Power grid was hit by malware, 8 GB of suspicious data: Home Minister Anil Deshmukh

01 March,2021 07:02 AM IST |  Mumbai  |  Dharmendra Jore

Home minister and energy minister hint at sabotage as reason behind October blackout in city; New York Times report blames China

Home Minister Anil Deshmukh and Energy Minister Nitin Raut with the state Cyber Department’s report


Without naming any foreign entity or country, state Home Minister Anil Deshmukh confirmed the possibility of sabotage - a cyberattack - on the state's power system that went kaput on October 12, 2020, throwing Mumbai and neighbouring cities into darkness for hours. Deshmukh and Energy Minister Nitin Raut addressed a media conference after The New York Times reported the possibility of China's role in the attack.


A shop in Dadar shrouded in darkness on Oct 12

Deshmukh cited a probe report of the Maharashtra Cyber Department to substantiate his suspicion. However, he said the report was preliminary, and Raut would decide on further investigations.

The home minister said the Cyber Department has established possibilities based on evidence found while analysing the SCADA (Supervisory Control And Data Acquisition) system of the state electricity transmission network.

"Some 14 trojan horse malware were introduced to the state's power system. In addition, 8GB of unaccounted data was transferred to our system and some blacklisted IPs attempted to login into our server," said Deshmukh.

Deshmukh did not name China or any foreign company as being responsible for the suspected attack and said the Maharashtra Cyber Department's report was inconclusive. "A known cyber company has indicated China's role. Based on our preliminary findings, we'll probe further if the energy minister wishes so," he said.


A closed petrol pump in Kandivli on the day of the power outage in Oct 2020. File pic

Raut said he suspected sabotage from the very beginning. "I have received the findings made by the agencies. But I can't tell you about these reports because of the ongoing legislative session. I can tell on the floor of the house," he added.

Suspicion on China
The New York Times (NYT) reported on February 28 that according to a new study, the power outage and skirmishes in the Galwan Valley between Indian and Chinese forces in May 2020, may have been connected. The study claims that the outage was a part of a cybercampaign by a Chinese state-sponsored group, intended to warn India if it presses its border claims too hard.

The NYT report said that even as the standoff ensued in the Himalayas, malware from China flowed into Indian power supply systems.

Massachusetts-based Recorded Future, which examines ‘the use of internet by state actors', established the flow of the malware.

Most of the malware, NYT reported, was never activated. Recorded Future could not study the code as it couldn't access the Indian power system.

NYT's report further states that Recorded Future named the group responsible for the malware attack Red Echo. It quoted Recorded Future's CEO Stuart Solomon as saying that the group "has been seen to systematically utilize advanced cyberintrusion techniques to quietly gain a foothold in nearly a dozen critical nodes across the Indian power generation and transmission infrastructure."

Recorded Future's study also said that the link between the malware and the outage is yet unsubstantiated. But, "additional evidence suggested the coordinated targeting of the Indian load dispatch centers," read the NYT report, citing the study.

June
Month in 2020 that India's standoff with China took place in Galwan Valley

14
No. of trojan horse malware introduced in the power system

"Exciting news! Mid-day is now on WhatsApp Channels Subscribe today by clicking the link and stay updated with the latest news!" Click here!
china mumbai kandivli mumbai news
Related Stories