R.K. Singh, the Union Power Minister, stated last month that the Electricity Amendment Bill’s provisions for frequent inspections. And prompt action will soon make India’s power network more future-proof and resistant to cyberattacks. On Friday, Tata Power reported that a cyberattack had damaged its IT infrastructure and disrupted its operations.
According to a BSE filing, Tata Power Company Limited experienced a cyber intrusion that affected several of its IT systems.
The business advised that actions had been taken to recover and restore the systems.
All essential operational systems remain operational, but as an extra precaution, restricted access. And preventive measures have been implemented for portals and touch points that are used by employees and customers.
Bill payment portal outage
Over the past week, a number of Mumbai residents have complained that they have encountered difficulties trying to pay their electricity bills online through Tata Power. “Sorry, Tata Power Mumbai is experiencing sporadic troubles,” read the message. Please try again later if you are unable to finish your payment.
Customers may not be able to pay their bills online due to “limited access and preventive inspections,” as Tata Power claims in its email.
Some people voiced worry that they would incur late fees as a result of the payment portal failure. If the bill payment portal went down as a result of the malware, Tata Power has not yet reacted to ETCISO’s inquiries.
Cyberattacks on India’s power sector
An examination by Thane power Recorded Future into the October 2020 cyberattack that brought down Mumbai showed that malware had been installed in key national power-distribution systems.
Yashasvi Yadav, Special IGP at the Maharashtra Cyber Department, confirmed the finding in an earlier interview with ETCISO. Yadav claimed that his team was “shocked” to learn that there were more than 14 Trojans on the server after reviewing the company’s firewall and server logs.
Stuart Solomon, the chief operating officer of Recorded Future, told The New York Times that Red Echo, a state-sponsored Chinese organisation, had been “systematically utilising advanced cyberintrusion techniques” to covertly secure a foothold in key nodes throughout the Indian power generation and transmission infrastructure.
RedEcho, a threat actor with ties to China, launched targeted attacks on 10 power sector assets across the nation. They include Mumbai and Thane in Maharashtra, VO Chidambarnar port in Tamil Nadu, NTPC’s Kudgi power plant in Karnataka. A load dispatch centre in Telangana, and regional load dispatch centres in West Bengal and Assam. This was done even after the government agreed to a military de-escalation in the Pangon area.
