Chinese Hacking Groups Are Silently Invading Indian Organisations [STUDY]

Must Read

How To Leverage On Cold Calling to Help You Win Big In 2021

Cold calling is an old-fashioned sales strategy that involves sales representatives reaching out to prospective customers who have not...

With Free Delivery and Zero Surge Pricing, What’s Swiggy Upto?

Be it fancy, hearty meals delivered at door-step or being the savior of late-night food cravings - Swiggy has...

Are You A Gaming Geek: ‘Five Commandments’ Before You Buy Video Games Online !

Does your day start with joysticks instead of coffee mugs? Or as a kid your best friends were the...

India is on the radar of Chinese hackers for quite some time now!

According to a study conducted by U.S. based cybersecurity firm Recorded Future, since mid-2020, Chinese state-sponsored hacking groups invaded the computer networks of at least 12 Indian state-run organisations in an attempt to insert malware capable of causing widespread disruption in the country.

Among them, the primary organisations which were targeted are India’s largest power conglomerate – NTPC Limited, 5 key regional load dispatch centres which help manage the national power grip balance the electric supply and two ports.


All the 12 Chinese hacking group targeted organisation qualify under the definition of ‘critical infrastructure’ according to NCIIPC aka Indian National Critical Information Infrastructure Protection Centre.

Now, while one might think these cyber intrusions began after the Galwan Valley border standoff, the study states that these attacks started much before that incident.

The cybersecurity firm’s findings have shown that the alleged cyberattacks by the Chinese hacking groups, some linking to China’s main intelligence and security agency MSS aka Ministry of State Security, were not just limited to India’s power sector. Instead, it went well beyond that to target numerous government and defence organisations as well.

“In the lead-up to the May 2020 skirmishes, we observed a noticeable increase in the provisioning of PlugX malware C2 infrastructure, much of which was subsequently used in intrusion activity targeting Indian organizations. The PlugX activity included the targeting of multiple Indian government, public sector, and defence organizations from at least May 2020,” the report said.

The PlugX malware, in particular, has been one of the go-to tools of the China-nexus groups and has been heavily used throughout 2020. Recorded Future’s investigation found that a heavy focus on targetting Indian government bodies and private sector firms by multiple hacking groups which were Chinese state-sponsored.

Note here that the study whilst being unable to confirm if the malware insertion actually led to any disruptions, did point out that the massive power outage in Mumbai that took place on October 12, 2020, was indeed caused by malware inserted at a state load dispatch centre in Padgha.


Nitin Raut – the Maharastra power minister at that point in time said that the authorities suspect possible sabotage was the cause of the electricity outage. The two-hour outage led to the closure of the stock exchange along with the cancellation of trains and shutdown of offices across Mumbai, Navi Mumbai and Thane.

Recorded Future, in its report, stated that the alleged link between the outage and the discovery of the unspecified variant of malware currently remains unsubstantiated. But, that being said, the disclosure provides additional evidence which suggests the coordinated targeting of Indian Load Dispatch Centres.

According to the cybersecurity firm, the hacker group involved in the intrusions has been identified as Red Echo and said it had strong overlaps in terms of technology and victims with two other groups called APT41 or Barim and Tonto Team – both of which have been involved in similar cyber campaigns in the past.

All in all, the surfacing of this report calls for the immediate attention of the Indian cyber cell which must upgrade the security measures currently in implementation across GOI organisations. We will keep you updated on all future developments. Until then, stay tuned.


Please enter your comment!
Please enter your name here

Latest News

Future Retail Can’t Sell Its Assets To Reliance Retail: Singapore Tribunal

In a double victory for Amazon, the Singapore International Arbitration Centre (SIAC) has denied Future Retail's appeal to lift the temporary suspension...

In-Depth: Dprime

Will ‘TikTok By Microsoft’ Be A Winner?

For the last two years, TikTok has been in the public eye for all sorts of reasons. First, it was the exploded and unparalleled...

Facebook Subscription Model: Looking Beyond Ad Dollars?

Seldom do job listings create a stir this gripping. However, when the job listing in question is a stealth post from Twitter, with a...

Will The Online Food Delivery Market in India End Up Becoming A Two-Horse Race?

It's pretty much evident that the food delivery space in India is all set to get riled up soon enough as one of the...

More Articles Like This