October Mumbai power outage may have been caused by a cyber attack

Authorities in India believe that a major power outage that occurred in October in Mumbai may have been caused by hackers.

On October 13, a major power outage occurred in the metropolitan area of Mumbai causing the partial disruption of the traffic management systems and the paralysis of the rail traffic and also impacted work at the stock exchange.

The power outage for essential services lasted two hours, while authorities spent up to 12 hours to restore power in some of the affected areas.

“Last month’s power outage in the Mumbai Metropolitan Region (MMR) was possibly the result of a sophisticated sabotage attempt involving foreign entities, a probe carried out by the state police’s cyber cell has revealed.” reads the post published by the Mumbai Mirror.

According to the Mumbai Mirror, the incident may have been caused by a cyberattack. The media outlet revealed that cyber police have found evidence suggesting this assumption. It seems that foreign hackers have been trying to hack into the country’s power utilities since February.

According to India Today, experts involved in the investigation have discovered malware at a load dispatch center, which is responsible for ensuring the operation of the power grid, monitoring grid operations, and scheduling and dispatching electricity.

“The primary cause of the power outage was said to be due to tripping at the Padgha-based load dispatch center in Thane district which distributes power for Mumbai, Thane and Mavi Mumbai areas.” states India Today.

The suspicious logins have been traced to Singapore and other South Asian countries.

“A source who is privy to the probe, said hackers have been trying to target the country’s power utilities since February. In June, a swarm of 40,000-plus hacking attacks by non-state groups purportedly operating from China had used a type of malware to access and then encrypt sensitive data of targeted private and public entities.” continues the article. “A power supply provider in Jammu and Kashmir had also come under the hackers’ attack.”

The media outlet speculate that the attacks were carried out by financially-motivated foreign hackers that launched multiple attacks against the Indian utilities, including phishing campaigns, ransomware and DDoS attacks, and BGP hijacking.

This kind of incidents are very dangerous, power grids are critical infrastructure and a cyber attack could impact hospital and research institutes involved in the response of the ongoing pandemic.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, power grid)

[adrotate banner=”5″]

[adrotate banner=”13″]