Just as Sino-Indian relations were showing signs of easing, the New York Times published a report on March 1 that the October 2020 blackout in Mumbai was “linked” to China, it being a “warning from Beijing” in the context of the Sino-Indian border conflict. The report was reprinted in several Indian media the same day, on March 1st. Chinese Foreign Ministry spokesman, Wang Wenbin, responded the same day, saying that China is a firm defender of cyber security and firmly opposes and cracks down on any form of cyber attacks. “It is difficult to trace the source of cyber attacks, and one cannot create something out of nothing or speculate at will, let alone throw dirty water on a specific party without evidence. That is not only irresponsible but also with ulterior motives. China is firmly opposed to this”.
The New York Times report, citing a report issued by the Somerville, Massachusetts based cybersecurity firm RecordedFuture, said that when the conflict between India and China erupted in the Galwan Valley last June, “malware was planted in more than a dozen key links in India’s power generation and supply infrastructure systematically by organizations funded by the Chinese government using advanced cyber intrusion techniques. Most of the malware was never activated, the report said, and the company was unable to examine details of the code disseminated throughout India’s power distribution system (by the malware) because it did not have access to India’s power system. The company had informed the Indian government’s Cyber Emergency Response Team of the vulnerabilities, but so far, the latter has not responded publicly. The report’s authors admitted that “a connection between the Mumbai blackout and the discovery of unidentified malware (in the power supply system) had not been confirmed,” but still went on to link the two together.
The “India Today” reported on March 1st that on Oct. 12 last year, Mumbai, known as India’s financial hub, suffered an unprecedented widespread power outage that directly paralyzed rail operations, shut down the Bombay Stock Exchange and forced hospitals to switch to emergency generators to keep ventilators running. The power outage began at 10 a.m. and lasted for several hours. The Maharashtra state investigation report on the incident is scheduled to be released in early March this year. According to the New York Times, the discovery of the “Record the Future” company provides a basis for the notion that: “The blackout is part of China’s extensive cyber operations against the Indian power grid. The timing was chosen to convey the message: if India tried to assert its territorial claims too hard, it could lead to (its being subjected to) power outages throughout the country”.
The New York Times used the incident as an opportunity to stir up Sino-Indian relations. According to the report, retired Indian Lieutenant General D.S. Hooda said he believed the signal (from China) was that “in times of crisis, we are capable of doing this to you”. The New York Times said Indian officials were silent on “the Chinese code and whether it triggered the Mumbai blackout” and would not talk about evidence provided by U.S. companies. The report also cited an unnamed Indian diplomat as saying that acknowledging Chinese involvement (in the hacking of India’s power system) could complicate recent efforts by the Indian and Chinese Foreign Ministers to ease border tensions. The report concludes by adding that Indian military experts have renewed their call to the Modi government to replace Chinese-made equipment in India’s power sector and key railroad systems.
As events such as Prismgate that have come to light in recent years have shown, planting malware to attack an opponent’s infrastructure is a trick the U.S. is adept at playing. According to the New York Times, placing malware in an adversary’s power grid or other critical infrastructure has become the latest form of aggression and deterrence. Cyber attacks are less destructive than nuclear attacks, but can give a country strategic and psychological advantage. “Russia is a pioneer in the use of such technology,” and “the United States has sent similar signals”, according to the article, which (acknowledged that) the U.S. also planted malicious code into the Russian power grid after it publicly announced that the U.S. power grid was filled with code inserted by Russian hackers.