Chinese hackers targeted India's Oil and Gas assets and Indian Railways.

Though reports confirm an attack attempt on India's Oil and Gas assets, there are unverified reports on intrusion attempt on the Railways.

Though reports confirm an attack attempt on India's Oil and Gas assets, there are unverified reports on intrusion attempt on the Railways. Recorded Future, a US-based security consultancy firm, claimed that Chinese groups had impinged into 12 Indian state-run organizations' networks since mid-2020. According to the report, it was done in an attempt to "insert malware" that could cause widespread disruptions, The Hindustan Times reported.

According to the report, the intrusion began much before May 2020, when violent clashes broke out between Indian and Chinese troops at the Galwan valley, Ladakh.

According to the report, those who were exposed to the cyber-attacks by Chinese group RedEcho, include10 power sector assets, including state-run NTPC, Power Sector Operation Corporation Ltd (POSOCO), NTPC Kudgisuper thermal power plant, load despatch centers in Western, southern, northeastern, and eastern regions, Telangana State Load Despatch Centre, Delhi State Load Despatch Centre, Delhi Transco Ltd substation at Mundka, V O Chidambaranar port in Tamil Nadu and Mumbai Port Trust. The report suggests that the hackers may have also targeted the Indian Railways.

According to Christopher Ahlberg, co-founder and chief executive officer of Recorded Future, RedEcho's targets include "India's oil and gas assets, electricity sector, maritime assets, and critical rail infrastructure."

However, according to Charity Wright, a Cyber Threat Intelligence Expert at Recorded Future, "there is still not enough data to confirm that Indian Railways infrastructure were actually attacked," the Economic Times reported.

The report further stated that since 2017, these groups use ShadowPad, a modular backdoor tool used by China-backed groups in network intrusion campaigns.

Commenting on the report, the Ministry of Power said that the threat informed by the U.S company "had no impact on any of the functions carried out by Power Sector Operation Corporation Ltd (POSOCO), and they found no data breach."

Commenting on the government's remarks, Ahlberg said that the "statements given by the Indian government show that they have taken appropriate steps against the cyber-attack by the Chinese threat activity group."

From the above facts, we conclude the judgment as Partly True, as there was undoubtedly an attempt by the Chinese hackers to intrude into India's Oil and Gas assets. There is some uncertainty about them targeting the Indian railways.