Report Wire

Tag: mumbai power outage

  • IT Min steps up cyberattack vigil, asks cos to boost defence

    The Ministry of Electronics and Information Technology (MeitY) has stepped up its vigil of cyberattacks on Indian corporations within the vaccine, logistics, pharmaceutical and energy sector, and has requested these to report “any and all major cybersecurity” incidents to the Computer Emergency Response Team (CERT-In) workforce each week, senior authorities officers stated.
    “The frequency of such attacks has definitely increased over the last one year. But for each such attack that gets reported or is flagged by some external agency, at least 10 others are stopped in track before they can do any harm. CERT-In has been in touch with all these companies,” an official stated.
    Over the previous four-five months, particularly after cyberattacks on Dr Reddy’s Laboratories and Lupin Ltd in October and November final yr, the IT Ministry and its nodal physique on cybersecurity, CERT-In, carried out conferences with crucial corporations within the vaccine, logistics, pharmaceutical and energy sectors and assisted them in shoring up their defence, officers stated.
    “They are helping in many different ways,” stated the manager of one of many vaccine corporations that has obtained help. This contains coaching of the corporate’s employees for cover towards cyber assaults, assessing weaknesses in its IT programs, strengthening these and trying to find assault makes an attempt, the manager informed The Indian Express requesting anonymity.
    The train was initiated in the direction of the top of final yr over triggers like rising potential cyber threats from nations like China, Russia and Uzbekistan, based on the manager.
    “We were told that it (the threat) is primarily (from) China,” the manager added.
    Another vaccine agency govt informed The Indian Express {that a} authorities official had come to their workplace final month “to verify whether we have enough security from an IT perspective as well as general security for vaccine manufacturers.” According to this govt, the official had regarded for measures like whether or not the corporate had enough firewalls in place to thwart cyber assault makes an attempt. “There is a lot of renewed interest in Indian vaccine companies,” the manager stated.
    Following the assaults on Dr Reddy’s Laboratories and Lupin in October and November final yr, prescribed drugs and healthcare corporations have been on excessive alert, based on some trade executives. The variety of cyber threats towards vaccine makers, particularly, has exponentially risen within the final six months alone, they stated.
    The govt of 1 such vaccine agency stated that it now has to battle “thousands” of makes an attempt to assault its programs each month. “Depending on the day, we get anywhere between 4-6 cyberattack attempts to as many as 100 attempts. Around 6-8 months ago, we would get 3-4 attack attempts in a month,” stated the manager, requesting anonymity.
    Towards the top of February, Goldman Sachs-backed cyber intelligence agency Cyfirma had stated a Chinese hacker group referred to as Stone Panda had “identified gaps and vulnerabilities in the IT infrastructure and supply chain software of Bharat Biotech and the Serum Institute of India,” based on a Reuters report. These corporations have developed Covaxin and Covishield, that are presently getting used within the nationwide vaccination marketing campaign.

    Apart from corporations within the vaccine and pharmaceutical house, corporations within the energy distribution house have additionally been on the radar of cybercriminals. On February 28, Recorded Future printed a report saying it had noticed a “steep rise” in the usage of assets like malware by a Chinese group known as Red Echo to focus on “a large swathe” of India’s energy sector.
    It stated 10 distinct Indian energy sector organisations have been focused, together with 4 Regional Load Despatch Centres which can be accountable for easy operation of the nation’s energy grid. Recorded Future stated the group additionally focused two Indian seaports.

  • Mumbai blackout no cyber assault, however ‘human error’: Singh

    The blackout that occurred in Mumbai on October 12 was not a results of a cyber assault, however on account of “human error”, mentioned Union Minister of State (Independent Charge) for Power, RK Singh on Tuesday. The denial comes within the wake of a instructed hyperlink between the ability outage within the metropolis and a Chinese state-sponsored menace actor group often known as Red Echo, which had been focusing on India’s energy infrastructure with malware.
    According to the minister, two separate groups have investigated the ability grid failure, which led to electrical energy provide to town being shut down for a number of hours. Some components had gone with out energy for practically 24 hours at the moment. The first staff of specialists had investigated the outage quickly after it had occurred.
    The second staff was despatched afterwards to verify for the potential for a cyber assault being the reason for the grid failure. Both groups, of their reviews, had discovered the incident to be a results of human error, mentioned Singh. According to the minister, the reason for the outage was “scheduling errors”.
    At the identical time, Singh acknowledged cyber assault makes an attempt on the nation’s Northern and Southern Regional Load Despatch Centres, including that makes an attempt to assault Mumbai’s energy system had additionally been made. According to him, round 30-40 Trojans had been detected within the metropolis’s Supervisory Control and Data Acquisition (SCADA) system, which goals to observe and management discipline gadgets. However, the cyber assault makes an attempt had been restricted to particular person computer systems and servers and couldn’t get to the central working techniques.
    Even on the server-levels, the attackers weren’t in a position to extract any knowledge, mentioned Singh, including that these servers had additionally been remoted and “sanitised”.
    The authorities has been “alert” about cyber assault makes an attempt on its energy infrastructure from earlier than, as “any” transmission system is susceptible to a cyber assault, mentioned the minister.
    At the identical time, he mentioned it was not doable to call a particular nation as accountable for the assault makes an attempt. While “some” had mentioned that the group behind the malware was Chinese, the federal government doesn’t have proof to substantiate it, he had mentioned, including that China would deny that the group was sponsored by them.
    On Sunday, a Massachusetts-based cybersecurity firm, Recorded Future, printed a report noting a “steep rise” in using assets like malware by a Chinese state-sponsored group referred to as Red Echo to focus on “a large swathe” of India’s energy sector. In its evaluation, the corporate had instructed a hyperlink between Red Echo’s focusing on of load despatch centres and the Mumbai blackout.
    The contents of the research had been reported by The New York Times final Sunday. The report mentioned the findings instructed a hyperlink between the Galwan conflict of June 2020 and the grid disturbance in Mumbai. The NYT report spoke of a “broad Chinese cybercampaign against India’s power grid”, timed as a “message from Beijing about what might happen if India pushed its border claims too vigorously”.
     

  • Chinese cyber assault: US Congressman urges Biden admin to face by India

    A high American lawmaker on Monday urged the Biden administration to face by India in view of the Chinese cyber assault on India’s energy grid system as reported by a US-based firm that screens such malicious actions by the state actors.
    “The US must stand by our strategic partner and condemn China’s dangerous cyber-attack on India’s grid, which forced hospitals to go on generators in the midst of a pandemic,” Congressman Frank Pallone mentioned in a tweet on Monday.
    “We cannot allow China to dominate the region through force and intimidation,” tweeted Pallone, a day after Recorded Future, a Massachusetts-based firm which research using the web by state actors, mentioned Chinese government-linked group of hackers focused India’s important energy grid system by malware, amidst the tense border pressure between the 2 nations.
    The State Department mentioned it’s conscious of those studies. “For specifics, we refer you to the company that conducted the study. More broadly, however, the State Department works with partners around the world to respond to shared threats in cyberspace,” a State Department spokesperson instructed PTI.
    “In general, we continue to have concerns about states’ dangerous and coercive actions, including in cyberspace, and we reaffirm the importance of joint action on cybersecurity, critical infrastructure, and supply chain security,” mentioned the spokesperson.

  • Maharashtra minister suggests overseas hack in Mumbai outage

    India’s nodal company to safeguard essential laptop assets had knowledgeable the federal government about tried intrusions by a Chinese state-sponsored group into segments of the nation’s energy infrastructure early final month, the Power Ministry mentioned on Monday.
    The Ministry’s assertion adopted a report by a cybersecurity firm primarily based in Massachusetts, United States, which famous a “steep rise” in using malware by a Chinese group known as Red Echo to focus on India’s energy sector organisations in 2020, when tensions between the 2 international locations have been excessive.
    The contents of the examine by Recorded Future have been reported by The New York Times on Sunday. The report mentioned the findings instructed a hyperlink between the Galwan conflict of June 2020, and the grid disturbance that led to an enormous energy outage in Mumbai on October 12 final 12 months.
    The NYT report spoke of a “broad Chinese cybercampaign against India’s power grid”, timed as a “message from Beijing about what might happen if India pushed its border claims too vigorously”.

    ExplainedStrategic blowCyberassaults CAN ship strategic and psychological benefit. Russia shut down energy in Ukraine on two events some years in the past, and, after the US found that Russian hackers had inserted malicious code into its energy grid, it responded in variety. China too has moved to inserting code into infrastructure programs, Western consultants say.

    In Mumbai, Maharashtra Home Minister Anil Deshmukh appeared to agree with the idea of a overseas hand within the energy outage. He instructed a press convention that preliminary findings of an investigation by the Maharashtra Cyber Police into final 12 months’s energy outage indicated that the “blackout of October 12 could probably have occurred” as a consequence of “attempts” by unidentified overseas companies to hack town’s electrical infrastructure.
    Deshmukh didn’t present particulars of when the hacking makes an attempt came about. The energy provide to Mumbai had shut down for a number of hours on that day, bringing town to a grinding halt. Some components had gone with out electrical energy for almost 24 hours.
    The central Power Ministry assertion mentioned “no data breach/data loss” had been detected because of the tried hack. There had additionally not been any impression on any of the functionalities carried out by the Power System Operation Corporation Ltd (POSOCO), which is in command of making certain the built-in operation of India’s energy system, and facilitating the switch of electrical energy inside the nation, the assertion mentioned.
    The Ministry assertion acknowledged the report by Recorded Future’s Insikt Group. It mentioned the Ministry had obtained an e mail from the Indian Computer Emergency Response Team (CERT-In) on November 19, 2020, on the specter of a malware known as ShadowPad “at some control centres of POSOCO”.
    Subsequently on February 12, the National Critical Information Infrastructure Protection Centre (NCIIPC) had knowledgeable the Ministry about using ShadowPad by Red Echo.
    “Chinese state-sponsored threat Actor group known as Red Echo is targeting Indian Power sector’s Regional Load Dispatch Centres (RLDCs) along with State Load Dispatch Centres (SLDCs),” the Ministry mentioned in its assertion, citing the NCIIPC’s letter.
    “Some IP addresses and domain names were mentioned. The report of Insikt also refers the threat actors already informed by CERT-in & NCIIPC,” the assertion mentioned.
    “Observations from all RLDCs & NLDC shows that there is no communication and data transfer taking place to the IPs mentioned.”
    According to the Ministry, “prompt actions” are being taken by the Chief Information Security Officers in any respect the management centres underneath POSOCO’s operation “for any incident/advisory received from various agencies like CERT-in, NCIIPC, CERT-Trans etc”.
    The Ministry assertion didn’t make clear whether or not the makes an attempt by Red Echo have been liable for the ability outage in Mumbai on October 12.
    At the press convention in Mumbai, Deshmukh mentioned that “after the October 12 outage Energy Minister Nitin Raut had hinted at sabotage and requested for an investigation”.
    “We subsequently asked the Maharashtra Cyber Police to investigate. A preliminary report submitted by them, which analysed the Maharashtra State Electricity Board’s Supervisory Control and Data Acquisition system, states that there is some evidence to point at probable cyber sabotage on MSEB servers,” Deshmukh mentioned.
    The investigation had discovered that 14 Trojans have been used to insert malware into the MSEB server, Desmukh mentioned. Also, 8 gigabyte of information from foreigns accounts had been transferred to the MSEB server, and there was proof that makes an attempt have been made by blacklisted Internet Protocol corporations to log onto MSEB servers, he mentioned.
    Deshmukh handed over the report back to Energy Minister Raut on the press convention. “The inquiry report has given an indication that a malware was infected into the MSEB servers. However we can’t say which county is behind this at this point of time,” Deshmukh mentioned. He talked about the report by Recorded Future, however mentioned he was solely giving “references”.

    Meanwhile, a spokesperson for the Chinese Foreign Ministry rejected as “highly irresponsible” the suggestion in The NYT report that Chinese hackers might have attacked the Indian energy grid as a “warning” to New Delhi.

    “As a staunch defender of cyber security, China firmly opposes and cracks down on all forms of cyber attacks. Speculation and fabrication have no role to play on the issue of cyber attacks, as it is very difficult to trace the origin of a cyber attack. It is highly irresponsible to accuse a particular party when there is no sufficient evidence around. China is firmly opposed to such irresponsible and ill-intentioned practice,” Ministry spokesperson Wang Wenbin mentioned.