On March 1, the central government had denied the New York Times report that suggested the power outage that occurred in Mumbai in October 2020 was Chinese handiwork. As per reports, it was a human error and not sabotage. It has to be noted that in November 2020, a state government-appointed committee probing Mumbai’s power outage also reported that there was no sabotage behind the outage. Notably, the NYT report had also suggested that there was malware, but most of them were never activated.
The New York Times report lacks evidence
The NYT report that came out on February 28 speculates on the line of the November 2020 reports that suggested there might be a possibility of cyber-attack from foreign actors, specifically from China. The US-based research organisation Recorded Future had stated to NYT that as they were unable to enter the Indian power system, they could not look into the details of the code placed in strategic power distribution systems across the country.
They added that they have notified the Indian authorities, but so far, they have not reported what they have found. Maharashtra Energy Minister Nitin Raut had also said in November that the outage caused in Mumbai may be due to a cyber-attack based on the preliminary report. Back in November, Maharashtra Cyber Department and Cyber Intelligence cell have also speculated that they suspect the power grid failure may have been a result of a Chinese cyber-attack.
On March 1, Raut tweeted that he had received a report by the State Cyber Police Department that affirms the possibility of a cyber-attack. It has to be noted that the state power ministry had set up a committee that included experts from IIT Mumbai, VNIT Nagpur and others. The committee had denied any possibilities of sabotage at that time.
According to committee's report, due to the delay in immediate action by the system, the lights in Mumbai and suburbs were switched off at the same time."
Power Ministry denied the claims
The union power ministry under RK Singh has denied the claims of any sabotage that had caused power disruption. In the statement, the minister said that it was caused by a human error. Singh further added that the engineer and operator on duty were blamed in the report for lapses that led to the outage. News18 quoted Singh saying, “We had sent a team to Mumbai, and their conclusion was that there were some mistakes by the operators and those who handle state transmission system. So they have identified the point where mistakes happened, and I will be writing to state government so that they can call for an explanation and take action.”
The mere presence of malware is not evidence of sabotage
To detect viruses and cyber-attacks, security experts use tools to identify malicious codes that are harming the system. To mask the malicious virus or malware from the experts, the cybercriminals often hide a dormant code in the malware that masks its actual functionality. These dormant or inactive malware need additional commands to activate.
The reports suggest that most of the malware infused in the power grid found by the security experts were never active. That means while they pose a possible threat to the system, the hackers were not able to sabotage the system.