Campaign · all campaigns
Indian Critical Infrastructure IntrusionsC0043 unknown
aka Indian Critical Infrastructure Intrusions
Last updated: 2026-07-03
About this actor
[Indian Critical Infrastructure Intrusions](https://attack.mitre.org/campaigns/C0043) is a sequence of intrusions from 2021 through early 2022 linked to People’s Republic of China (PRC) threat actors, particularly [RedEcho](https://attack.mitre.org/groups/G1042) and Threat Activity Group 38 (TAG38). The intrusions appear focused on IT system breach in Indian electric utility entities and logistics firms, as well as potentially managed service providers operating within India. Although focused on OT-operating entities, there is no evidence this campaign was able to progress beyond IT breach and information gathering to OT environment access.(Citation: RecordedFuture RedEcho 2021)(Citation: RecordedFuture RedEcho 2022)
Source: MITRE ATT&CK
Activity timeline
No activity events recorded.
Profile
| CVE | Risk | CVSS | EPSS | Published | Products |
|---|---|---|---|---|---|
| No attributed CVEs. | |||||
Mitigating controls (NIST 800-53)
| Control | Techniques covered | Coverage |
|---|---|---|
AC-4 | 7 / 12 | 58% |
CA-7 | 7 / 12 | 58% |
SC-7 | 7 / 12 | 58% |
SI-4 | 7 / 12 | 58% |
CM-2 | 6 / 12 | 50% |
CM-6 | 6 / 12 | 50% |
CM-7 | 6 / 12 | 50% |
SI-3 | 6 / 12 | 50% |
SC-23 | 4 / 12 | 33% |
SC-20 | 3 / 12 | 25% |
SC-21 | 3 / 12 | 25% |
SC-22 | 3 / 12 | 25% |
SC-10 | 2 / 12 | 17% |
SC-12 | 2 / 12 | 17% |
SC-16 | 2 / 12 | 17% |
Co-occurring actors
None.
Similar actors
Similar TTPs
- RedEcho 0.67
- C0021 0.27
- Versa Director Zero Day Exploitation 0.25
- BITTER 0.23
- C0010 0.18