Early last summer, Chinese and Indian armies clashed in a surprise border battle in the remote Galwan Valley, bashing each other to death with rocks and clubs.
Four months later and more than 1,500 miles away in Mumbai, rains shut down and the stock market closed as the power went out in a city of 20 million people. Hospitals had to switch to emergency generators to keep ventilators running amid a coronavirus outbreak that was among India’s worst.
Now, a new study lends weight to the idea that those two events may have been connected — as part of a broad Chinese cyber campaign against India’s power grid, timed to send a message that if India pressed its claims too hard, the lights could go out across the country.
The study shows that as the battles raged in the Himalayas, taking at least two dozen lives, Chinese malware was flowing into the control systems that manage electric supply across India, along with a high-voltage transmission substation and a coal-fired power plant.
The flow of malware was pieced together by Recorded Future, a Somerville, Massachusetts, company that studies the use of the internet by state actors. It found that most of the malware was never activated. And because Recorded Future could not get inside India’s power systems, it could not examine the details of the code itself, which was placed in strategic power-distribution systems across the country. While it has notified Indian authorities, so far they are not reporting what they have found.
Stuart Solomon, Recorded Future’s chief operating officer, said that the Chinese state-sponsored group, which the firm named Red Echo,