China based cyber criminals or maybe state sponsored Chinese hackers are targeting Indian power grid just to show that they can.
Investigation by multiple online security company has found, that the campaign conducted by a China-linked threat activity group RedEcho targeting the Indian power sector.
The attack was identified through a combination of large-scale automated network traffic analytics and expert analysis.
Who are these Chinese Hackers?
These attacks were done using ShadowPad, which is one of the largest known supply-chain attacks, according to cybersecurity firm Kaspersky.
It is a obscured background malware, which hides inside legit software. Once activated, it allows attackers to access the victim system in order to install more malicious software or steal important data.
On October 12, a grid failure in Mumbai resulted in massive power outages, trains were stopped on tracks, causing covid hospitals to run on emergency power backups and hitting the stuttering economic activity hard.
Recorded Future notified the appropriate Indian government departments prior to publication of the suspected intrusions to support incident response and remediation investigations within the impacted organizations.