Suspected hackers backed by China targeted India’s electricity distribution centres near Ladakh in order to collect intel in recent months, according to a report by Recorded Future, an international intelligence firm headquartered in Somerville, Massachusetts.
The cyber espionage comes after a months-long military standoff between China and India in the area.
”In recent months, we observed likely network intrusions targeting at least seven Indian State Load Despatch Centres (SLDCs) responsible for carrying out real-time operations for grid control and electricity dispatch within these respective states. Notably, this targeting has been geographically concentrated, with the identified SLDCs located in North India, in proximity to the disputed India-China border in Ladakh,” Recorded Future said.
Also Read: What is China’s debt-trap diplomacy: Communist ploy or West’s lie?
“In addition to the targeting of power grid assets, we also identified the compromise of a national emergency response system and the Indian subsidiary of a multinational logistics company by the same threat activity group,” it said.
The intelligence firm added that they informed the government about their findings before releasing the report.
Also Read: ‘Sold everything to China’: Why are Sri Lankan traders mad at Rajapaksas
According to Recorded Future, the Chinese hackers were attempting to gather valuable intel about important infrastructure systems.
”Given the continued targeting of State and Regional Load Despatch Centres in India over the past 18 months, first from RedEcho and now in this latest TAG-38 activity, this targeting is likely a long-term strategic priority for select Chinese state-sponsored threat actors active within India,” it said.
”The prolonged targeting of Indian power grid assets by Chinese state-linked groups offers limited economic espionage or traditional intelligence-gathering opportunities. We believe this targeting is instead likely intended to enable information gathering surrounding critical infrastructure systems or is pre-positioning for future activity,” it added.
”The objective for intrusions may include gaining an increased understanding into these complex systems in order to facilitate capability development for future use or gaining sufficient access across the system in preparation for future contingency operations,” Recorded Future concluded.