India is assembling an ace team of cyber sleuths to protect its power grids
2 min read 16 Mar 2022, 11:19 PM ISTThe team, including domain experts from the private sector, will be housed under the CEA

NEW DELHI : The growing threat of cyber attacks on India’s power grid has prompted the government to consider setting up a specialized computer security incident response team (CSIRT) to thwart any attempt at crippling the critical power infrastructure, two government officials said.
The team, comprising trained professionals, including domain experts from the private sector, will be housed under India’s apex power sector planning body, Central Electricity Authority (CEA), the people cited above said on condition of anonymity. The officers will be recruited through the Combined Engineering Services Examination conducted by the Union Public Service Commission.
The move comess amid increasing geopolitical uncertainties, and China’s attempts to target India’s critical infrastructure, such as the power grids and transportation systems, through malware attacks.
“CSIRT-Power will perform functions pertaining to cyber security incidents, such as creating awareness, incident monitoring and response, and forensic analysis. It will act as an extended arm of CERT-IN, but shall remain under the administrative control of CEA. CSIRT-Power will be equipped with required resources, hardware, software and sufficiently trained manpower," according to a government document, which was reviewed by Mint.
The Indian Computer Emergency Response Team (CERT-In) coordinates efforts on cybersecurity issues with the National Critical Information Infrastructure Protection Centre (NCIIPC) to oversee India’s cybersecurity operations in critical sectors.
The union power ministry on its part has set up six CERTs for grid operation, thermal, hydropower, electricity distribution, transmission and renewable energy. India also has a National Cyber Coordination Centre (NCCC).
“Around 40 officers will be drawn to man CSIRT-Power. While 40% of the staff will be drawn from Central Power Engineering Service, the balance 40% will be from state-run firms with hired domain experts from markets accounting for the remaining 40% staff," said one of the two officials cited above.
Four out of India’s five regional centres which oversee critical electricity load management functions have faced cyberattacks. Some high-profile cyberattacks on India’s power sector include state-run Nuclear Power Corp. of India Ltd’s Kudankulam Nuclear Power Plant, THDC Ltd’s Tehri dam, West Bengal State Electricity Distribution Co. Ltd and at Rajasthan and Haryana discoms. The NCIIPC has reported several vulnerabilities in other state power utilities.
State-run Power System Operation Corp (Posoco) oversees the grid through the National Load Dispatch Centre, the five Regional Load Despatch Centre and 34 state load despatch centres. The grid is under constant attack, with at least 30 daily events, as reported by Mint earlier. Most originate from China, Singapore, Russia and the Commonwealth of Independent States (CIS) countries.
Queries emailed to a union power ministry spokesperson on late Monday night remained unanswered till press time.
Red Echo, a hacker group affiliated with the Chinese government, repeatedly targeted the control rooms that manage critical power grids early in 2021. The campaign could have caused widespread blackouts. However, Chinese hackers failed to break into the systems, and no data breach was detected, according to an earlier statement by the power ministry.