The Ministry of Power said there is no impact on functionalities of POSOCO due to any malware attack that prompt actions are taken on advisories issued against such threats. A private US company suggested that a China-linked group targeted India’s power grid system through malware which will damage the computer network.
The ministry said on the findings of the study that “Prompt actions are being taken by the CISOs (Chief Information Security Officers) at all these control centers under operation by POSOCO for any incident/advisory received from various agencies like CERT-in, NCIIPC (National Critical Information Infrastructure Protection Centre), CERT-Trans, etc.” The CERT-in (Indian Computer Emergency Response Team) is an agency which deals with cybersecurity like hacking, phishing, and the NCIIPC is a national agency for critical information infrastructure protection. A Chinese government-linked group of hackers known as Recorded Future targeted India’s critical power grid system through malware. Recorded Future in its recent report mentioned a China-linked threat activity group Red Echo targeting the Indian power sector. Data sources include Recorded Future platform, Spur Farsight, SecurityTrails, and common open-source tools.
Chinese Foreign Ministry Wang Wenbin in response to the allegation said “irresponsible and ill-intentioned” as there is no proof to make the allegations in the involvement of China in hacking India’s critical grid system. Subsequently, NCIIPC informed through mail about the threat by Red Echo through malware called Shadow Pad. It had said, “Chinese-state sponsored threat actor group known as Red Echo is targeting India Power sector’s Regional Load Dispatch Centers (RLDCs) along with State Load Dispatch Centers (SLDCs).”