Are we ready for cyber attacks on infrastructure?

It turned out to be a false alarm. The electricity blackout in Mumbai in October 2020 was not a result of a cyber attack. It was a technical error caused by a human mistake. Minister of Power RK Singh said, “Cyberattacks happened on our northern and southern region load dispatch centres but they (malware) could not reach our operating system.” 

Failed attempt though it may have been, the fears of future cyber attacks on India’s economic infrastructure is real and rising. And the minister confirmed this. Attacks had been made on India’s Northern and Southern Load Dispatch Centres. And malware Trojan horse were discovered in Mumbai city’s Supervisory Control and Data Acquisition (SCADA) system, which aims to monitor and control field devices. Some individual computers were impacted but not the central controlling system. 

For the moment, the electricity grids are relatively safe from cyber attacks, not least because the level of digitisation and connectivity in the system is low. The systems still work in silos and therefore it is difficult to bring down the entire grid atthis stage. 

This could change rapidly, and the risks are increasing. Consider this. As of March 2021, 1.5 million smart meters have been installed in about 10 states by Energy Efficiency Services Limited (EESL) a joint venture of government-run companies under the Union ministry of power.  

EESL’s Smart Meter National Programme has a target to replace about 250 million conventional meters with smart meters in India. “Smart meters are connected through a web-based monitoring system which will help to reduce commercial losses of utilities, enhance revenues and serve as an important tool in power sector reforms,” says EESL.

As smart meters are rolled out, the need for strong, secure systems would be critical. Hackers, from China or elsewhere, can cause blackouts in millions of homes and offices through connected smart meters. And as regional grids increase their digitisation levels, they will also have to strengthen their defences against hackers. 

There are other connected systems in the country that can be attacked. The GST Network, the Passport Seva Kendra and the Covid vaccine portal CoWin are all potential targets of hackers. Similar such portals at states and regional levels could be targeted by criminal elements. 

Do we have enough capability and capacity to manage such attacks? The large power sector companies seem to be alive to the dangers. The last annual report of National Thermal Power Corporation (NTPC) mentions cyber security. “NTPC is on the Digital path and implementing its Digital Strategy Roadmap….(it) has taken the initiative for further secured Control systems, augmenting the present defence in depth Cyber Security Posture for Operational Technology,” the annual report says. 

Recorded Future, a security intelligence firm, says India has been targeted by the China-based group RedEcho: “Ten distinct Indian power sector organisations, including four of the five Regional Load Despatch Centres (RLDC) responsible for operation of the power grid through balancing electricity supply and demand, have been identified as targets in a concerted campaign against India’s critical infrastructure. Other targets identified included two Indian seaports.”

This activity was discovered “through a combination of large-scale automated network traffic analytics and expert analysis.”

Indian infrastructure companies and the government’s security establishment have two challenges. First, protect all relevant utilities, especially as most of them are accelerating usage of digital solutions. Second, even threat detection and prevention must be done using sophisticated cyber security tools. 

A centrally coordinated effort to improve cyber security capability across sectors is essential for the new levels of threats that India faces.