'Cyber sabotage' attempt, says Anil Deshmukh on Mumbai's October 2020 power outage
Mar 01, 2021
Mumbai (Maharashtra) [India], March 1 Maharashtra Home Minister Anil Deshmukh on Monday said that the massive power outage in Mumbai last October was an attempt at "cyber sabotage" according to a preliminary report.
Addressing reporters here, Deshmukh said Maharashtra Cyber Cell has submitted a preliminary report whose findings state that evidence suggests that the grid failure in Mumbai on October 12 last year, that resulted in the city plunging into darkness and disrupting train services, shutting down the stock market and generally hitting economic activities, was likely to be a cyber sabotage. The report has been handed over to Maharashtra energy minister Nitin Raut.
A report by a US-based cybersecurity firm claimed that Chinese-state sponsored groups, had targeted power sector in India with malware. This came months after the clash between troops of the two nations in Galwan valley in June 2020.
The New York Times had on Sunday published a report based on the findings of the report.
" The report of New York Times has come now. But when Mumbai had gone under dark, we had set up a departmental inquiry committee. MERC (Maharashtra Electricity Regulatory Commission) and Central Electricy Authority had also made their own committees. We have complained to Cyber Cell also," Nitin Raut said while speaking with mediapersons here.
"State Cyber Police Department investigated this and report was handed over to me today by Home Minister Anil Deshmukh ji. I will speak on this in legislature," Raut said.
According to NYT report, the new study lent weight to the idea that the Mumbai blackout could be a "part of a broad Chinese cyber campaign against India's power grid, timed to send a message that if India pressed its claims too hard, the lights could go out across the country."
Addressing a press conference here Deshmukh said: "On October 12 electricity failure, Maharashtra Cyber Cell report says, 8GB unaccounted data must have been transferred to Maharashtra State Electricity Board (MSEB) data. Protocol Data which means the server of MSEB was logged in on October 12."
According to the Maharashtra Cyber Cell report, Deshmukh said: "there was the possibility of login attempts and 14 Trojan horses were landed on MSEB servers. There are chances of some foreign attempts."
The Massachusetts-based cybersecurity company Recorded Future's study reported that a Chinese state-sponsored has been seen systematically utilising advanced cyberintrusion techniques to gain access to nearly a dozen critical nodes across the Indian power generation and transmission infrastructure.
"Since early 2020, Recorded Future's Insikt Group observed a large increase in suspected targeted intrusion activity against Indian organizations from Chinese statesponsored groups, the study said.
" From mid-2020 onwards, Recorded Future's midpoint collection revealed a steep rise in the use of infrastructure tracked as AXIOMATICASYMPTOTE, which encompasses ShadowPad command and control (C2) servers, to target a large swathe of India's power sector," the report said.
According to the report 10 distinct Indian power sector organizations, including four of the five Regional Load Despatch Centres (RLDC) responsible for operation of the power grid through balancing electricity supply and demand, have been identified as targets in a concerted campaign against India's critical infrastructure. Other targets identified included two Indian seaports.