3 min read.Updated: 22 Jul 2021, 07:27 AM ISTLivemint
This comes in the backdrop of Red Echo, a hacker group affiliated with the Chinese government, targeting India’s power grid earlier this year. There have also been cyberattacks aimed at India’s transportation sector
NEW DELHI :
Four of India’s five regional centres that help oversee the country’s critical electricity load management functions have faced cyberattacks in recent months. However, necessary protective measures have been taken, Union power and new and renewable energy minister Raj Kumar Singh said in a written reply in Rajya Sabha on Tuesday.
This comes in the backdrop of Red Echo, a hacker group affiliated with the Chinese government, targeting India’s power grid earlier this year. There have also been cyberattacks aimed at India’s transportation sector..
“Some unsuccessful cyber attempts were reported from various agencies in the recent past. On receipt of such information, immediate measures are taken for isolation and other compliance measures by the respective organization," Singh’s statement said in response to a query on Tuesday.
“For instance, cyber incidents have been reported at Southern Regional Load Despatch Centre (SRLDC), Western Regional Load Despatch Centre (WRLDC), Northern Regional Load Despatch Centre (NRLDC) and North Eastern Regional Load Despatch Centre (NERLDC) of Power System Operation Corporation (POSOCO), NTPC Kudgi and Telangana State Transco. Necessary isolation and other protective measures have been taken by these organizations," Singh’s statement said.
State-run Posoco oversees the grid through the National Load Dispatch Centre (NLDC), the five RLDCs and 34 state load despatch centres (SLDCs). The grid is under constant attack, with at least 30 events reported daily, as reported by Mint earlier. Most originate from China, Singapore, Russia and the Commonwealth of Independent States (CIS) countries.
The Red Echo campaign could have caused widespread blackouts. However, the Chinese hackers failed to break into the systems, and no data breach was detected, the power ministry said in a statement previously. “An incident of power outage had occurred in Mumbai on 12 October 2020. As per the direction of the ministry of power, a panel was formed to conduct a fact-finding exercise on the cyber sabotage angle. As per the report of the committee, no conclusive evidence was observed to attribute the Mumbai grid incident of 12.10.2020 to a cyberattack," Singh said in his response on Tuesday.
The New York Times, in a report earlier this year, linked last year’s grid failure in Mumbai to Chinese cyberattacks. China, on its part, has refuted the allegation as “rumours and slander".
The Indian Computer Emergency Response Team (CERT-In), which coordinates efforts on cybersecurity issues, issued an alert on 19 November 2020 on the threat of a malware called Shadow Pad at some control centres of Posoco. The National Critical Information Infrastructure Protection Centre (NCIIPC), which oversees India’s cybersecurity operations in critical sectors, raised an alarm on 12 February this year about Red Echo targeting RLDCs and SLDCs.
“NCIIPC informed through a mail dated 12 February 2021 about the threat by Red Echo through a malware called Shadow Pad. It stated that: ‘Chinese state-sponsored threat actor group known as Red Echo is targeting Indian power sector’s Regional Load Dispatch Centres (RLDCs) along with State Load Dispatch Centres (SLDCs)’," the power ministry said in a 1 March statement.
The power ministry, on its part, has set up six Computer Emergency Response Teams (CERTs) for grid operation, thermal, hydropower, electricity distribution, transmission and renewable energy. India also has a National Cyber Coordination Centre (NCCC).
Meanwhile, the Union government has started a large-scale training exercise following the cyberattacks.
“There are training exercises happening. We are seized of the issue and capable of thwarting any such attempts," said a senior government official, requesting anonymity.
Some high-profile cyberattacks on India’s power sector include the ones at state-run Nuclear Power Corp. of India Ltd’s Kudankulam Nuclear Power Plant, THDC Ltd’s Tehri dam, West Bengal State Electricity Distribution Co. Ltd and at Rajasthan and Haryana discoms. NCIIPC has also reported several vulnerabilities in states’ power utilities.
Subscribe to Mint Newsletters
* Enter a valid email
* Thank you for subscribing to our newsletter.
Never miss a story! Stay connected and informed with Mint.
our App Now!!