Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Geo Focus: Asia

India Unveils New Agency to Help Secure Power Companies

CSIRT-Power Will Be the Core of the Power Sector's Cybersecurity Setup
India Unveils New Agency to Help Secure Power Companies
A coal-fired power plant in India (Image: Shutterstock)

India has launched a dedicated cybersecurity incident response team for the critical energy sector. Officials said existing computer emergency response teams currently lack the resources and skilled professionals needed to defend against growing cyberattacks on power utilities and infrastructure.

See Also: OnDemand | New Phishing Benchmarks Unlocked: Is Your Organization Ahead of the Curve in 2023?

The new computer security incident response team, named CSIRT-Power, will add teeth to the sector's cybersecurity defenses and complement existing sub-sectoral computer emergency response teams, officials said.

"The threats we face today are unlike those of the past. Cyberattacks have emerged as a serious and growing concern, capable of causing significant disruptions with far-reaching consequences," said Minister of Housing and Urban Affairs Manohar Lal Khattar during the inauguration ceremony in New Delhi. "The power sector, being at the heart of our national infrastructure, is a prime target for such attacks," he said.

The new cybersecurity incident response team is expected to form the core of the power sector's cybersecurity setup, coordinating with sectoral CERT teams to respond to and prevent cybersecurity incidents, collect, analyze and share information regarding sector-specific cyberthreats, build awareness and implement measures to improve the sector's cybersecurity posture.

According to government figures, India has a combined installed power capacity of approximately 450 gigawatts, generated from coal, hydro, wind, solar and nuclear-powered facilities distributed across the country. The country expects to generate up to 900 gigawatts of electricity to supply more than 1 billion people and millions of businesses by 2030. More than 500 gigawatts will come from renewable resources.

The idea of protecting power companies from attacks is nothing new. India in its National Cyber Security Policy, 2013, recommended establishing sectoral computer emergency response teams for critical sectors to "strengthen cybersecurity efforts and support constituent utilities in decision-making and specialized responses."

The country also established the National Critical Information Infrastructure Protection Center to secure the power sector's critical information infrastructure and set up sectoral computer emergency response teams for thermal, hydro, transmission, distribution, grid operation and renewable energy sectors.

According to the Ministry of Power, the government set up security operations centers to monitor critical assets and security events and incidents across dozens of regional and national load dispatch centers. It also required all 35 provincial load dispatch centers to conduct annual vulnerability assessment and penetration testing cybersecurity audits.

Despite these efforts, the power sector remains vulnerable to a range of cybersecurity threats aimed at disrupting critical operations or stealing sensitive information. According to Recorded Future's cybersecurity arm, Insikt Group, a Chinese threat group tracked as RedEcho used the ShadowPad backdoor malware frequently to target Indian power grid organizations since at least 2020.

The attacks, which coincided with military clashes between Indian and Chinese armies in the Ladakh region, primarily targeted seven load dispatch centers in northern India that were located close to Ladakh.


About the Author

Jayant Chakravarti

Jayant Chakravarti

Senior Editor, APAC

Chakravarti covers cybersecurity developments in the Asia-Pacific region. He has been writing about technology since 2014, including for Ziff Davis.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.in, you agree to our use of cookies.