Power grid near Ladakh targeted by Chinese state hackers: Report
New Delhi, Apr 07: The threat intelligence firm Recorded Future Inc. said in a report published on Wednesday that suspected state sponsored Chinese hackers targeted the power sector in India in recent months as part of an apparent cyber espionage campaign.
The report said that the hackers focused on seven load dispatch centres in northern India that are responsible for carrying out real time operations for grid control and electricity dispersal in areas located near the India-China border in Ladakh.
The prolonged targeting of Indian power grid assets by Chinese state-linked groups offers limited economic espionage or traditional intelligence gathering opportunities. We believe this is instead likely intended to enable information gathering surrounding critical infrastructure and/or pre-positioning for future activity, the report said.
The report also said that the hackers compromised an Indian national emergency response system and a subsidiary of a multinational logistics company.
TAG-38, the hacking group used a kind of malicious software called ShadowPad, which was previously associated with the People's Liberation Army of China.
Senior manager at Recorded Future, Jonathan Condra said that the method the attackers used to make the intrusions using compromised internet of things devices and cameras was usual. The devices used to launch intrusions based in Taiwan and South Korea, he also said.