1. Home
  2. 'Amidst border tension, Chinese hackers targeted India’s power through malware'

'Amidst border tension, Chinese hackers targeted India’s power through malware'

Agencies
March 1, 2021

Amidst heightened border tension, Chinese hackers targeted India's power through malware: US firm | Law-Order

Washington, Mar 1: Amidst the tense border tension between India and China, a Chinese government-linked group of hackers targeted India's critical power grid system through malware, a US company has claimed in its latest study, raising suspicion whether last year's massive power outage in Mumbai was a result of the online intrusion.

Recorded Future, a Massachusetts-based company which studies the use of the internet by state actors, in its recent report details the campaign conducted by a China-linked threat activity group RedEcho targeting the Indian power sector.

The activity was identified through a combination of large-scale automated network traffic analytics and expert analysis.

Data sources include the Recorded Future Platform, SecurityTrails, Spur, Farsight and common open-source tools and techniques, the report said.

On October 12, a grid failure in Mumbai resulted in massive power outages, stopping trains on tracks, hampering those working from home amidst the COVID-19 pandemic and hitting the stuttering economic activity hard.

It took two hours for the power supply to resume for essential services, prompting Chief Minister Uddhav Thackeray to order an enquiry into the incident.

In its report, Recorded Future notified the appropriate Indian government departments prior to publication of the suspected intrusions to support incident response and remediation investigations within the impacted organisations.

There was no immediate response from the Indian government on the study by the US company.

Since early 2020, Recorded Future's Insikt Group observed a large increase in suspected targeted intrusion activity against Indian organisations from the Chinese state-sponsored group.

The New York Times, in a report, said that the discovery raises the question about whether the Mumbai outage was meant as a message from Beijing about what might happen if India pushed its border claims too vigorously.

According to the Recorded Future report, from mid-2020 onwards, Recorded Future's midpoint collection revealed a steep rise in the use of infrastructure tracked as AXIOMATICASYMPTOTE, which encompasses ShadowPad command and control (C2) servers, to target a large swathe of India's power sector.

Ten distinct Indian power sector organisations, including four of the five Regional Load Despatch Centres (RLDC) responsible for operation of the power grid through balancing electricity supply and demand, have been identified as targets in a concerted campaign against India's critical infrastructure.

Other targets identified included two Indian seaports, it said.

According to the report, the targeting of Indian critical infrastructure offers limited economic espionage opportunities.

However, we assess they pose significant concerns over potential pre-positioning of network access to support Chinese strategic objectives, it said.

Pre-positioning on energy assets may support several potential outcomes, including geostrategic signalling during heightened bilateral tensions, supporting influence operations, or as a precursor to kinetic escalation, Recorded Future said.

RedEcho has strong infrastructure and victimology overlaps with Chinese groups APT41/Barium and Tonto Team, while ShadowPad is used by at least five distinct Chinese groups, it said.

The high concentration of IPs (Internet Protocols) resolving to Indian critical infrastructure entities communicating over several months with a distinct subset of AXIOMATICASYMPTOTE servers used by RedEcho indicate a targeted campaign, with little evidence of wider targeting in Recorded Future's network telemetry, it said.

Recorded Future said that in the lead-up to the May 2020 border skirmishes, it observed a noticeable increase in the provisioning of PlugX malware C2 infrastructure, much of which was subsequently used in intrusion activity targeting Indian organisations.

The PlugX activity included the targeting of multiple Indian government, public sector and defence organisations from at least May 2020, it said.

While not unique to Chinese cyber espionage activity, PlugX has been heavily used by China-nexus groups for many years.

Throughout the remainder of 2020, we identified a heavy focus on the targeting of Indian government and private sector organisations by multiple Chinese state-sponsored threat activity groups, it said.

In its report, Recorder Future alleged that it also observed the suspected Indian state-sponsored group Sidewinder target Chinese military and government entities in 2020, in activity overlapping with recent Trend Micro research.

The Massachusetts-based company's report came as the armies of the two countries began disengagement of troops locked in over eight-month-long standoff in eastern Ladakh.

Both countries reached a mutual agreement last month for the disengagement of troops from the most contentious area of North and South banks of the Pangong Lake.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 18,2024

Advisors to US President-elect Donald Trump have instructed his allies and associates to refrain from using the inflammatory language they previously employed when discussing issues related to migrants and the deportation of asylum seekers, in a bid to avoid “looking like Nazis.”

US media reports said that Trump’s associates had been asked to stop using the word “camps” to describe potential facilities that would be used to accommodate migrants rounded up in deportation operations across the country.

The reports said the US president-elect’s allies had been ordered to stave off such charged terms as they would bring to mind “Nazis,” and be used against Trump.

“I have received some guidance to avoid terms, like ‘camps,’ that can be twisted and used against the president, yes,” one Trump ally told American monthly magazine Rolling Stone.

“Apparently, some people think it makes us look like Nazis.”

The presidential advisers also cautioned surrogates and allies to keep racist terms, which have dogged Trump’s campaign, out of their remarks.

They said with Trump’s heated rhetoric that used to compare undocumented immigrants to “animals” and his slight that they are “poisoning the blood of our country,” detractors did not need to reach too far to find parallels to Nazi Germany.

Stephen Miller, who Trump tapped to be his deputy chief of staff of policy, specifically used the word “camps” to describe holding facilities that he hoped the military could put together for immigrants.

Tom Homan, who served as the acting director of Immigration and Customs Enforcement and is chosen by Trump to be in charge of the US borders, was no stranger to such language.

“It’s not gonna be a mass sweep of neighborhoods,” he said in an interview earlier this week. “It’s not gonna be building concentration camps. I’ve read it all. It’s ridiculous.”

Becoming a little more forthright about the new government’s aggressive deportation plans, Homan likened the early days of the Trump administration to the initial invasion of Iraq in 2003.

“I got three words for them – shock and awe,” he said. “You’re going to see us take this country back.”

Trump made immigration a central element of his 2024 presidential campaign but unlike his first run, which was mainly focused on building a border wall, he has shifted his attention to interior enforcement and the removal of undocumented immigrants already in the United States.

People close to the US president and his aides are laying the groundwork for expanding detention facilities to fulfill his mass deportation campaign promise.

The businessman-turned-politician deported more than 1.5 million people during his first term.

The figure do not include the millions of people turned away at the border under a Covid-era policy enacted by Trump and used during most of Biden’s term.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 21,2024

adani.jpg

Shares of Adani Group companies lost about $28 billion in market value in morning trade on Thursday after US prosecutors charged the billionaire chairman of the Indian conglomerate in an alleged bribery and fraud scheme.

Gautam Adani's flagship company Adani Enterprises tumbled 23 per cent, while Adani Ports, Adani Total Gas, Adani Green, Adani Power, Adani Wilmar and Adani Energy Solutions, ACC , Ambuja Cements and NDTV fell between 20 per cent and 90 per cent.

Adani group's 10 listed stocks had a total market capitalisation of about $141 billion at 0534 GMT, compared to $169.08 billion on Tuesday.

US authorities said Adani and seven other defendants, including his nephew Sagar Adani, agreed to pay about $265 million in bribes to Indian government officials to obtain contracts expected to yield $2 billion of profit over 20 years, and develop India's largest solar power plant project.

Adani Green in a statement on Thursday said the US Justice Department had issued a criminal indictment against board members Gautam Adani and Sagar Adani and the Securities and Exchange Commission had issued a civil complaint against them.

The US Justice Department also included Adani Green board member Vneet Jaain in the criminal indictment, it said.

Adani Green's units had decided not to proceed with the proposed US dollar denominated bond offerings due to developments, it added.

"Investors will shy away from Adani Group stocks ... and that's what this sharp selling is signifying," said Saurabh Jain, assistant vice president of retail equities research at SMC Global Securities.

"This could hurt the credibility of the group and maybe borrowing costs will rise," he said.

The indictment comes nearly two years after US shortseller Hindenburg Research alleged that Adani had improperly used tax havens and was involved in stock manipulation, allegations the conglomerate denied.

Also in early Asian trading on Thursday, Adani dollar bonds slumped, with prices down 3c-5c on bonds for Adani Ports and Special Economic Zone. The falls were the largest since the Adani Group came under a short-seller attack in February 2023.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 11,2024

hospital.jpg

Mangaluru: In a deeply tragic turn of events, a 28-year-old woman named Ranjitha, who had recently given birth but tragically lost her newborn, ended her life by suicide on Monday. She reportedly leapt from the fourth-floor window of Lady Goschen Hospital’s luggage room.

Ranjitha, whose strength and resilience had carried her through a difficult pregnancy, was scheduled for discharge on Monday. Her journey to Lady Goschen Hospital began on October 24, when she was transferred from Karkala. She was a high-risk patient, battling both hypertension and diabetes. At the time of her admission, she was just 27 weeks pregnant.

Due to the complexities of her health, doctors made the difficult decision to perform an emergency C-section on October 30. She delivered a baby girl, premature and weighing only 960 grams. The newborn was immediately moved to the Neonatal Intensive Care Unit, where doctors did all they could. Despite these efforts, the baby passed away on November 3.

Ranjitha’s sorrow was profound. She stayed under hospital care even after her initial recovery and was preparing to go home on November 9. She had even requested a couple more days at the hospital, seeking time perhaps to cope with her unimaginable grief.

On the day of her discharge, a discharge card ready and her family eagerly waiting to take her home, Ranjitha reportedly made her way to the luggage room in the early hours. There, standing on a cot placed for patients' family members, she climbed to a window and fell from the fourth floor. Despite the attempts of another visitor to intervene, tragedy was inevitable. She was rushed to Government Wenlock Hospital, where doctors confirmed the worst—she was no more.

Dr. Durgaparasad M R, the Medical Superintendent at Lady Goschen Hospital, shared his grief and spoke of the ongoing investigation. A post-mortem is to be conducted, and the local Tahsildar will complete the necessary inquest procedures. Ranjitha’s exact reasons for taking this step are yet to be confirmed, though the weight of her recent losses paints a sorrowful picture.

If you or anyone you know is struggling emotionally, please remember that help is available. Reach out to mental health experts who can provide support and guidance. The toll-free helpline number 9152987821 is available to assist anyone in distress.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.