Report: Long-Running Cyberattack on Indian Seaport

Courtesy iStock

Published Mar 16, 2021 12:00 AM by Ankur Kundu

As Indian authorities block attempts by Chinese affiliated groups from attacking the country's electrical sector, reports have emerged that they are actively targeting an Indian port in the process.

Dryad Global reports that according to US firm Recorded Future, at least one connection opened by the hackers into the network system of an unnamed Indian port remained active for an extended period.

Recorded Future's Chief Operating Officer, Stuart Solomon backed this by stating that as of March 2, the company could see a 'handshake', denoting traffic exchange between a Chinese affiliated group named 'RedEcho' and an unnamed Indian port.

Recorded Future’s Insikt Group, the company’s threat research arm, revealed the malicious activity. As per Recorded Future, 'RedEcho' has been actively targeting Indian power grid installations, as well as two other Indian ports. The company notified India's Computer Emergency Team on February 10.

Solomon said that the connection was still active as of early March; however, no confirmation of the same has come from Indian authorities. Dryad Global said that a spokesman for India’s ministry of electronics and information technology wasn’t immediately available for comment.

Recorded Future say that attacks on key Indian installations have been happening since the middle of last year, having its roots to a violent border skirmish between Indian an Chinese troops in an Himalayan border post.