China appears to have targeted India’s power grid in a cybercampaign last year that could further inflame tensions between the two countries and pose yet another challenge for the Biden administration in the Indo-Pacific.
During a power outage that struck Mumbai in October 2020, trains shut down and the stock market closed as the city of more than 20 million people went dark, the Hindustan Times reported. Hospitals were forced to turn on emergency generators to keep systems running amid one of India’s worst local coronavirus outbreaks.
But a report last week by the cybersecurity firm Recorded Future suggested a Chinese cyberattack was responsible for Mumbai’s power outage after malware was found in strategic power-distribution systems. Researchers said the code had been placed in electric supply control systems, a transmission substation and a coal power plant.
[New Report] — Recorded Future’s Insikt Group identified a China-linked campaign targeting 10 distinct Indian organizations in the power generation and transmission sector and 2 organizations in the maritime sector. Read more: https://t.co/toPCLBPYa6 #RedEcho pic.twitter.com/SOtcYAip8f
— Recorded Future (@RecordedFuture) March 1, 2021
Recorded Future chief operating officer Stuart Solomon said the Chinese-state sponsored group, given the code name Red Echo, “has been seen to systematically utilize advanced cyberintrusion techniques to quietly gain a foothold in nearly a dozen critical nodes across the Indian power generation and transmission infrastructure.”
India’s power minister Raj Kumar Singh denied reports of a Chinese cyberattack while speaking to reporters Tuesday, saying instead the power outage “was caused by human error,” according to The Times of India.
But the state government of Maharashtra — where Mumbai is located — said it will continue to investigate the incident. State minister Anil Deshmukh said the outages could have been “cyber sabotage” during a press conference Monday, according to Reuters. (RELATED: China Uses Private Companies To Process Stolen Data: Report)
A spokesperson for China’s Embassy in India called the allegations “pure rumors and slanders” in a statement Tuesday, adding it was “highly irresponsible to accuse another party when there is no evidence.”
China is firmly opposed to politicizing & stigmatizing cyber security issues, and irresponsible & ill-intentioned practice of accusing a particular party with no evidence. We call on relevant media to deny such groundless disinformation platforms & channels for dissemination. pic.twitter.com/Sj4qVnKKgI
— Spokesperson of Chinese Embassy in India (@ChinaSpox_India) March 2, 2021
Although it is currently unclear whether Chinese hackers are the alleged link connecting last October’s power outage and malware in India’s power-distribution systems, the discovery is the latest example of how cyberattacks could factor into ongoing tensions in the region.
The world’s two largest countries have clashed in border disputes near the Himalayan mountains for decades. But tensions have grown considerably over the past year after Chinese and Indian troops clashed last summer during a border skirmish.
China’s cyber capabilities have grown substantially in recent years, according to The New York Times. Some have suggested China plans to use cyberattacks targeting Indian infrastructure as a way to threaten India over other issues like border disputes.
“It’s like sending a warning to India that this capability exists with us,” said retired Lt. Gen. Deependra Singh Hooda, a cyber expert who ran India’s borders with China and Pakistan. Singh further told The Times he believes there is “signaling being done” by China in order to warn India they could strike in “times of crisis.”
The U.S. is no stranger to cyberattacks from Russian and Chinese state-backed hackers. The SolarWinds hack that affected nine federal agencies and more than 100 corporations last year was one of the largest cyberattacks on record. (RELATED: The US Government Spent Billions On Stopping Cyberattacks — Multiple Agencies Still Got Hacked)
President Joe Biden unveiled Wednesday his official National Security Strategic Guidance, in which he labeled China the “only competitor” capable of challenging the U.S. and the “open international system.”
China’s growing cyber capabilities and its capacity to target the U.S. and allies like India is undoubtedly a core challenge for the Biden administration. National security advisor Jake Sullivan said last month China will be a top priority for the administration, and the Indo-Pacific directorate is reportedly the largest team on the National Security Council, according to Nikkei Asia.
Both the State Department and Defense Department have said they will prioritize China-related issues. Secretary of State Antony Blinken called China “the biggest geopolitical test of the 21st century” during a foreign policy speech Wednesday, and Secretary of Defense Lloyd Austin ordered a complete review of the U.S. defense posture towards China last month.
Today, @POTUS laid out interim strategic guidance on our national security and foreign policy, and I delivered my first major speech to further explain U.S. policy priorities. We will renew America’s strengths to meet the challenges and seize the opportunities of our time. pic.twitter.com/T1V6qu6fjf
— Secretary Antony Blinken (@SecBlinken) March 4, 2021
Biden has said his foreign policy will incorporate multilateralism and cooperation with allies. Fortunately for him, the Indo-Pacific includes allies like India, Japan and Australia that can play a key role in responding to the growing China challenge.