In a clear warning to New Delhi last year not to press its claims too hard during the military stand-off in Eastern Ladakh, China had launched a cyber campaign against India’s power grid in the midst of the country’s war against Covid-19, the New York Times has suggested.

The newspaper reported that a new study has lent weight to the idea that the 15 June Galwan Valley clash between Indian and Chinese troops and the outage in Mumbai four months later might have been connected events as part of a broader Chinese cyber campaign against India’s power grid. The report said the flow of malware was pieced together by Recorded Future, a Somerville, Massachusetts, company that studies the use of the internet by state actors. It found that most of the malware was never activated.

“And because Recorded Future could not get inside India’s power systems, it could not examine the details of the code itself, which was placed in strategic power-distribution systems across the country. While it has notified Indian authorities, so far they are not reporting what they have found”, the NYT said.

Stuart Solomon, Recorded Future’s chief operating officer, said that the Chinese state-sponsored group, which the firm named Red Echo, “has been seen to systematically utilise advanced cyber intrusion techniques to quietly gain a foothold in nearly a dozen critical nodes across the Indian power generation and transmission infrastructure.”

The discovery raises the question about whether the outage that struck on 13 October, one of the country’s busiest business hubs, was meant as a message from Beijing about what might happen if India pushed its border claims too vigorously, the newspaper said.

It added that news reports at the time quoted Indian officials as saying that the cause was a Chinese-origin cyberattack on a nearby electricity load-management centre. Authorities began a formal investigation, which is due to report in the coming weeks.

Since then, Indian officials have gone silent about the Chinese code, whether it set off the Mumbai blackout and the evidence provided by Recorded Future that many elements of the nation’s electric grid were the target of a sophisticated Chinese hacking effort.

The NYT said the investigators who wrote the Recorded Future study, which is set to be published on Monday, said that “the alleged link between the outage and the discovery of the unspecified malware” in the system” remains unsubstantiated.