A new study in the US has concluded that the huge power failure in Mumbai that took place in October last year disrupting normal life in India’s commercial capital was caused by Chinese state-sponsored hackers who planted malware in the power control systems.

According to a report in the New York Times, the study shows that as the military face-off continued in Ladakh, Chinese malware was flowing into the control systems that manage electric supply across India, along with a high-voltage transmission substation and a coal-fired power plant.

The flow of malware was pieced together by Recorded Future, a US company that studies the use of the internet by state actors. The NYT report quoted Stuart Solomon, Recorded Future’s chief operating officer, said that the Chinese state-sponsored group, which the firm named Red Echo, “has been seen to systematically utilize advanced cyber intrusion techniques to quietly gain a foothold in nearly a dozen critical nodes across the Indian power generation and transmission infrastructure.”

The massive power failure in Mumbai had brought local trains to halt and the stock markets had to be shut while hospitals were forced to switch to emergency generators to keep ventilators running amid the surge in coronavirus.

Indian officials had also traced the possible cause as a Chinese-origin cyberattack on a nearby electricity load-management centre. Authorities had begun a formal investigation, a report of which is expected to be submitted soon.