Hyderabad (Telangana): The Centre has given instructions to be on alert as Chinese hackers threaten Indian servers. This was said by Transco-Genco CMD Prabhakar Rao who was giving a statement on Chinese hackers who are constantly looking to infect or sabotage India's power transmission system.
Rao added that that threat could possibly be present in some sub-stations. This was substantiated by the technical department who were apprised with information from the Centre.
He said that they will have to conduct a meeting with grid officials and experts to discuss taking precautions. He insisted that all departments of the power sector were working in coordination to avoid problems for consumers.
Read: 'Extra steps taken to protect India's COVID-19 vaccination drive from cyber attacks'
Chinese hackers have been trying hard to crack Indian cyber space.
There have been more aggressive attempts of hacking by Chinese hackers since last one year. Various government organisations like the Computer Emergency Response Team (CERT-IN) and the National Critical Information Infrastructure Protection Centre (NCIIPC) are following trends and keeping a track of attempts made by the Chinese.
Experts said attempts from China have increased in the last year, which further amplified after the Indian Government banned Chinese applications post the Galwan clash.
Recently a report has emerged this week claiming that two Indian companies, which are supplying COVID-19 vaccinations -- Serum Institute and Bharat Biotech -- are under cyber attack by a Chinese hacking group APT10, also known as Stone Panda and actively targeting one such company. Sources claimed that CERT-IN is looking into this matter.
Read: Cyberattacks grave risk to national security: Biden
Also, Telangana electricity department officials have also claimed that they have received alerts from CERT-IN about Chinese malware trying to enter the cyber system of the department. Earlier on Tuesday, Union Power Minister RK Singh had said, "We should remain alert" while refuting claims that the blackout in Mumbai last year was due to a Chinese cyber-attack.
Sources in the government said that all alerts were issued regarding such attempts and concerned agencies have been asked to educate organisations about such attempts and keep them updated with new threats. Chinese hackers, majorly focus on big institutions instead of individuals, sources claimed. The NCIIPC, which comes under the National Technical Research Organisation (NTRO) also documented details about Chinese hackers and their modus operandi about attacks generating from China recently.
Read: 'Cyberattack on India's power systems possible'
The NCIIPC is a national nodal agency for all measures to protect the nation's critical information infrastructure. It protects and delivers advice that aims to reduce the vulnerabilities of critical information infrastructure against cyber terrorism, cyber warfare and other threats. Sources said this organisation has compiled data of attempts of cyber attack from China in the last year, which had seen an upward trend.
While giving details about a China-based threat, NCIIPC's Threat Assessment group said, "Emissary Panda also known as APT-27 is a China-based threat actor that involves in targeting foreign embassies to collect data related to government, defence and technology sectors. Activities of Emissary Panda have been noticed since 2010 during an attack in organisations across the world including financial services firms, US defence contractors, and a national data center in Central Asia."
The organisation dedicated more than half a dozen of pages to various China-based threats on Power, IT and government sectors in its last newsletter of 2020. NCIIPC further warns that when malicious attackers gain access to an industrial control system, they are able to disrupt industrial control and safety processes, leading to costly outages, damaged turbines, threats to personnel safety and even environmental disasters.
Read: Governments spar over Mumbai power blackout
The threat assessment group of NCIIPC also provided about another Chinese hacker group Elderwood and said, "Elderwood is a Chinese cyber espionage group that attacked Google in 2009 using Hydraq Trojan horse known as Operation Aurora and Google also confirmed that some of its intellectual property had been stolen. Interesting highlights of their approach include the use of the seemingly unlimited amount of zero-day exploitation, attacks on service providers working for the target organization."
Meanwhile, experts said attempts post the Galwan clash have been increased and various government organisations are dealing with it in a coordinated manner. Rakshit Tondon, a cyber expert who works with various state and central agencies said China has always been like that but whenever there is some direct military conflict, the attempts increase.
"There is no official confirmation that Chinese hackers have successfully hacked any system of India but there have been aggressive attempts in the last year. Whenever there is such a (military) conflict, the Chinese increase their attempts. It was further amplified after India banned Chinese applications," he said.
(With inputs from Agencies)
Watch: Maharashtra energy minister briefs media on power outage 'attack' report
