Days after a US firm alerted India about the possible role of Chinese hackers in causing a power outage in Mumbai in 2020, another US cyber security firm ‘Recorded Future’ has flagged concerns about the ‘active’ status of at least one connection opened by Chinese state-sponsored hackers into the network system of an Indian sea port.
As of Tuesday (March 2), Recorded Future could see a ‘handshake’ — indicating an exchange of traffic — between a China-linked group and an Indian maritime port, said Stuart Solomon, the firm’s chief operating officer, in an interview to Bloomberg.
The Computer Emergency Response Team received the alert on February 10 about the Chinese hacker, called RedEcho, having targeted as many as 10 power grid entities and two maritime ports. Solomon has said that most of these connections were operational as on February 28.
India’s Ministry of Electronics and Information Technology hasn’t responded yet, but the Chinese government has. “Without any proof, slandering a specific side is irresponsible behavior and an ill-intentioned one,” Chinese Foreign Ministry spokesman Wang Wenbin said in Beijing on Wednesday (March 3).
US cyber security firm ‘Recorded Future’ has tried to co-relate the cyber attacks on India’s critical infrastructure with the tensions on the India-China border, which reached a critical point after soldiers from both sides got into a bloody brawl at Galwan Valley in June last year.
A report in The New York Times said that cyber attack by groups related to China could have resulted in the collapse of the grid that supplies electricity to Mumbai in October 2020, causing a power outage in the country’s financial capital for a few hours. The outage affected stock markets, transport networks and thousands of households. The government, however, has not made any official statement on it yet. The Maharashtra government is expected to present its report on the Mumbai outage soon.