Two separate reports have accused Chinese cybercriminals of targeting Indian power facilities and Indian vaccine makers, namely the Serum Institute and Bharat Biotech.
The first report was published by an American cybersecurity company called Recorded Future, which accused Chinese-government backed criminals of increasing their attacks on Indian companies in the country’s power sector since the Galwan Valley incident last June. The report said, “10 distinct Indian power sector organisations, including 4 of the 5 Regional Load Dispatch Centres (RLDC) … have been identified as targets in a concerted campaign against India’s critical infrastructure.” The document also identified the ports in Chidambaranar and Mumbai as targets. Responding to the report, the Indian Ministry of Power reassured that expedited action was taken to ensure that there was “no impact” on the Indian facilities caused by the “referred threat”. Further, it said, “No data breach/ data loss has been detected due to these incidents.”
According to the Recorded Future report, while such attacks are limited in terms of meeting the Chinese sides’ economic espionage objectives, they can result in several potential outcomes. For example, the report said that it could be a message signalling a “robust show of force.” It could also “enable influence operations to sway public opinion during a diplomatic confrontation.” Finally, it could “support potentially destructive operations against critical infrastructure in the future.”
Over the past few months, India has witnessed a suspicious surge in power outages. One of the major outages occurred in India’s financial hub, Mumbai, on October 13. Following this hours-long outage that resulted in the halting of trains and the closure of hospitals, several Indian officials came out blaming Chinese cybercriminals for the incident. An official investigation into the matter was also initiated. However, since then, there has been no further information about China or Chinese-backed cybercriminals’ involvement in the incident. Nevertheless, the Recorded Future report said that while the “alleged link between the outage and the discovery of the unspecified malware” in the power system “remains unsubstantiated”, the “additional evidence suggested the coordinated targeting of the Indian load dispatch centres.”
The second report, which accused Chinese government-backed hackers of targeting the systems of Serum Institute and Bharat Biotech, was published by Reuters following an investigation by a Singapore and Tokyo-based cyber-intelligence firm Cyfirma. According to the report, the Chinese hacking group APT10 or Stone Panda exploited the vulnerabilities of the IT system and the supply chain systems of the two vaccine makers.
The Chief Executive of Cyfirma, Kumar Ritesh, said, “The real motivation here is actually intellectual property and getting competitive advantage over Indian pharmaceutical companies.” He added, “In the case of Serum Institute, they have found a number of their public servers running weak web servers, there are vulnerable web servers … They have spoken about weak web application, they are also talking about weak content-management systems. It’s quite alarming.” However, neither the Chinese Foreign Ministry nor the two institutes have published an official statement responding to these allegations.
China and India have been competing in their vaccine diplomacy, with each trying to emerge as the COVID-19 vaccine supplier for the world. However, in light of the several questions regarding procedure and efficacy being raised about the China-produced vaccine, a large number of countries are increasingly relying on Indian alternatives to meet their vaccine demands.
These cyberattacks come despite the border situation visibly diffusing between the two countries. Last month, following nine months of rising tensions and several rounds of negotiations between military commanders of the two Asian powers, India and China finally agreed to disengage from the Line of Actual Control (LAC) in Eastern Ladakh and return to their pre-April 2020 positions. This is seen as a major achievement for both sides, as it is the first easing of military presence in the region since the border stand-off first began last May.
The latest reports of cyberattacks show, however, that while the two sides may have disengaged militarily, they still remain very much at odds in other realms.
China Accused of Targeting Indian Power Facilities, Indian Vaccine Makers
Two separate reports have been released accusing China of attacking Indian power facilities, which led to the outage in Mumbai yesterday, and the two Indian vaccine makers.
March 2, 2021
SOURCE: REUTERS