04/11/2019 - S & T

KEY POINTS

·       Cyber-threat researchers estimate that a large number of assets on India’s national power grid could be vulnerable to attacks.

·       Ramping up security across the power grid should be a strategic priority since this is a tempting target for terrorists, in addition to being vulnerable in the case of hostilities with any other nation. 

·       Cyberattacks on nuclear installations and other power sector assets have become increasingly common.

·       Known cyberattacks on Indian power sector assets include a 2017 malware attack on the Tehri Dam in Uttarakhand.

·       The NPCIL infection is said to be caused by Dtrack, a Trojan virus that creates backdoors into computer networks.

·       While the Indian Computer Emergency Response Team (CERT-In) claims to be aware of these vulnerabilities, and is reported to have issued advisories in many instances, it has its hands tied because it is the responsibility of the organisation owning the asset to protect it.

·       It is also true that much of the equipment on the power grid is old and based on outdated chips with vulnerabilities that cannot be patched.

·       The government has been trying to set up a system for cyber-protection of infrastructure with the National Critical Information Infrastructure Protection Centre (NCIIPC) as a coordinator and dedicated sectoral CERTs, such as CERT-Thermal-NTPC and CERT-Transmission-POWERGRID, which are responsible for guarding power assets.

·       However, it has to iron out the bureaucratic hassles in assigning the responsibility, which can prevent a vulnerability being patched even after it is identified.

·       Protecting power assets will be increasingly important, given the linking of all the regional grids to the national grid.

·       While the linking makes it easier to supply power to any region on demand, it also makes the entire infrastructure more vulnerable to contagion from cyber-attacks.

Kindly review!!

Please review