Why is it in news?

In the wake of the Wannacry ransomware attacks last year, the Central Electricity Authority (CEA) has warned of threats to smart grid systems in the country and an “urgent” need to develop a cyber security framework to address security needs in the country’s power sector.

Details

• The Wannacry ransomware attack in May 2017 had affected computers and systems in 150 countries, including India after which, the Ministry of Power had tasked the CEA — the apex policy advisory body in the electricity sector — with constituting a committee to discuss various issues including “cyber security issues in the power sector”.
• The CEA’s warning comes in the backdrop of a December 23, 2015 incident, when hackers successfully attacked information systems of three prominent power distribution companies in Ukraine, disrupting the electricity supply to approximately 250,000 Ukranians. A similar small-scale attack occurred in Ukraine’s capital, Kiev in December 2016 and led to a power outage for about an hour.
• A smart grid — any power network used to supply electricity to consumers via two-way digital communication — is more vulnerable to cyber attacks. Unfortunately, sophisticated cyber attacks on advanced metering infrastructures (smart grids) are a clear and present danger. The most devastating scenario involves a computer worm that traverses advanced metering infrastructures and permanently disables millions of smart meters. Hackers constantly scan cyber space to detect vulnerable systems that can be exploited to breach networks, particularly if it can lead to an opening to effect a cascading impact on a larger supporting infrastructure like the country’s power grid.
• In light of such systemic vulnerabilities, the atomic power sector – unlike the conventional power sector – has undertaken measures to thwart such attacks. According to government officials, the Indian nuclear establishment’s plant control systems and electronic systems are designed and developed in-house using “custom built hardware and software” that are subjected to regulatory verification and validation, thereby making it relatively immune to cyber security threats.
• Also, critical infrastructure of Indian nuclear establishment is isolated from the Internet
• The Department of Atomic Energy (DAE) also has specialist groups like Computer and Information Security Advisory Group (CISAG) and Task force for Instrumentation and control security (TAFICS) to look after cyber security/information security of DAE units, which includes all of the country’s 22 reactor units.
• The CEA has recommended new “testing standards” for power utilities, the creation of a “test bed” at Central Power Research Institute (CPRI), modified procurement guidelines for equipment used in power utilities and security audits of all Supervisory Control and Data Acquisition (SCADA) systems and Energy Management Systems (EMS).
• The mechanism for information sharing on cyber security incidents need to be developed. Given the vulnerabilities in the operations of the power system devices, including present practices followed, developing a multiple-threat intrusion detection system is the need of the hour.
• Unlike traditional threats to electric grid reliability, such as extreme weather, cyber threats are less predictable and therefore more difficult to anticipate and address.
• It is necessary that the country’s security establishment have complete information about the mechanism of protecting critical infrastructure like power sector, its crisis management plan and command structure and procedures to follow in case of an emergency due to cyber security threat.

About Ransomwares

• Ransomware is a type of malicious software from cryptovirology that threatens to publish the victim's data or perpetually block access to it unless a ransom is paid.
• While some simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion, in which it encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them.
• In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as Ukash and Bitcoin are used for the ransoms, making tracing and prosecuting the perpetrators difficult.
• Starting from around 2012 the use of ransomware scams has grown internationally.

Source

Indian Express