In Mumbai, Anil Deshmukh said that a Cyber Cell preliminary report on the power outage had been delivered to the state’s Energy Ministry.
“State-sponsored” Chinese hacker groups had targeted various Indian centers of power, the Power Union ministry said on Monday, but added that these groups were thwarted after government cyber agencies put it in motion. guard against their activities. While the government has refused to confirm or deny a New York Times report, based on a claim by a U.S. cybersecurity firm that the Mumbai power outage in October 2020 was part of a coordinated cyberattack from China, it said it suffered “no data breach” in because of the threat.
“There is no impact on any functionality performed by the Power Sector Operations Corporation (POSOCO) due to the referred threat. No data breach / data loss was detected due to these incidents, ”the Energy Ministry said in an official statement, which made no direct mention of the power outage in Mumbai on October 12, 2020. , which lasted several hours.
Also Read: Chinese Malware May Have Targeted Indian Power Systems And Seaports: US Firm
“Prompt action is taken by the Information Security Directors (CISOs) in all these control centers under operation by POSOCO for any incident / advice received from various agencies such as CERT-in, NCIIPC, CERT-Trans, etc. . ”, Adds the press release. .
Specifically naming the Chinese group “Red Echo”, which was identified in the report by the US company Recorded Future as responsible for the Mumbai blackout, officials said they were notified by the emergency response team cybernetics of the Ministry of Electronics and Information Technologies (MEITy). In (India) (CERT-in) on the threat of malware called “ShadowPad” in November 2020, and by the National Center for the Protection of Critical Information Infrastructure (NCIIPC) of the NTRO in February 2021, threats, weeks before the Recorded Future report. published.
“NCIIPC informed [Power Ministry] via a letter dated February 12, 2021 about the threat of Red Echo via malware called Shadow Pad. He said the Chinese state-sponsored threat actor group known as Red Echo is targeting regional load distribution centers (RLDCs) in India’s power sector as well as load distribution centers. States (SLDC). “
The ministry listed the actions it took following the warnings that ensured that there was no “communication and transfer of data” to Internet Protocol (IP) addresses mentioned as unsafe by the NCIIPC.
“All IP addresses and domains listed in NCIIPC mail have been blocked in the firewall of all control centers. The firewall log is monitored for any attempt to connect to the listed IP addresses and domains. In addition, all control center systems have been scanned and cleaned with an antivirus, ”he said.
In Mumbai, Home Secretary Anil Deshmukh said a preliminary report from Cyber Cell on the power outage had been delivered to the state’s Energy Ministry.
“The report’s findings indicate that there is evidence to suggest that there may have been an attempted cyber sabotage. The report was handed over to Minister Nitin Raut, ”Maharashtra Interior Minister Anil Deshmukh reportedly told reporters.