ABP Decodes | Cyber Sabotage Attempt: 8 GB Of Unaccounted Data Transferred To MSEB Servers

Amid the ongoing row over cyber sabotage attempt in Mumbai, sources have informed ABP News that 8 GB of unaccounted data was transferred to Maharashtra State Electricity Board (MSEB) servers from five different countries, including China, between June and October last year.

Source informed ABP Live, 14 Trojan Horses (malware) were found in MSEB servers and attempts were made by hundreds of blacklisted IP addresses to log in to these servers from abroad. Asserting there is concrete evidence of cyber sabotage, sources added some attempts to log in from abroad were successful too.

READ: Here's What PM Modi Said To The Nurse Who Gave Him Covid Vaccine Shot

Earlier, Maharashtra Home Minister Anil Deshmukh while throwing light on a preliminary report said the massive power outage in Mumbai on 12th October 2020 was an attempted cyber sabotage. Maharashtra cyber, the nodal agency for state cybersecurity, analysed and concluded that the power outage was potential cyber sabotage.

This comes as a report by US-based cybersecurity firm Recorded Future titled “China-linked Group RedEcho Targets the Indian Power Sector Amid Heightened Border Tensions” raises questions about a possible connection between the clash and a power outage that crippled Mumbai in October last year.

The Recorded Future report reviewed by ABP News says the targeting of Indian critical infrastructure offers limited economic espionage opportunities, however, we assess they pose significant concerns over potential pre-positioning of network access to support Chinese strategic objectives.

“Pre-positioning on energy assets may support several potential outcomes, including geostrategic signalling during heightened bilateral tensions, supporting influence operations, or as a precursor to kinetic escalation,” says the report.

ALSO READ: Android Or iOS - Microsoft Co-Founder Bill Gates Reveals His Preference

As tensions between the two countries continued, the report reveals that Chinese malware was infiltrating systems in charge of India's electricity supply.

According to Reported Future, the intrusion was allegedly carried out by “RedEcho”, a Chinese state-sponsored party. RedEcho has robust infrastructure and victimology overlaps with Chinese groups APT41/ Barium and Tonto Team, while at least five distinct Chinese groups use ShadowPad.

“The high concentration of IPs resolving to Indian critical infrastructure entities communicating over several months with a distinct subset of AXIOMATICASYMPTOTE servers used by RedEcho indicate a targeted campaign, with little evidence of wider targeting in Recorded Future's network telemetry,” adds the report.

At least 21 IP addresses linked to 12 Indian organisations in the power generation and transmission sector - classified as critical - were targets of a “concerted attack” against India's vital infrastructure, including four of the five Regional Load Despatch Centres.

(With inputs from Rounak and Piyush Pandey)