Amid souring relations between India and China last year, evidence has emerged that a Chinese government-linked company’s attempt led to a power outage in Mumbai yesterday and now in Telangana today.

Q.The use of cyber offensive tools and espionage is a fairly active element of the People’s Republic of China. Discuss in light of recent incidences of cyber attack in India.

Red Echo & ShadowPad

• On February 28, a Massachusetts-based firm published a report saying it had observed a steep rise in the use of resources like malware by a Chinese group called Red Echo.
• It aimed to target “a large swathe” of India’s power sector.
• It said 10 distinct Indian power sector organisations were targeted, including four Regional Load Despatch Centres (RLDCs) that are responsible for the smooth operation of the country’s power grid by balancing the supply and demand of electricity.
• Red Echo used malware called ShadowPad, which involves the use of a backdoor to access servers.

India confirms cyber attack

• The Ministry of Power has confirmed these attempts, stating it had been informed in November 2020 about the ShadowPad malware at some control centres.
• The Ministry said it was informed of Red Echo’s attempts to target the country’s load despatch centres in February.
• It had said “no data breach/data loss” had been detected due to the incidents.

What does it imply?

• This is clearly something that is linked to China’s geopolitical interests.
• It is established very clearly that the use of cyber offensive tools and espionage is a fairly active element of what the People’s Republic of China seems to be adopting and encouraging.
• Even when they are not directly in charge of an offensive operation, they seem to be consistently encouraging actors to develop this capability.

PRC’s long term strategy

• These cyber-attacks are seen as an attempt to test and lay the grounds for further operations in the future.
• We need to remember that sometimes these offensive operations are carried out to distract people from other places that they might be targeting or other activities that might be occurring.
• There was an increase in cyber offensive operations and incidents around the world in the second half of 2020 especially targeting the healthcare and vaccine space.
• When vaccine companies are targeted, the motive could be competition.
• The motivation behind Stone Panda’s attack against SII and Bharat Biotech’s IT systems was to extract the companies’ intellectual property and gain a competitive advantage.

Other such attacks: Stone Panda & vaccines

• A Chinese hacker group known as Stone Panda had identified gaps and vulnerabilities in the IT infrastructure and supply chain software of Bharat Biotech and the Serum Institute of India.
• These companies have developed Covaxin and Covishield, which are currently being used in the national vaccination campaign.
• They are also in the process of testing additional Covid-19 vaccines that could add value to efforts around the world.

Get an IAS/IPS ranker as your 1: 1 personal mentor for UPSC 2024

Attend Now