1. Home
  2. 'Amidst border tension, Chinese hackers targeted India’s power through malware'

'Amidst border tension, Chinese hackers targeted India’s power through malware'

Agencies
March 1, 2021

Amidst heightened border tension, Chinese hackers targeted India's power through malware: US firm | Law-Order

Washington, Mar 1: Amidst the tense border tension between India and China, a Chinese government-linked group of hackers targeted India's critical power grid system through malware, a US company has claimed in its latest study, raising suspicion whether last year's massive power outage in Mumbai was a result of the online intrusion.

Recorded Future, a Massachusetts-based company which studies the use of the internet by state actors, in its recent report details the campaign conducted by a China-linked threat activity group RedEcho targeting the Indian power sector.

The activity was identified through a combination of large-scale automated network traffic analytics and expert analysis.

Data sources include the Recorded Future Platform, SecurityTrails, Spur, Farsight and common open-source tools and techniques, the report said.

On October 12, a grid failure in Mumbai resulted in massive power outages, stopping trains on tracks, hampering those working from home amidst the COVID-19 pandemic and hitting the stuttering economic activity hard.

It took two hours for the power supply to resume for essential services, prompting Chief Minister Uddhav Thackeray to order an enquiry into the incident.

In its report, Recorded Future notified the appropriate Indian government departments prior to publication of the suspected intrusions to support incident response and remediation investigations within the impacted organisations.

There was no immediate response from the Indian government on the study by the US company.

Since early 2020, Recorded Future's Insikt Group observed a large increase in suspected targeted intrusion activity against Indian organisations from the Chinese state-sponsored group.

The New York Times, in a report, said that the discovery raises the question about whether the Mumbai outage was meant as a message from Beijing about what might happen if India pushed its border claims too vigorously.

According to the Recorded Future report, from mid-2020 onwards, Recorded Future's midpoint collection revealed a steep rise in the use of infrastructure tracked as AXIOMATICASYMPTOTE, which encompasses ShadowPad command and control (C2) servers, to target a large swathe of India's power sector.

Ten distinct Indian power sector organisations, including four of the five Regional Load Despatch Centres (RLDC) responsible for operation of the power grid through balancing electricity supply and demand, have been identified as targets in a concerted campaign against India's critical infrastructure.

Other targets identified included two Indian seaports, it said.

According to the report, the targeting of Indian critical infrastructure offers limited economic espionage opportunities.

However, we assess they pose significant concerns over potential pre-positioning of network access to support Chinese strategic objectives, it said.

Pre-positioning on energy assets may support several potential outcomes, including geostrategic signalling during heightened bilateral tensions, supporting influence operations, or as a precursor to kinetic escalation, Recorded Future said.

RedEcho has strong infrastructure and victimology overlaps with Chinese groups APT41/Barium and Tonto Team, while ShadowPad is used by at least five distinct Chinese groups, it said.

The high concentration of IPs (Internet Protocols) resolving to Indian critical infrastructure entities communicating over several months with a distinct subset of AXIOMATICASYMPTOTE servers used by RedEcho indicate a targeted campaign, with little evidence of wider targeting in Recorded Future's network telemetry, it said.

Recorded Future said that in the lead-up to the May 2020 border skirmishes, it observed a noticeable increase in the provisioning of PlugX malware C2 infrastructure, much of which was subsequently used in intrusion activity targeting Indian organisations.

The PlugX activity included the targeting of multiple Indian government, public sector and defence organisations from at least May 2020, it said.

While not unique to Chinese cyber espionage activity, PlugX has been heavily used by China-nexus groups for many years.

Throughout the remainder of 2020, we identified a heavy focus on the targeting of Indian government and private sector organisations by multiple Chinese state-sponsored threat activity groups, it said.

In its report, Recorder Future alleged that it also observed the suspected Indian state-sponsored group Sidewinder target Chinese military and government entities in 2020, in activity overlapping with recent Trend Micro research.

The Massachusetts-based company's report came as the armies of the two countries began disengagement of troops locked in over eight-month-long standoff in eastern Ladakh.

Both countries reached a mutual agreement last month for the disengagement of troops from the most contentious area of North and South banks of the Pangong Lake.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 18,2024

Advisors to US President-elect Donald Trump have instructed his allies and associates to refrain from using the inflammatory language they previously employed when discussing issues related to migrants and the deportation of asylum seekers, in a bid to avoid “looking like Nazis.”

US media reports said that Trump’s associates had been asked to stop using the word “camps” to describe potential facilities that would be used to accommodate migrants rounded up in deportation operations across the country.

The reports said the US president-elect’s allies had been ordered to stave off such charged terms as they would bring to mind “Nazis,” and be used against Trump.

“I have received some guidance to avoid terms, like ‘camps,’ that can be twisted and used against the president, yes,” one Trump ally told American monthly magazine Rolling Stone.

“Apparently, some people think it makes us look like Nazis.”

The presidential advisers also cautioned surrogates and allies to keep racist terms, which have dogged Trump’s campaign, out of their remarks.

They said with Trump’s heated rhetoric that used to compare undocumented immigrants to “animals” and his slight that they are “poisoning the blood of our country,” detractors did not need to reach too far to find parallels to Nazi Germany.

Stephen Miller, who Trump tapped to be his deputy chief of staff of policy, specifically used the word “camps” to describe holding facilities that he hoped the military could put together for immigrants.

Tom Homan, who served as the acting director of Immigration and Customs Enforcement and is chosen by Trump to be in charge of the US borders, was no stranger to such language.

“It’s not gonna be a mass sweep of neighborhoods,” he said in an interview earlier this week. “It’s not gonna be building concentration camps. I’ve read it all. It’s ridiculous.”

Becoming a little more forthright about the new government’s aggressive deportation plans, Homan likened the early days of the Trump administration to the initial invasion of Iraq in 2003.

“I got three words for them – shock and awe,” he said. “You’re going to see us take this country back.”

Trump made immigration a central element of his 2024 presidential campaign but unlike his first run, which was mainly focused on building a border wall, he has shifted his attention to interior enforcement and the removal of undocumented immigrants already in the United States.

People close to the US president and his aides are laying the groundwork for expanding detention facilities to fulfill his mass deportation campaign promise.

The businessman-turned-politician deported more than 1.5 million people during his first term.

The figure do not include the millions of people turned away at the border under a Covid-era policy enacted by Trump and used during most of Biden’s term.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 17,2024

Mangaluru: District-in-Charge Minister and Minister for Health and Family Welfare, Dinesh Gundu Rao, announced that a day-care chemotherapy centre will soon be established at District Wenlock Hospital. Speaking to mediapersons after reviewing the activities at Wenlock and Government Lady Goschen Hospital, he shared the government’s plans to enhance healthcare services in the region.

Key Initiatives Announced

•    Day-Care Chemotherapy Centre:

  • Ten beds will be reserved for cancer patients.
  • The government will collaborate with Yenepoya Hospital to provide chemotherapy treatments.
  • All required facilities for the centre are already in place, awaiting inauguration by the Chief Minister.

•    Wenlock Hospital Facelift:

  • Critical Care Block: To be built at a cost of ₹24 crore.
  • Integrated Public Health (IPH) Lab: Planned with a budget of ₹1 crore.
  • New OPD Block: As per a 2017 agreement, KMC Hospital will take up construction. Discussions with KMC management are underway.

•    Additional Requirements:

  • A new mortuary and post-mortem building.
  • Paramedical college building.
  • Modern kitchen.
  • Bridge connecting two buildings within the hospital.

•    Total facelift cost: ₹6 crore to ₹10 crore, utilizing funds from the Department of Health and Family Welfare and CSR contributions.

•    Timeline:
By December or January, priority works will be finalized. The superintendents of Wenlock and Lady Goschen Hospitals are scheduled to visit Bengaluru next week to discuss these projects.

•    MRI Fee Allegations:
The minister assured that allegations of patients being charged for MRI scans at Wenlock Hospital will be resolved at the earliest.
These measures aim to improve healthcare accessibility and infrastructure, positioning Wenlock Hospital as a state-of-the-art facility in the region.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 21,2024

netanyahu.jpg

The International Criminal Court (ICC) has issued arrest warrants for Israeli prime minister Benjamin Netanyahu and his former minister of military affairs Yoav Gallant over war crimes against Palestinians in the Gaza Strip.

The court’s Pre-Trial Chamber I issued warrants of arrest for Netanyahu and Gallant "for crimes against humanity and war crimes committed from at least 8 October 2023 until at least 20 May 2024, the day the Prosecution filed the applications for warrants of arrest”, it confirmed in a statement Thursday.

It is the first instance in the court's 22-year history it has issued arrest warrants for Western-allied senior officials.

In its statement, the ICC's Pre-Trial Chamber I, a panel of three judges, said it has rejected appeals by Israel challenging its jurisdiction. 

The chamber said it has decided to release the arrest warrants because "conduct similar to that addressed in the warrant of arrest appears to be ongoing", referring to Israel's ongoing onslaught on Gaza.

Netanyahu and Gallant, it said, “each bear criminal responsibility” for “the war crime of starvation as a method of warfare; and the crimes against humanity of murder, persecution, and other inhumane acts,” as well as “intentionally directing an attack against the civilian population.”

All 124 states that signed the Rome Statute, the treaty that established the court, are now under an obligation to arrest the wanted individuals and hand them over to the ICC in the Hague. 

The court relies on the cooperation of member states to arrest and surrender suspects. The Netherlands' foreign minister quickly said his country was prepared to enforce the warrants while 93 nations earlier reiterated their support for the ICC.

Triestino Mariniello, a lawyer representing Palestinian victims at the ICC, called the warrants "a historic decision".

He noted that the court had endured "pressure and threats of sanctions" from the US government, but acted nonetheless.

As expected, the Tel Aviv regime rejected the rulings, with its security minister Itamar Ben Gvir calling the warrants “anti-Semitic through and through.”

The ICC said Israel’s acceptance of the court’s jurisdiction was not required.

Israel and its major ally, the United States, are not members of the court. 

Israel unleashed its bloody Gaza onslaught on October 7, 2023. So far, it has killed at least 43,985 Palestinians, mostly women and children, and injured 104,092 others, according to the Gaza Health Ministry.

Israel faces an ongoing South Africa-led genocide case at the International Court of Justice (ICJ).

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.