India’s largest Integrated power company hacked – Weekend attack trend continues

What do we know so far? So on Friday, one of India’s largest integrated power company TATA power confirmed that it encountered a cyber attack. The attack has impacted some of the IT infrastructure but the critical infrastructure seems to be intact. The news was relayed to the National Stock Exchange (NSE India). As per the notification sent to the stock exchange, it is evident that the damage control is in place and steps are being taken to restore the affected machines, adding in place security guardrails for customer-facing portals to prevent unauthorized access. There weren’t many details that were shared as part of the breach. Check the details of the cyber attack in this article.

Source: Reference

A brief about TATA power – The company generates, transmits and retails power in the South Asian nation and aims to double the share of clean energy in its portfolio to 60% in five years from about a third now, with a target to become net zero by 2045. It claims to have an installed and managed electricity generation capacity of 13,974MW, which is the highest in the country. In the recent past, Tata Power has also shown interest in growing its business through rooftop solar and microgrids, storage solutions, solar pumps, EV charging infrastructure and home automation. The company serves more than 12 million consumers via its distributor companies. Its been slightly over a year since the Mumbai Power grids suffered a cyber attack (Link) which was allegedly attempted by a Chinese group of attackers and now this cyber attack is also pointing towards a Chinese group of state-sponsored attackers. The network intrusions were said to have been aimed at “at least seven Indian State Load Despatch Centres (SLDCs) responsible for carrying out real-time operations for grid control and electricity dispatch within these respective states. 

Some information regarding the attackers has been highlighted by Recorded Future – The attacks were attributed to an emerging threat cluster tracking under the name Threat Activity Group 38 (TAG-38). The company further assessed that the targeting is intended to facilitate information gathering related to critical infrastructure assets or is likely a precursor for future activities. China refuted the allegations that it was involved, stating “many of U.S. allies or countries with which it cooperates on cybersecurity are also victims of U.S. cyber attacks.” [Reference

It’s no surprise that the cost of a data breach has hit an all-time high in a year marked by significant increases in energy prices and global inflation. The average total cost is $4.5 million according to the 2022 IBM Data Breach Cost Report (this number was basically the same whether ransomware was involved or not). A staggering 83% of the 550 companies contacted by IBM that had experienced a data breach had also experienced multiple security breaches in the same period. According to the report, violations involving remote working increased average costs by approximately $1 million. With more advancements coming into existence, the need for cybersecurity is definitely going to be a pivotal factor that needs to be addressed at the earliest stages. In this case, with TATA’s defensive system so far, the CI hasn’t been impacted which is a relieving thing else the complications would’ve been too difficult to handle. 

Published by The Art of Cyber-Space

I am a security professional specializing in network security. With vivid experience in different industries, I am looking to explore the current cyberspace and discuss the ideology of neuroscience and neurotechnology research from a security perspective. I love exploring various blog posts and share knowledge about the current threat landscape to instill more cybersecurity awareness.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: