October Mumbai power outage may have been caused by a cyber attack

Authorities in India believe that a major power outage that occurred in October in Mumbai may have been caused by hackers.

On October 13, a major power outage occurred in the metropolitan area of Mumbai causing the partial disruption of the traffic management systems and the paralysis of the rail traffic and also impacted work at the stock exchange.

The power outage for essential services lasted two hours, while authorities spent up to 12 hours to restore power in some of the affected areas.

“Last month’s power outage in the Mumbai Metropolitan Region (MMR) was possibly the result of a sophisticated sabotage attempt involving foreign entities, a probe carried out by the state police’s cyber cell has revealed.” reads the post published by the Mumbai Mirror.

According to the Mumbai Mirror, the incident may have been caused by a cyberattack. The media outlet revealed that cyber police have found evidence suggesting this assumption. It seems that foreign hackers have been trying to hack into the country’s power utilities since February.

According to India Today, experts involved in the investigation have discovered malware at a load dispatch center, which is responsible for ensuring the operation of the power grid, monitoring grid operations, and scheduling and dispatching electricity.

“The primary cause of the power outage was said to be due to tripping at the Padgha-based load dispatch center in Thane district which distributes power for Mumbai, Thane and Mavi Mumbai areas.” states India Today.

The suspicious logins have been traced to Singapore and other South Asian countries.

“A source who is privy to the probe, said hackers have been trying to target the country’s power utilities since February. In June, a swarm of 40,000-plus hacking attacks by non-state groups purportedly operating from China had used a type of malware to access and then encrypt sensitive data of targeted private and public entities.” continues the article. “A power supply provider in Jammu and Kashmir had also come under the hackers’ attack.”

The media outlet speculate that the attacks were carried out by financially-motivated foreign hackers that launched multiple attacks against the Indian utilities, including phishing campaigns, ransomware and DDoS attacks, and BGP hijacking.

This kind of incidents are very dangerous, power grids are critical infrastructure and a cyber attack could impact hospital and research institutes involved in the response of the ongoing pandemic.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, power grid)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.