By Ashwani Mishra, Editor-Technology, 63SATS
In a significant move to safeguard the nation’s critical power infrastructure from escalating cyber threats, Union Minister Shri Manohar Lal inaugurated the Computer Security Incident Response Team – Power (CSIRT-Power) facility at the Northern Regional Power Committee in New Delhi.
The launch marks a crucial step toward reinforcing cybersecurity resilience in one of the most vital sectors of India’s national infrastructure.
“Cyberattacks are no longer a distant possibility—they are an immediate and pressing threat, particularly to the power sector,” said Shri Manohar Lal during the inauguration. “The power sector is at the heart of our national infrastructure, and the risks we face today are unlike any we’ve seen before. Cyberattacks have the potential to cause widespread disruptions with far-reaching consequences.”
Power Sector Under Siege: A Global and Domestic Challenge
The launch of CSIRT-Power comes at a time when cyberattacks on power grids and infrastructure are becoming increasingly sophisticated, posing severe risks to national security and public welfare. Globally, the power sector has been a primary target for cybercriminals and state-sponsored hackers alike.
In 2015, Ukraine’s power grid was attacked in what is widely regarded as the first known successful cyberattack on a nation’s electricity infrastructure. The incident caused widespread blackouts, affecting hundreds of thousands of people. Similar attacks have been observed in the U.S., where foreign actors have attempted to breach the power grid through sophisticated malware designed to sabotage operational systems.
Closer to home, India has also faced growing threats. In 2020, a suspected cyberattack targeted Mumbai’s power grid, plunging the city into darkness for hours. Reports indicated that malware linked to foreign threat actors had infiltrated the grid’s control centers, highlighting the vulnerabilities in India’s critical infrastructure.
These incidents underscore the urgent need for specialized cybersecurity defenses within the power sector, both globally and domestically. With the digital transformation of the power industry accelerating, the attack surface for cyber adversaries has expanded, exposing systems to new and evolving threats.
CSIRT-Power: India’s Digital Fortress
CSIRT-Power is more than just a facility—it’s a fortress designed to defend India’s power infrastructure from the ever-evolving landscape of cyber threats. Equipped with cutting-edge tools, advanced infrastructure, and a dedicated team of cybersecurity experts, the facility is well-prepared to respond to potential cyberattacks.
“CSIRT-Power is a proactive response to the cybersecurity challenges we face today. It’s built to withstand and respond to threats before they can disrupt our power systems. The facility’s advanced capabilities will play a pivotal role in safeguarding our nation’s energy backbone,” said Shri Manohar Lal.
The creation of CSIRT-Power is part of the government’s 100-day initiative, following the National Cyber Security Policy 2013 and working in collaboration with CERT-In (Indian Computer Emergency Response Team). Its core mission is to build and enhance the cybersecurity resilience of the Indian power sector, ensuring a structured and coordinated approach to tackling cyber threats.
Objectives and Vision for CSIRT-Power
CSIRT-Power has a comprehensive set of objectives aimed at fortifying the sector’s cybersecurity posture.
Key goals include:
Incident Response and Prevention: Serving as the central agency for responding to and preventing cybersecurity incidents in the power sector.
Proactive Threat Mitigation: Collecting, analyzing, and sharing sector-specific cyber threat intelligence to preempt potential attacks.
Coordination and Collaboration: Establishing a prompt and coordinated response framework for cyber threats, in collaboration with key stakeholders in the sector.
Capacity Building: Enhancing sector-specific cybersecurity expertise through training programs, incident response drills, and the development of standards and security policies.
Promoting Best Practices: Encouraging the implementation of standard operating procedures (SOPs) and best practices to ensure continuous improvements in cybersecurity readiness.
The facility will also focus on capacity building, developing industry-specific standards, and collaborating with educational institutions to promote a skilled cybersecurity workforce. This initiative will foster cooperation among power sector stakeholders to strengthen collective defenses against potential cyberattacks.
A Global Model for Cybersecurity in the Power Sector
CSIRT-Power is not only designed to serve as India’s digital shield but also aims to become a model for cybersecurity efforts in the global power sector. As cyberattacks on critical infrastructure rise globally, the establishment of specialized response teams like CSIRT-Power is seen as an essential move to prevent catastrophic disruptions.
Globally, nations are increasingly prioritizing cybersecurity in their energy sectors. The U.S. has implemented the Electricity Subsector Coordinating Council (ESCC), which works with government agencies to identify and mitigate threats to the grid. Similarly, in Europe, the European Union Agency for Cybersecurity (ENISA) has launched initiatives to fortify the continent’s energy networks against digital threats.
India’s CSIRT-Power is poised to join these international efforts, setting a benchmark for the proactive defense of critical infrastructure.
As cyberattacks become more frequent and sophisticated, initiatives like CSIRT-Power will play an indispensable role in maintaining the resilience and reliability of the nation’s power grid, ensuring that India’s lights remain on in the face of evolving cyber threats.