Maharashtra Power Ministry recently announced that they had found 14 Trojan horses in the servers of the Maharashtra State Electricity Transmission Company.
Context
Maharashtra Power Ministry recently announced that they had found 14 Trojan horses in the servers of the Maharashtra State Electricity Transmission Company.
A similar case in US
- Moreover, Recorded Future, a U.S.-based cyber security firm, has also flagged the increase in cyber intrusions from China to target India’s critical infrastructure like electricity and ports.
- A reportcompiled by Recorded Future, details a campaign conducted by a China-linked threat activity group it calls ‘RedEcho’, which targeted the Indian power sector through malware.
- These malwares could be the cause of the massive power outage in Mumbai October,2020.
- A large number of IP addresses linked to critical Indian systems were communicating for months with AXIOMATICASYMPTOTE servers connected to Red Echo.
- These servers had domain spoofing those of Indian power sector entities configured to them. For example, they had “ntpc-co.com” which spoof the authentic “ntpc.co.in”
- AXIOMATICASYMPTOTE servers acted as command-and-control centres for a malware known as
What is ShadowPad?
- ShadowPad is a backdoor Trojan malware, which means it opens a secret path from its target system to its command-and-control servers (here it was AXIOMATICASYMPTOTE).
- Information can be extracted or more malicious code can be delivered via this path
Other Chinese groups involved in cyber attacks around the world
- APT41
- Barium
- Winnti
- Wicked Panda
- Wicked Spider
National Critical Information Infrastructure Protection Centre (NCIIPC)
- National Critical Information Infrastructure Protection Centre (NCIIPC) is an organisation of the Government of India created under Sec 70A of the Information Technology Act, 2000.
- It is designated as the National Nodal Agency in respect of Critical Information Infrastructure Protection.
Maharashtra Cyber
- Maharashtra is the only state with a separate cyber unit, the Maharashtra Cyber, created in 2018.
- It works under the home department.
|