In October, India’s outage crippled the traffic grid and chaos lasted for 12 hours. It is still uncertain the exact form of attack… The force behind it is also in a maze as well.
Monday, November 23, 2020, 17:23 GMT
Indian authorities are said to report that the huge blackout last month in Mumbai, India’s largest city, is likely to be triggered by a hacking attack. In mid-October, the incident caused paralysis of the transit grid and rail operations, and it took two hours to repair only the infrastructure required for metropolitan service, and 12 hours or more for the remainder of the city to be repaired.
The Indian authorities announced soon after the incident that the ‘potential for sabotage’ could not be ruled out. The Mumbai Mirror Indian daily newspaper then announced that the cyber police found traces that appear to have come from cyber attacks,” increasing the likelihood of sabotage of a form of cyber attack.
“According to this paper, “in power supply networks and transmission-related infrastructure, many unusual login attempts were found.” Someone penetrated the system using a tactic such as Brute Force, and then maliciously abused the server, which may have triggered a power failure. When this login attempt was monitored, the source was discovered to be several countries in South Asia. It is now understood that the Agency of Inquiry is still studying the likelihood of a joint attack.
Mumbai Mirror also cited an analyst saying, “Cyber attackers aiming for monetary gains have been constantly attacking power facilities in India since last February.” Attackers are said to have used tactics such as ransomware, BGP hijacking, and DDoS attacks. There was no mention of the perpetrator or of the powers behind it though.
India Today, another daily newspaper, announced that ransomware was discovered by investigators. It is said that at a load dispatch center it was found, and it seems that power outages started right there. The distribution center of power generation is a site where all the running facilities for delivering power to different locations are concentrated.
In other nations, there have been efforts before to create chaos by breaking into the power grid. This is not the first time in India that such an attempt has been observed. Not long ago, there was an incident that an attack group carrying the North Korean government on its back was suspected of attacking the Indian power grid.
The most famous of the big blackouts that were triggered in 2015 and 2016 by hacking attacks in Ukraine. It is now clear that all of these attacks were due to Russian hacker gangs. Russia would not of course, admit that.
Attacks on social networks such as power grids are largely perceived to be domestic electronic warfare units. This is because the object of generating chaos for the adversary is more than financial gain in certain circumstances. Thus through geopolitical ties, such attacks also conclude the perpetrators, and India is currently in dispute with China and Pakistan.
However, it cannot be ruled out the possibility that a general cyber attack group aimed at gaining financial gain.
This is that if ransomware is targeted by a facility corresponding to the social system, the organization in charge has no alternative but to accept the ability to pay the offenders for accelerated recovery. In 2016, a ransomware attacker was attacked by San Francisco’s light rail system asking for payment. At the moment, instead of paying, the department in charge had to pay for astronomical maintenance expenses.
Overview of Line 3
- The Mumbai blackout that took place last month increased the likelihood of sabotage.
- It is documented that in major buildings, repeated malicious login attempts have been detected.
- Infrastructure attacks primarily include APT classes, but it is not possible to eliminate general hackers.