New Delhi: Four of India’s five regional load despatch centres (RLDCs), which help oversee the country’ critical electricity load management functions, have witnessed cyberattacks, as per information provided by the Union government.

This comes in the backdrop of Red Echo, a hacker group affiliated to the Chinese government, repeatedly targeting India’s power grid earlier this year. Also, there have been reports of targeted intrusion activities directed at the country's transport sector.

In a response to a question in Rajya Sabha on Tuesday, union power and new and renewable minister Raj Kumar Singh said, "Some unsuccessful cyber attempts were reported from various agencies in the recent past. On receipt of such information immediate measures are taken for isolation and other compliance measures by the respective organisation."

“For instance, cyber incidents have been reported at Southern Regional Load Despatch Centre (SRLDC), Western Regional Load Despatch Centre (WRLDC), Northern Regional Load Despatch Centre (NRLDC) and North Eastern Regional Load Despatch Centre (NERLDC) of Power System Operation Corporation (POSOCO), NTPC Kudgi and Telangana State Transco. Necessary isolation and other protective measures have been taken by these organizations," Singh added in his response.

It is the state-run Posoco that oversees the grid through the National Load Dispatch Centre (NLDC), the five RLDCs and 34 state load despatch centres (SLDCs). The grid is under constant attack, with at least 30 such events recorded daily, as reported by Mint earlier. A majority of the attacks originate from China, Singapore, Russia and the Commonwealth of Independent States (CIS) countries.

The Red Echo campaign could have caused widespread blackouts. However, the Chinese hackers failed to break into the systems, and no data breach was detected, according to an earlier statement from power ministry.

“An incident of power outage had occurred in Mumbai, Maharashtra on 12 October, 2020. As per the direction of Ministry of Power, a committee was formed to conduct a fact finding exercise on the cyber sabotage angle. As per the report of the committee, no conclusive evidence was observed to attribute the Mumbai Grid incident of 12.10.2020 to a cyber-attack," Singh said in his response on Tuesday.

A report published in The New York Times earlier this year linked last year’s grid failure in Mumbai to Chinese cyberattacks. China on its part has refuted the allegation as “rumours and slander".

The Indian Computer Emergency Response Team (CERT-In) that coordinates efforts on cybersecurity issues, issued an alert on 19 November 2020 on the threat of a malware called Shadow Pad at some control centres of Posoco. The National Critical Information Infrastructure Protection Centre (NCIIPC), which oversees India’s cybersecurity operations in critical sectors, sounded an alert on 12 February this year about Red Echo targeting RLDCs and SLDCs.

“NCIIPC informed through a mail dated 12 February 2021 about the threat by Red Echo through a malware called Shadow Pad. It stated that: ‘Chinese state-sponsored threat actor group known as Red Echo is targeting Indian power sector’s Regional Load Dispatch Centres (RLDCs) along with State Load Dispatch Centres (SLDCs)’," according to a 1 March Union power ministry statement.

The Union power ministry on its part has set-up six Computer Emergency Response Teams (CERTs) for grid operation , thermal, hydropower, electricity distribution, transmission and renewable energy. India also has a National Cyber Coordination Centre (NCCC).

Post the attack, a massive training exercise is also underway.

“There are training exercises happening. We are seized of the issue and capable of thwarting any such attempts," said a senior government official aware of such attacks requesting anonymity.

Some high- profile cyberattacks on India's power sector include the ones at state-run Nuclear Power Corp. of India Ltd’s Kudankulam Nuclear Power Plant, THDC Ltd’s Tehri dam, West Bengal State Electricity Distribution Co. Ltd, and at Rajasthan and Haryana DISCOMS. NCIIPC has also reported several vulnerabilities in the power utilities of the states.

“The mission critical nature of LDC (load despatch centre) operations calls for robust infrastructure security, access control, cyber security systems, fire- fighting systems, disaster resilience and redundancy of auxiliary power supply in the form of dual independent sources of AC supply, UPS and back up diesel generator sets," said a Forum of Regulators report.