Power transmission: Punjab among 8 states targeted by Chinese hackers in past month
From last week of February to first week of March, China-based cyber hackers targeted 10 entities in the power sector in these states, including Punjab state load dispatch centre
: A massive power outage was averted in eight states, including Punjab, Haryana and Himachal Pradesh, after the Central Electricity Authority alerted the respective governments about Chinese hackers targeting power transmission companies in India.
From last week of February to first week of March, China-based cyber hackers targeted 10 entities in the power sector in these states, including Punjab state load dispatch centre (SLDC ), systematically utilising advanced cyber intrusion techniques to gain foothold across the Indian power generation and transmission infrastructure.
The Computer Emergency Response Team of India (CERT-In) detected that the Chinese hackers have targeted power transmission companies in India. The utilities targeted in the cyber-attack from Chinese ATP actors are SLDC of Punjab, Tamil Nadu, Uttar Pradesh, Himachal Pradesh, Delhi, Madhya Pradesh, Rajasthan, and Haryana.
The state load dispatch centre is the apex body to ensure integrated operation of the power system in the state and is responsible to ensure integrated operation of the power system responsible for optimum scheduling and dispatch of electricity in the state. A breach here can lead to failure of electricity in the entire state.
In the case of Punjab SLDC, the attempts were foiled by blocking malicious IPs in the SCADA and ISP firewalls. SCADA firewall logs from February 21 to 23 and February 27 to March 1 were analysed. The timely action taken by them as per messages from NCIIPC, saved the situation.
The Ministry of Power has advised all the state SLDC to do a cyber security audit of IT as well as Operational Technology system every six months, install next generation firewall and use updated AV solutions.
The ministry has further asked load dispatch centres to trace and isolate the systems from where the malicious connections were made. Last year, the Chinese hackers had attacked the Mumbai based power distribution system to destabilise the power supplies.
Confirming that some malicious IP addresses tried to infiltrate in the SLDC system, Yogesh Tondon, director (Technical) Punjab State Power Transmission Limited said, “it’s a continuous battle which power, banking and other government sectors, fight with the hackers. We have a fool proof system to check such infiltration bids”.
He said that the ministry of power has already taken a meeting over the issue and has sensitised the various SLDC. He said not only the above-mentioned incidents, some IP addresses originating from Hong Kong, China and other countries were blocked by the CERT-in, as they were trying to infiltrate into our system.
He said that Punjab has already adopted Firewalls like Gajshield and sophos to check such cyber attempts.
“Punjab SLDC, in league with the central agencies, is fully equipped to tackle such day-to-day basis threats,” he added.