Insights into Editorial: Chinese malware may have
targeted Indian power systems and seaports: U.S. firm
insightsonindia.com/2021/03/05/insights-into-editorial-chinese-malware-may-have-targeted-indian-power-
systems-and-seaports-u-s-firm
Insights Editor March 5, 2021
Context:
Chinese state-sponsored actors may have deployed malware into Indian power grids
and seaports as border tensions between India-China began escalating in May last,
culminating in a deadly clash along the Line of Actual Control (LAC) in mid-June.
The alleged cyber intrusion was discovered and revealed by U.S. cyber security and
intelligence firm, Recorded Future, according to the New York Times, which broke the
story.
An recent grid failure in Mumbai may have been caused by the Chinese malware, as
per the report.
China refuted reports that it had initiated cyber attacks against India’s power grid
resulting in massive power outages and also claimed that it is ‘firmly opposed’ to such
irresponsible and ill-intentioned practices.
1/4
�Recorded Future, a Massachusetts-based company that studies the use of the Internet
by state actors, in its recent report details the campaign conducted by a China-linked
threat activity group RedEcho targeting the Indian power sector.
About Cyber attacks:
1. Cyber-attacks are defined as “deliberate actions to alter, disrupt, deceive, degrade,
or destroy computer systems or networks or the information and/or programs
resident in or transiting these systems or networks.”
2. Cyber exploitation or cyber espionage, on the other hand, refers to the
penetration of adversary computers and networks to obtain information for
intelligence purposes; this is espionage, not a destructive activity.
3. Cyber-attack weapons are easy to use and they can generate outcomes that range
from the simple defacing of a web site to the stealing of data and intellectual
property, espionage on target systems and even disruption of critical services.
4. Likewise, cyber-attack as a mode of conflict raises many operational issues.
1. For example, how will a country know whether it is the subject of a deliberate
cyber attack launched by an enemy government?
2. How will it prove this?
5. Proving attribution in cyberspace is a great challenge. It is extremely difficult to
attribute cyber-attacks to a nation-state, since collecting irrefutable evidence has
proved elusive in almost all cases of this nature in recent years.
6. The very nature of botnets and zombies makes it difficult to do so. This has led
many analysts to conclude that the Internet is the perfect platform for plausible
deniability.
7. Cyber attackers can support military operations. They can disrupt the target’s
command, control, and communications.
8. They can support covert actions to influence governments, events, organizations, or
persons, often disguising whoever is launching those actions.
9. Valuable information and state secrets can be obtained through cyber espionage.
Mechanism for Cyber Attacks:
Cyber-attacks can be carried out in a number of ways. Among them:
1. Computer-network attacks
2. Supply-chain attacks
3. Social-networking-led attacks
4. Attacks on radio networks for GPS and wireless networks
5. Radio frequencies with sufficiently high power to disrupt all unprotected electronics
in a given geographical area
Types of cyber threats against nations:
1. Cyberattacks can be launched against the critical infrastructure of nations
that includes telecommunications, energy, financial networks, transportation
systems, and water distribution, among others.
2/4
� 2. In many countries, such infrastructure is owned and operated by the private sector.
Much of it depends on SCADA systems, which are computer-controlled in a
networked environment.
3. Taking advantage of vulnerabilities in these systems, attackers can disable them and
disrupt essential services.
4. An attack on the air traffic control system could not just wreak havoc with flight
schedules but also, in the worst case, cause crashes.
5. The effects are the same as if the infrastructure were bombed or attacked by some
other physical measure, without the enemy coming in by air, sea, or land. Likewise,
financial networks can be targeted to disrupt a nation’s economy.
6. Banks, stock exchanges, trading, online payment systems, and other transactions of
all kinds can be brought to a grinding halt as if these were physically bombed. This
is cyber war or information warfare.
7. The effects are similar to what would be achieved by Weapons of Mass
Destruction (WMD).
Therefore, Necessity of Cyber-Security:
1. Photos, videos and other personal information shared by an individual on social
networking sites can be inappropriately used by others, leading to serious and
even life-threatening incidents.
2. Companies have a lot of data and information on their systems. A cyber attack
may lead to loss of competitive information (such as patents or original work), loss
of employees/customers private data resulting into complete loss of public trust on
the integrity of the organization.
3. A local, state or central government maintains huge amount of confidential
data related to country (geographical, military strategic assets etc.) and citizens.
4. Unauthorized access to the data can lead to serious threats on a country.
As we choose to stay connected, we are moving towards proliferation and assimilation of
larger data sets, interacting with one another (big data, machine learning, Artificial
Intelligence, Internet of Things); this opens the entire ecosystem to larger threats from
social deviants.
It is on the individuals as well as the body corporates to preserve the confidentiality,
integrity of data, while ensuring that accessibility to the very data is not compromised
on any front.
Conclusion:
Cyber space infringement is a battle that we fight on everyday basis. India needs
stringent laws and policy in place to combat these issues.
The extant legal framework does not sufficiently address the concerns of the sector,
and there is an imminent requirement to have a comprehensive legislation in place to
address the concerns.
3/4
�The proactive vigilance observed by the body corporates and private individuals, is
also being supported by the insurance industry, where cyber-security insurances have
garnered immense popularity, and are augmenting the lack of an effective legal regime.
As we welcome the impending legislation, companies in the healthcare and the banking &
financial services sector are ensuring that they rely on their own technical and
organizational security measures to ensure that the data available with them is not
corrupted or is subject to any unwarranted and unauthorized access.
It is oft said that the future is a click away, it is important that the click does not lead to
any pernicious portal.
4/4
