Download the Report
Relations between India and China have deteriorated significantly in recent years and while diplomacy and economic factors have been effective in preventing a full-blown war, cyber operations continue to provide countries with a potent asymmetric capability to conduct espionage or pre-position within networks for potentially disruptive reasons.
Using a combination of proactive adversary infrastructure detections, domain analysis, and Recorded Future Network Traffic Analysis, Recorded Future’s threat research arm, Insikt Group, has determined that a subset of the servers used share some common infrastructure tactics, techniques, and procedures (TTPs) with several previously reported Chinese state-sponsored groups.
Insikt Group is attributing this activity to a distinct activity group, RedEcho. Despite some overlap with previous groups, Insikt Group does not currently believe there is enough evidence to firmly attribute the activity in this particular campaign to an existing public Chinese threat activity group.
Download this report to learn more details about the campaign conducted by a China-linked group, RedEcho, targeting the Indian power sector.