Report: Chinese Hackers Caused Power Outages for Millions of Indians

China-linked group targeted Indian 'critical infrastructure' after deadly border clashes

Getty Images
March 1, 2021

Chinese hackers shut down a "large swathe of India's power sector" after deadly border skirmishes in the Himalayas, according to a U.S. cybersecurity company.

China-linked hacker group RedEcho appears to be waging a shadow war against India in the wake of a series of deadly border conflicts between the two countries that have claimed more than two dozen lives since May 2020, according to a report by Recorded Future, a Massachusetts-based cybersecurity company. The report found that RedEcho used malware favored by other Chinese state-sponsored hackers to knock out power stations, sea ports, and other critical infrastructure across the Indian subcontinent after bilateral relations took a nosedive, affecting millions of Indians.

"[RedEcho] has been seen to systematically utilize advanced cyberintrusion techniques to quietly gain a foothold in nearly a dozen critical nodes across the Indian power generation and transmission infrastructure," Recorded Future chief operating officer Stuart Solomon told the New York Times, which first reported on the study.

The China-linked group's hacking effort caused severe disruptions in India during the height of the pandemic, affecting 12 organizations representing India's "critical infrastructure." One of the attacks temporarily shut down power in India's largest city, Mumbai, affecting more than 20 million residents.

Indian authorities have been reluctant to publicly acknowledge the full extent of China's cyber warfare campaign. Following the publication of the Recorded Future report, however, an Indian minister said that "cyber sabotage" might have caused the power outage in Mumbai.

The Chinese government has frequently used hackers to achieve its geopolitical and economic objectives. The U.S. Department of Justice alleged in September that a group of state-backed Chinese hackers broke into more than 100 companies across the world, including several American firms, to steal intellectual property. Chinese hackers have also broken into the networks of U.S. government agencies, according to the FBI.