Why in news?
In the latest in a series of surveillance and hacking attempts, a Chinese state-backed hacker firm has been reported to be targeting Indian vaccine makers.
What were the earlier surveillance and hacking attempts?
- Zhenhua & its targets - A Shenzhen-based technology company was monitoring over 10,000 Indian individuals and organisations.
- This company, the Zhenhua Data Information Technology Co, has links with the Chinese government and the Chinese Communist Party.
- The attempt was part of the company’s global database of “foreign targets”.
- Its task is to -
- collect information about relevant people from the web and social media platforms
- track research papers, articles, patents, and recruitment positions
- The company also monitors the person’s digital footprint across social media platforms and maintains an “information library”.
- Those monitored in this database included -
- influential political and industrial figures
- bureaucrats in key positions, judges, scientists and academicians, journalists, actors, sportspersons, religious figures, activists
- hundreds accused of financial crime, corruption, terrorism and smuggling
- The collection of such data by Zhenhua does not violate any rules under the Information Technology Act of 2000 in India.
- This is because nearly all of this data is available in the public domain.
- However, Zhenhua’s 24×7 watch had raised red flags with cybersecurity experts.
- They feel that the information collected could be put together for tactical manoeuvring.
- It could thereby target the individuals under surveillance or their institutions.
- Red Echo & ShadowPad - Recently, Massachusetts-based cybersecurity company Recorded Future published a report.
- It said that it had observed a “steep rise” in the use of resources like malware by a Chinese group called Red Echo.
- It was used to target “a large swathe” of India’s power sector.
- It said 10 distinct Indian power sector organisations were targeted.
- This included four Regional Load Despatch Centres (RLDCs) that are responsible for the smooth operation of the country’s power grid by balancing the supply and demand of electricity.
- The group also targeted two Indian seaports.
- Red Echo used malware called ShadowPad, which involves the use of a backdoor to access servers.
- The Ministry of Power recently confirmed these attempts.
- It had said that “no data breach/data loss” had been detected due to the incidents.
- Also, none of POSOCO’s functions had been impacted.
- POSOCO ‘(Power System Operation Corporation Ltd) is the government enterprise in charge of facilitating transfer of electricity through load despatch centres.
- The government said it had taken action against the threats observed.
What is the recent Stone Panda & vaccines attempt?