Home / Economy / Govt mulls nodal body to secure power grids

The government will create a computer security incident response team, or CSIRT, at the Central Electricity Authority to avert cyber attacks on the country’s power grid, said Alok Kumar, secretary, union power ministry.

According to media reports, cyber attackers linked to the Chinese military had infiltrated the network of seven power grid hubs in north India in April.

The emergency response team will be monitoring cyberattacks and make initial analysis. “Cyber security is an important area, and the Centre reviews it from time to time. It has issued guidelines to build capacity of the utilities," Kumar said.

“We will have a CSIRT. There are computer emergency response teams (CERTs) for each sector. CSIRT is the central nodal point at the Central Electricity Authority, which will gradually have the capacity to monitor cyber attacks and also take initial analysis in coordination with CERT-In."

Indian Computer Emergency Response Team, or CERT-In, coordinates with the National Critical Information Infrastructure Protection Centre to oversee cybersecurity operations for critical sectors.

In April, power minister R.K. Singh said three attacks were carried out on the power grid in strategically-located Ladakh since December 2021 but the hackers did not succeed because safeguards were in place to thwart such intrusions.“Our defence against cyber attack is strong. There were probing attacks in December, January and February, but they did not succeed," he had said.

On 17 March, Mint exclusively reported that the government is considering to set up a specialized computer security incident response team, and the officers will be recruited through the Combined Engineering Services Examination conducted by UPSC. CSIRT-Power will be equipped to detect to cyber security incidents, create awareness among stakeholders, monitor incidents and response accordingly, besides carrying out forensic analysis.

It will act as an arm of CERT-In, but will remain under the administrative control of Central Electricity Authority, and will have the required resources, hardware, software and trained professionals.

Red Echo, a hacker group affiliated with the Chinese government, had targeted the control rooms managing critical power grids in 2021. The campaign could have caused widespread blackouts, but the Chinese hackers failed to break into the systems and no data breach was detected, the ministry had said.

The ministry has already set up six separate CERTs for grid operation, thermal, hydropower, electricity distribution and transmission and renewable energy. India also has a National Cyber Coordination Centre (NCCC).

Four out of India’s five regional centres that run critical electricity load management functions have been targeted by hackers. Other high-profile cyberattacks include Kudankulam Nuclear Power Plant run by Nuclear Power Corp., THDC India’s dam at Tehri in Uttarakhand, West Bengal State Electricity Distribution Co. and distribution companies of Rajasthan and Haryana. The NCIIPC has reported several vulnerabilities in other state power utilities, too.


Rituraj Baruah

Rituraj Baruah is a senior correspondent at Mint, reporting on housing, urban affairs, small businesses and energy. He has reported on diverse sectors over the last six years including, commodities and stocks market, insolvency and real estate. He has previous stints at Cogencis Information Services, Indo-Asian News Service (IANS) and Inc42.
Catch all the Business News, Market News, Breaking News Events and Latest News Updates on Live Mint. Download The Mint News App to get Daily Market Updates.
More Less

Recommended For You

Trending Stocks

Get alerts on WhatsApp
Set Preferences My ReadsWatchlistFeedbackRedeem a Gift CardLogout