Amid months-long military standoff between the two countries in the region, a report by private intelligence firm Recorded Future has revealed that Chinese state-sponsored hackers targeted Indian electricity dispatch centres near Ladakh in recent months.
As per the report, the hackers focused on at least seven "load dispatch" centers in northern India that are responsible for carrying out real-time operations for grid control and electricity dispersal in the areas they are located, near the disputed India-China border in Ladakh.
Notably, this targeting has been geographically concentrated, with the identified SLDCs located in North India, in proximity to the disputed India-China border in Ladakh," the group said.
The reported revealed to have also identified the compromise of a national emergency response system and the Indian subsidiary of a multinational logistics company by the same threat activity group.
"The prolonged targeting of Indian power grid assets by Chinese state-linked groups offers limited economic espionage or traditional intelligence gathering opportunities," the Recorded Future report states. "We believe this is instead likely intended to enable information gathering surrounding critical infrastructure and/or pre-positioning for future activity.
Jonathan Condra, a senior manager at Recorded Future, said the method the attackers used to make the intrusions — using compromised internet of things devices and cameras — was unusual. The devices used to launch the intrusions were based in South Korea and Taiwan, he said.
The Chinese Ministry for Foreign Affairs didn't respond to a request for comment by press time. Beijing has consistently denied involvement in malicious cyber activity. Indian authorities also didn't respond to a request for comment.