Chinese state sponsored hackers have been accused by a US based cyber-security firm of actively penetrating India’s national infrastructure’s cyber defences, including two ports and the country’s power system.
According to Boston headquartered security firm Recorded Future, relations between India and China deteriorated following last May’s border clash which saw around 20 Indian troops killed near the Himalayan border town of Ladakh, in Kashmir, the first deaths in combat for 45 years.
Alerts from Recorded Future suggested cyber-attacks had started following this border skirmish, and while most of the attacks had now been repelled.
However, Stuart Solomon, the Recorded Future’s chief operating officer, said as of 2 March, Recorded Future could still see a ‘handshake’, which indicates an exchange of traffic, between a China-linked group and an Indian maritime port, reported security consultancy Dryad Global.
Solomon calls the group RedEcho and he added “it had targeted as many as 10 entities under India’s power grid as well as two maritime ports when the company first notified India’s Computer Emergency Response Team on February 10. Most of these connections were still operational as recently as February 28.”
He went on to say that an active connection between RedEcho and the Indian port was still there.
Unconfirmed reports said that these shadowy operators were responsible for last October’s cyber-attack that caused the “collapse of the power grid that supplies Mumbai, an outage that brought the financial hub to a halt for several hours, impacting stock markets, transport networks and thousands of households,” said Dryad Global.
According to Dryad Global, as a result, on 12 January 2021, India’s foreign minister Subrahmanyam Jaishankar announced that “trust between India and China was ‘profoundly disturbed’. While diplomacy and economic factors have been effective in preventing a full-blown war, notable most recently with the bilateral disengagement at the border, cyber operations continue to provide countries with a potent asymmetric capability to conduct espionage or pre-position within networks for potentially disruptive reasons.”
Dryad Global further reported that Chinese foreign ministry spokesman Wang Wenbin said in Beijing on Wednesday, “Without any proof, slandering a specific side is irresponsible behaviour and an ill-intentioned one.”