Interesting claim of a cyber attack causing electric outages in India. In this thread I’ll go through why folks shouldn’t jump the gun and some things to watch for: https://www.indiatoday.in/india/story/mumbai-power-outage-malware-attack-1742538-2020-11-20 (1/X)
Mega Mumbai power outage may be result of cyber attack, final report awaited

A malware attack is suspected to be the reason behind Mumbai's power outage last month. The case is being probed by the state's cyber department and the final report is awaited.

https://www.indiatoday.in/india/story/mumbai-power-outage-malware-attack-1742538-2020-11-20
The article doesn’t provide much data and further confuses things by saying that India’s grid is under constant attack and sees thousands of cyber attacks across a few days. There’s a huge difference between an actual attack and scans and phishing emails.
The interesting piece is that the source is supposedly from the state government who’s cyber department is investigating. That’s good. Adds credibility but also means we may get an official report at some point.
The most damning piece of information though, which makes me immediately skeptical, is the initial finding a month after the outage is that there was malware on state load dispatch systems. Is this a big deal? No. Malware is found on ICS environments all the time.
What I see happen a lot is there’s an outage or some event that forces people to stop and look. I’m looking and investigating they see issues they didn’t see before - like malware - but that doesn’t mean it had anything to do with the actual outage or event in question.
Or said simply: if you look hard enough you’ll find something especially if you’re not looking often. But correlation does not equate causation.
What does add complexity here though is the geopolitical tension between China and India and recent events in the Galway valley. We do expect to see cyber attacks on infrastructure with such geopolitically tense times.
But we’re a far ways from even confirming an attack took place before any serious discussion on attribution can take place. At this point it’s just a data point to say the scenario could be real based on historical situations like Ukraine.
More complexity is added though in the fact that the Indian government could also be using such claims to rally national efforts while hiding embarrassing issues like infrastructure maintenance failures like we’ve seen in Venezuela when they blamed US cyber attacks for outages.
All this to say: it’s definitely possible but nothing presented yet puts any real credibility to the statements and until an actual report with evidence is presented I would caution folks in speculating.
You can follow @RobertMLee.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
Those who think consciousness raising & movement building are disconnected, or even a distraction from electoral politics have not paid attention to the history of social change.In this thread, we
Read more
The 2020s will be known as the Remote Work decadeA few predictions of what is likely to emerge[ a thread ] Third Space: Office and Working from Home will
Read more
1/29: Have you ever had a concept explained to you that helps frame complex issues you’ve been wrestling with and opens your eyes to new possibilities? A concept that I
Read more
By continuing to use the site, you are consenting to the use of cookies as explained in our Cookie Policy to improve your experience.