No data breach, says Power Ministry
New Delhi: Following reports that China may have targeted Indian power facilities through cyber-attacks, India has denied any data breach or any impact due to the attack that was aimed at the country's power grid system.
The report published in the New York Times had indicated that the mega-power outage that happened in Mumbai last year as a result of a cyber-attack following the tensions between India and China on border areas. The flow of malware was detected by US-based Recorded Future. As per the report, China-linked group Red Echo may have planted malware in key power plants in India.
As per the report, at least 12 IP addresses linked to 12 power generation and transmission-related organisations in India were targeted by the Chinese group. "There is no impact on any of the functionalities carried out by POSOCO due to the referred threat. No data breach or data loss is detected due to this incident," a ministry statement said on March 1. In the statement, the ministry said that as per an email received from CERT-In on November 19, 2020, there was a threat of malware Shadow Pad at some control centres of POSOCO.
Following this, actions were taken to address the threats. The National Critical Information Infrastructure Protection Centre (NCIIPC) had also informed the ministry on February 12 that the Chinese state-sponsored Red Echo is targeting the Indian Power sector's Regional Load Dispatch Centres along with State Load Dispatch Centres.
The ministry said that it took immediate action by blocking all the IP addresses and domains listed by NCIIPC. "Additionally, all systems in control centres were scanned and cleaned by antivirus," the statement said.