What do we know so far? So on Friday, one of India’s largest integrated power company TATA power confirmed that it encountered a cyber attack. The attack has impacted some of the IT infrastructure but the critical infrastructure seems to be intact. The news was relayed to the National Stock Exchange (NSE India). As per the notification sent to the stock exchange, it is evident that the damage control is in place and steps are being taken to restore the affected machines, adding in place security guardrails for customer-facing portals to prevent unauthorized access. There weren’t many details that were shared as part of the breach. Check the details of the cyber attack in this article.
A brief about TATA power – The company generates, transmits and retails power in the South Asian nation and aims to double the share of clean energy in its portfolio to 60% in five years from about a third now, with a target to become net zero by 2045. It claims to have an installed and managed electricity generation capacity of 13,974MW, which is the highest in the country. In the recent past, Tata Power has also shown interest in growing its business through rooftop solar and microgrids, storage solutions, solar pumps, EV charging infrastructure and home automation. The company serves more than 12 million consumers via its distributor companies. Its been slightly over a year since the Mumbai Power grids suffered a cyber attack (Link) which was allegedly attempted by a Chinese group of attackers and now this cyber attack is also pointing towards a Chinese group of state-sponsored attackers. The network intrusions were said to have been aimed at “at least seven Indian State Load Despatch Centres (SLDCs) responsible for carrying out real-time operations for grid control and electricity dispatch within these respective states.
Some information regarding the attackers has been highlighted by Recorded Future – The attacks were attributed to an emerging threat cluster tracking under the name Threat Activity Group 38 (TAG-38). The company further assessed that the targeting is intended to facilitate information gathering related to critical infrastructure assets or is likely a precursor for future activities. China refuted the allegations that it was involved, stating “many of U.S. allies or countries with which it cooperates on cybersecurity are also victims of U.S. cyber attacks.” [Reference]
It’s no surprise that the cost of a data breach has hit an all-time high in a year marked by significant increases in energy prices and global inflation. The average total cost is $4.5 million according to the 2022 IBM Data Breach Cost Report (this number was basically the same whether ransomware was involved or not). A staggering 83% of the 550 companies contacted by IBM that had experienced a data breach had also experienced multiple security breaches in the same period. According to the report, violations involving remote working increased average costs by approximately $1 million. With more advancements coming into existence, the need for cybersecurity is definitely going to be a pivotal factor that needs to be addressed at the earliest stages. In this case, with TATA’s defensive system so far, the CI hasn’t been impacted which is a relieving thing else the complications would’ve been too difficult to handle.
The Art Of Cyber-Space 
