Did China cross a new red line in cyberspace?
The Mumbai hack showed complete disregard for collateral damage.
Did China cause the blackouts in Mumbai last year? Nearly six months later, the answer is still unclear, but if recent reports that a Chinese cyber operation bears partial responsibility are accurate, Beijing just signalled a willingness to use its cyber power to target civilian lifeline infrastructure during a crisis. Even more worrying, the hackers used hard-tocontrol cyberattack tools in a destructive manner against a nuclear-armed country, India.
In a report last month, threat analysts at the cybersecurity firm Recorded Future detailed their discovery of China’s systematic penetration of India’s electricity infrastructure. Given the event’s concurrence with the border skirmishes in the disputed area of Galwan Valley, the Chinese hackers appear to have targeted nodes of India’s electric grid to demonstrate Beijing’s capabilities and to convince New Delhi that it should not oppose China’s claims over the area.
Without analysis of the malware or confirmation from Indian officials, we will not know if malware was responsible for the Mumbai blackout, if the outage was caused by operator error while responding to the malware, or if the outage was some kind of combination of these. But the possibility that Chinese hackers planted malware in India’s grid that has no economic or espionage value suggests that Beijing had malicious intent, aiming either to coerce New Delhi by threatening the country’s critical infrastructure or to activate the malware and cripple India’s strategic capabilities.
The breach of critical infrastructure is more concerning than the recent Russian espionage exploiting Solarwinds and other software