Software codes under Chinese attack: Expert
Says though there were fears of embedded chips used in power equipment, it was not true
Bengaluru: Power outage in Mumbai last year was primarily an attack on the software codes by the Chinese hackers, experts in the field of cybersecurity sector said.
Though there were fears of embedded chips used in the power equipment, they opined that no material fact was yet available for proving such theory.
"It seems like an attack on the software codes than hacking through chip level. These attacks point towards the need for robust cybersecurity measures by the government agencies, which can thwart such threats. India does have the required talent to devise a strong cybersecurity strategy and the government should tap this talent base," said Pareekh Jain, a technology outsourcing advisor & founder of Pareekh Consulting. A recent report by a US-based firm Recorded Future said that state-backed Chinese hacker groups targeted the Indian power grid system through malware in October last year, leading to a massive outage in the power system across the commercial capital of India. As per the report, around a dozen critical nodes across the Indian power generation and transmission infrastructure were intruded through sophisticated cyberintrusion techniques. This malware attack happened at a time when Sino-China relations were at all-time low as armies of both countries locked horn in Ladakh region over border disputes. Hacking attempts by Chinese players are nothing new in Indian landscape. As per report by cybersecurity think tank CyberPeace Foundation, hackers from the Guangdong and Henan provinces in China targeted millions of Indians with shopping scams during the e-commerce festive season sales in October and November last year.
The pace of cyberattacks have seen a significant rise last year as the pandemic forced business houses and individuals to go digital. According to global association for cybersecurity professionals ISACA, enterprises such as Marriott, MGM Resorts, Zoom, the Greek banking system and many more saw data breach due to cyberattacks in 2020. It estimates that damages arising from cybercrimes will reach $6 trillion by 2021.
Global consultancy firm Morgan Stanley has pointed out that global electric power and gas companies are more vulnerable to such cyberattacks due to the expansive nature of their networks.
"As machines are powered by IoT (internet of things) technology, these are becoming more vulnerable to cyberattacks. Therefore, cybersecurity measures should be robust for these connected devices," said Jain of Pareekh Consulting.
Not only power companies, even many IT services players have witnessed cyberattacks in their systems in past years.
India's fourth largest IT services firm Wipro was exposed to an advanced phishing campaign on some of its employees' mails by hackers. Similarly, Cognizant was a victim of Maze ransomware attack in April 2020. The company estimated $50-70 million worth of financial loss owing to the attack.
Talking on the outage seen in the National Stock Exchange last month, experts said that the angle of cyberattack is yet to be established. "Probe is on and it is difficult to say whether NSE issue is linked to a cyberattack," said an industry source.