No data breach in Chinese hacking attempt at power grid system, says govt

The Centre on Monday denied any data breach in the attempt made by Chinese hackers to target the country's power grid system.

In a statement, the power ministry said, "An email was received from CERT-In on 19th November, 2020 on the threat of malware called Shadow Pad at some control centres of POSOCO. Accordingly, action has been taken to address these threats."

"NCIIPC informed through mail on Feb 12 about threat by Red Echo through malware Shadow Pad that 'Chinese state-sponsored threat Actor group known as Red Echo is targeting Indian Power sector's Regional Load Dispatch Centres along with State Load Dispatch Centres'," the ministry added.

It also said that the government took prompt action by blocking all IP addresses and domains listed in NCIIPC mail. All systems in control centres were scanned and cleaned by antivirus, the ministry further said.

"Observations from all RLDCs and NLDC shows that there is no communication & data transfer taking place to the IPs mentioned. There is no impact on any of the functionalities carried out by POSOCO due to the referred threat. No data breach/data loss has been detected due to these incidents," the ministry's statement said.

Recorded Future, a Massachusetts-based company which studies the use of the internet by state actors, in its recent report gave details about the campaign conducted by a China-linked threat activity group Red Echo targeting the Indian power sector.

The activity was identified through a combination of large-scale automated network traffic analytics and expert analysis.

On October 12, a grid failure in Mumbai resulted in massive power outages, stopping trains on tracks, hampering those working from home amidst the Covid-19 pandemic and hitting the stuttering economic activity hard.

It took two hours for the power supply to resume for essential services, prompting Maharashtra chief minister Uddhav Thackeray to order an enquiry into the incident.