Return of the dragon: Chinese cyberattacks show India’s vulnerabilities

Chinese state-backed hackers have reportedly managed to infiltrate malware into India’s power distribution.
Chinese state-backed hackers have reportedly managed to infiltrate malware into India’s power distribution.Courtesy: Getty Images

The infiltration of malware into India’s power grid, ports, stock exchanges and vaccine makers by alleged Beijing-backed hackers should serve as a wake-up call to New Delhi’s security establishment.

Even as the disengagement of troops on the Line of Actual Control (LAC), which serves as the de facto border between India and China, drags on as the latter drags its feet on fully implementing long-standing agreements and border protocols, it has allegedly launched another more sinister intrusion into India.

Chinese state-backed hackers have reportedly managed to infiltrate malware into India’s power distribution system and allegedly even rang in a blackout in Mumbai, possibly as a sinister and not to subtle message to India.

Hackers have also been trying to break into the systems Indian ports as well as those of Serum Institute of India, the world’s largest serum producer, which is manufacturing the Astra Zeneca vaccine against Covid-19, and Bharat Biotech, which has developed an indigenous jab, to presumably steal their intellectual property rights (IPRs) and related industrial secrets. Incidentally, the Chinese vaccine, Sinovac, has met with poor reception in foreign countries, with many nations simply ignoring it in favour of India-supplied doses.

Hackers have also tested the defences of SII and Bharat Biotech to presumably steal their intellectual property rights (IPRs) and related industrial secrets.

Attacks began after Galwan clashes

A report in the New York Times said a cyber security company called Recorded Future alleged that a state-backed hacking group called Red Echo bombarded Indian systems with malware after the clashes in Galwan in June 2020. Its targets included National Thermal Power Corporation Limited, Power Systems Corporation Limited, National Load Despatch Centre (LDC), Regional (LDCs) and State (LDCs), and Kudgi Power Plant in Karnataka. These hackers have also reportedly breached the cyber security ring in India’s ports.

Recorded Future got in touch with the Indian government to inform it about the intrusions before going public with the information.

Then, on October 12, Mumbai suffered a massive grid failure that brought much of India’s financial capital to a standstill, halting trading on the Bombay Stock Exchange and the National Stock Exchange, stopping trains, the city’s transport lifeline, to a halt for two hours and severely affected the millions of people who were working from home as a result of the Covid-19 pandemic.

Essential services could resume only after two hours. Maharashtra Chief Minister Udhav Thackeray has ordered an enquiry into the incident.

Proof of involvement: There’s only one country that would want to cripple India’s infrastructure. And the hackers use the same infrastructure as the Chinese government.

India reacts cautiously

“News reports at the time quoted Indian officials as saying that the cause was a Chinese-origin cyberattack on a nearby electricity load-management center,” the New York Times said, referring to an India Today report on the issue.

The Ministry of Power, Government of India, issued a statement shortly after the news broke, saying: “There is no impact on any of the functionalities carried out by POSOCO due to the referred threat. No data breach/data loss has been detected due to these incidents,” the statement said, but did not say anything about the grid failure in Mumbai.

Given the sensitivities involved and in view of the delicate situation still prevailing at various stand-off sites along the LAC, where the long-drawn disengagement is still being negotiated, the Indian government statement was circumspect and did not blame any country for the attack.

Pressurising India’s stand on the border

The New York Times report speculated that the Mumbai power failure could have been a message from Beijing about the havoc it could wreak in India if India did not climb down from its hardnosed border policy.

However, strategic experts in New Delhi have noted no easing of India’s military stance vis-à-vis the unprovoked Chinese aggression along the LAC following the cyberattack.

Expectedly, China has denied its involvement in the incidents. “As staunch defender of cyber security, China firmly opposes & cracks down on all forms of cyber attacks. Speculation & fabrication have no role to play on the issue of cyber attacks. Highly irresponsible to accuse a particular party with no sufficient evidence around,” the spokesperson at its New Delhi embassy tweeted.

Upping the ante on the LAC would carry serious risks. So, a shot across India’s virtual bow could be a low-cost way for Beijing to show India down, while retaining plausible deniability.

Compelling but circumstantial evidence

Though there is no hard proof yet that China is behind these attacks, recorded future found ample circumstantial evidence to back its claims. There is only one country that would want, and have the capability, to cripple India’s vital infrastructure. The second reason is much stronger: The hacker group uses the same infrastructure as the Chinese government.

India is currently in negotiations with a host of friendly nations like France, the UK, the US, Germany and Japan on cyber security cooperation.
India is currently in negotiations with a host of friendly nations like France, the UK, the US, Germany and Japan on cyber security cooperation.Courtesy: Getty Images

Designed to discredit

A senior retired diplomat who has served in China offers the most plausible rationale behind the cyberattack. He pointed out that the border clashes have ground to a stalemate; any hopes the Chinese had harboured of a quick Indian capitulation – and the demonstration value this may have had for Beijing’s other rivals – have evaporated as a result of the Modi government’s strong military and diplomatic response.

Then, although China has officially admitted to only 4-5 casualties in its clash with Indian troops, Russian agencies, which usually have much better sources in the Chinese establishment than Western media houses, have put the figure at 45.

Its inability to force India to sign off on terms favourable to it and the Russian reports have resulted in a loss of face for the Chinese leadership, and, in particular, President Xi Jinping abroad.

Any move to up the ante on the border would come with the risk of loss of lives and even a military setback given the asymmetry in experience between the battle hardened Indian troops and the untested-in-battle PLA soldiers.

So, a shot across India’s virtual bow could be a low-cost way for Beijing to show India down, while retaining plausible deniability.

Time to amp up cyber cooperation

The positive aspect of this attack is that it will serve as a wake-up call to the authorities in New Delhi on India’s vulnerability on this front. The country, which has, or is negotiating cyber security cooperation agreements with a host of friendly nations like France, the UK, the US, Germany and Japan, has taken urgent steps to counter the Chinese intrusion into its systems.

As an emerging power in cutting edge technologies like artificial intelligence (AI), machine learning (ML), the internet of things (IoT) and others and as the country with the world’s second largest internet user base, it is imperative for India not only to have state of the art cyber deterrence capability but also the capacity to take the attack to its opponents if push comes to shove.

Challenges ahead

The diplomat quoted above, however, admitted that India still lags by a distance in this sphere, though it is catching up fast with the leaders of the world, leveraging its unmatched technological prowess and massive pool of trained manpower.

But staying at the cutting edge of this technology, which is evolving by the say, will remain a challenging and expensive proposition, taking attention and resources away from more pressing developmental needs.

Along with the latest drones, fighter jets, tanks and submarines, then, this is an area that needs urgent attention as future wars will be fought as much in the battlefield as in the virtual world.

Related Stories

No stories found.

Podcast

No stories found.

Defence bulletin

No stories found.

The power of the quad

No stories found.

Videos

No stories found.

Women Leaders

No stories found.
India Global Business
www.indiaglobalbusiness.com