Centre denies impact from Chinese hacking attempt at power facilities, says 'all systems cleaned by antivirus'
New Delhi | Jagran News Desk: The Ministry of Power on Monday denied any impact from the alleged Chinese hacking attempt against India's power grid system and said that it did not lead to any data breach.
In a statement, it said that an email was received from CERT-In in November last year on the threat of malware called "Shadow Pad" at some control centres of POSOCO, adding that prompt action was taken by "blocking all IP addresses and domains listed in NCIIPC mail".
"NCIIPC informed through mail on February 12 about threat by Red Echo through malware Shadow Pad that 'Chinese state-sponsored threat Actor group known as Red Echo is targeting Indian Power sector's Regional Load Dispatch Centres along with State Load Dispatch Centres'," the Power Ministry statement read.
"Observations from all RLDCs and NLDC shows that there is no communication amd data transfer taking place to the IPs mentioned. There is no impact on any of the functionalities carried out by POSOCO due to the referred threat. No data breach/data loss has been detected due to these incidents," it added.
Earlier in the day, a US firm -- Recorded Future -- claimed that Chinese are targeting India's power grid system through malware. The report said that the massive power outage in Mumbai last year was also a result of the online intrusion.
Maharashtra Energy Minister Nitin Raut also backed the report by Recorded Future and said that the Uddhav Thackeray-led Maha Vikas Aghadi government has formed a committee to probe the matter.
"When power went out in Mumbai, I had said that there was something wrong and had constituted 3 committees to probe. I feel media reports that have surfaced are true. Cyber cell will submit report on this by 6 pm on Monday to Home Minister Deshmukh," he said, as reported by news agency ANI.
Recorded Future in its detailed report said that the campaign conducted by a China-linked threat activity group RedEcho targeting the Indian power sector. The activity was identified through a combination of large-scale automated network traffic analytics and expert analysis, the report said.
In its report, Recorded Future also notified the appropriate Indian government departments prior to publication of the suspected intrusions to support incident response and remediation investigations within the impacted organisations.
Posted By: Aalok Sensharma