The government will create a computer security incident response team, or CSIRT, at the Central Electricity Authority to avert cyber attacks on the country’s power grid, said Alok Kumar, secretary, union power ministry. According to media reports, cyber attackers linked to the Chinese military had infiltrated the network of seven power grid hubs in north India in April.
The emergency response team will be monitoring cyberattacks and make initial analysis. “Cyber security is an important area, and the Centre reviews it from time to time. It has issued guidelines to build capacity of the utilities,” Kumar said.
“We will have a CSIRT. There are computer emergency response teams (CERTs) for each sector. CSIRT is the central nodal point at the Central Electricity Authority, which will gradually have the capacity to monitor cyber attacks and also take initial analysis in coordination with CERT-In.”
Indian Computer Emergency Response Team, or CERT-In, coordinates with the National Critical Information Infrastructure Protection Centre to oversee cybersecurity operations for critical sectors.
In April, power minister R.K. Singh said three attacks were carried out on the power grid in strategically-located Ladakh since December 2021 but the hackers did not succeed because safeguards were in place to thwart such intrusions.“Our defence against cyber attack is strong. There were probing attacks in December, January and February, but they did not succeed,” he had said.
On 17 March, it had been reported that the government is considering setting up a specialised computer security incident response team, and the officers will be recruited through the Combined Engineering Services Examination conducted by UPSC. CSIRT-Power will be equipped to detect cyber security incidents, create awareness among stakeholders, monitor incidents and respond accordingly, besides carrying out forensic analysis.
It will act as an arm of CERT-In, but will remain under the administrative control of Central Electricity Authority, and will have the required resources, hardware, software and trained professionals.