Tata Power, India’s largest power generation company, recently confirmed that it had been hit by a cyberattack.
India is digitising at an exponential rate, so much so that it might have overlooked the challenges that come with it. Cyber security is one such challenge faced by companies, which poses a threat to their growth.
The attacks
Tata Power was recently hit by a cyber-attack on its information technology (IT) infrastructure, impacting some of its IT systems. The power company, though, did not share details of the attack.
In August, Royal Hansen, Google's VP, Engineering, for Privacy, Safety, and Security, said India has been witnessing a surge in cyber-attacks—the country had faced 18 million cyberattacks and 2,00,000 threats a day in the first quarter of 2022.
Cyberattacks are common around the world, including in major economies such as the US, where industries ranging from energy to the IT sector come under attack. Unlike the West, cyber-attacks in India are usually not as serious but some recent incidents have heightened concerns over cyber security in the country.
The Mumbai power outage of 2020
In 2020, Mumbai faced one of its biggest power outages in decades, which halted essential services like water supply, public transport, and Net connectivity.
The state-run Maharashtra State Electricity Transmission Company (MSETC) blamed Tata Power at the time for the outage. The outage in the financial capital of the country led to the cancellation of local trains, considered the lifeline of the city.
Work at hospitals was also affected in the thick of the Covid pandemic. Essential operations were supported by backup power. Economic activity was hit as people were unable to work from home due to the outage.
Though the issue was resolved in two hours, some parts experienced power cuts for as long as 18 hours.
A New York Times report later said the incident was due to a cyberattack by a group of Chinese government-sponsored hackers.
An attack on India’s leading power generation company shows that even the biggest companies aren’t immune.
Recent attacks on Indian companies
In July, Ajay Kumar Mishra, Minister of State for Home, said over 6,70,000 cyber security-related cases had been reported in the country till June 2022.
According to information provided by the Indian Computer Emergency Response Team (CERT-In), over three million such cases were reported in the country from 2019 till this June.
Amid the aggressive digital expansion in the country, robust cyber security infrastructure has become mission critical.
Speaking at an event about cyberattacks in August, Hansen said, "In a way, it has gotten to a level of activity where it is not a question of if someone will be attacked, but how prepared will they be.”
He added that 30 percent of all transactions in India were digital, the highest in the world.
That infrastructure could be a key target even as we speak, paralysing commerce.
In 2021, 10 Indian power sector assets, the Mumbai port, and Tamil Nadu’s VO Chidmabaranar port were attacked by a hacker group with China links, a US-based company reported.
In April 2022, Power Minister RK Singh confirmed that India's power grid had faced cyber-attacks.
Prevention against cyberattacks
Concerned over the cyber security of India's strategic power sector, the government, through the Electricity Amendment Bill, 2022, made a provision that allowed inspection of the national electricity grid to ensure cyber hygiene.
“The power sector is one of the most frequently targeted, and the first to respond to cyber threats with mandatory controls. But threats continue to evolve, reaching into industrial control systems and supply chains, and require even greater efforts to manage risk,” said Deloitte in a report in January 2019.
While there is a need for Indian utilities to strengthen their cyber security systems to prevent such attacks in the future, some experts feel that the industry is not fully geared up for the challenge.
“I don’t see major investments by utilities in cybersecurity but I believe it’s time to start investing,” said Anurag Johri, MD and Lead for Utilities, at Accenture.
“The more digital we become, the more vulnerable we are. If there is a cyber-attack, the entire network can go down, and you will be without electricity. It is an area where utilities will have to spend a lot of money and time looking at how they can bring in the right kind of cybersecurity in place,” he added.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
