPC (National Critical Information Infrastructure Protection Centre (NCIIPC) is national nodal agency for critical information infrastructure protection.
A Chinese government-linked group of hackers targeted India's critical power grid system through malware, Recorded Future, a Massachusetts-based company, said in its latest study.
Recorded Future, which studies the use of the internet by state actors, in its recent report details the campaign conducted by a China-linked threat activity group RedEcho targeting the Indian power sector.
The activity was identified through a combination of large-scale automated network traffic analytics and expert analysis.
Data sources include the Recorded Future Platform, SecurityTrails, Spur, Farsight and common open-source tools and techniques, the report said.
In response to the allegation, Chinese Foreign Ministry spokesman Wang Wenbin on Monday rejected the criticism about China's involvement in the hacking of India's power grid, saying it is "irresponsible and ill-intentioned" to make allegations without proof.
On October 12, a grid failure in Mumbai resulted in massive power outages, stopping trains on tracks, hampering those working from home amidst the COVID-19 pandemic and hitting the stuttering economic activity hard.
It took two hours for the power supply to resume for essential services, prompting Chief Minister Uddhav Thackeray to order an enquiry into the incident.
In its report, Recorded Future notified the appropriate Indian government departments prior to publication of the suspected intrusions to support incident response and remediation investigations within the impacted organisations.
The ministry explained in its statement, "The IPs mentioned in Red Echo related advisory are matching with those given in Shadow pad Incidents already informed by CERT-in in the month of November,2020. Observations from all RLDCs (regional load dispatch centres) & NLDC (national load dispatch centre) shows that there is no communication & data transfer taking place to the IPs mentioned."
All IPs and domains listed in NCIIPC mail have been blocked in the firewall at all control centres. Log of firewall is being monitored for any connection attempt towards the listed IPs and domains. Additionally, all systems in control centres were scanned and cleaned by antivirus, the ministry added.
Referring to a report from Insikt talks about the imminent threat from the Red Echo group based in China, the ministry said, "A system of monitoring and analysis of cyber activities is already in place at all RLDCs & NLDC, operated by POSOCO. Further, an email was received from CERT-In on 19th November, 2020 on the threat of malware called Shadow Pad at some control centres of POSOCO. Accordingly, action has been taken to address these threats."
Subsequently, it stated that NCIIPC informed through a mail dated 12th February, 2021 about the threat by Red Echo through a malware called Shadow Pad.
It had said: "Chinese state-sponsored threat actor group known as Red Echo is targeting Indian Power sector''s Regional Load Dispatch Centres (RLDCs) along with State Load Dispatch Centres (SLDCs). "
Some IP addresses and domain names were mentioned. The report of Insikt also refers the threat actors already informed by CERT-in & NCIIPC, the ministry explained.
-
Voting Ends In Assam, Kerala And Puducherry With Record Turnout - Is There An SIR Impact? -
Nitish Kumar Set To Move To Rajya Sabha, Bihar Likely To Get New Chief Minister Next Week -
Karan Adani Announces ₹33,000 Crore Investment in Odisha, Launches Key Industrial Projects -
KC Venugopal Writes Open Letter To Pinarayi Vijayan, Raises 10 Questions On Alleged ‘Deals’ With BJP Leaders' -
Assam Police Arrive At Pawan Khera’s Delhi Residence After FIR In Riniki Bhuyan Passport Row -
Farmer registry to link Uttar Pradesh schemes, says Yogi Adityanath, with priority procurement access -
₹2,000 Monthly Aid, 3 Lakh Jobs in 300 Days: Congress’ Big Poll Promises In Tamil Nadu -
Andhra Officer Held In DA Case After ACB Unearths Crores In Gold, Property And Cash -
Congress Manifesto for TN Assembly Elections 2026, Rahul Gandhi Missing from Campaign -
From Tablet-Laptop For Students To Shiksha Mitra Pay Hike: UP Cabinet Approves 22 Key Proposals -
2027 Census In Telangana: Digital Self-Enumeration From April 26, Houselisting Starts May 11 -
Hyderabad To Get 6-Lane Tunnel Under Begumpet Airport Runway After AAI Approval
Click it and Unblock the Notifications
Sign in with Google