Foreign power equipment: Should the domestic industry lobby be worried on grid security?
New Delhi: The domestic power industry lobby has once again raised concerns over the use of Chinese gear in the Indian powergrid projects and electrical power systems. The increasing use of Chinese products and technology is a serious concern at a time when the transe Oil and Natural Gas Corporation (ONGC). istribution infrastructure is becoming increasingly intelligent but more vulnerable too, the lobby claims.
In a recent letter to the power ministry, New Delhi-based Indian Electrical and Electronics Manufacturers Association (IEEMA) highlighted what it calls a “security threat” to critical power infrastructure with increased use of foreign automation and communication systems being introduced for operation and management of the electricity grid.
“Malware and spyware in these communicable devices can be activated any time even by remote. In the connected systems, intelligent equipment talk to each other and exchange data and information making the system more efficient, but at the same time increasing the vulnerability, if exposed to suspect individuals, companies and nations which may use such access to their advantage,” IEEMA said.
This is not the first time the domestic industry has raised the issue. The industry has a long history of flagging such concerns – over issues ranging from low cost and cheap quality to spyware now. The imported equipment may come with spyware with the potential to damage or cause failure or collapse of the entire power grid, the industry body says. These concerns surface on the background of the massive grid collapse faced by India in June 2012. The blackout had reportedly impacted nearly a third of the entire population. The government had later clarified the grid collapse was caused by supply and demand imbalances in the constituent regional grids and was not a result of any cyber attack.
So, how do IT systems make a power grid vulnerable? Is the Indian grid infrastructure technologically equipped to counter cyber attacks? And, most importantly, how justified are the industry’s concerns?
THE NATURE OF THE THREAT
The concerns stem largely from the notion of geo-political rivalry between the two nations (India and China), says Sameer Patil, Director, Centre for International Security at “Gateway House: Indian Council on Global Relations”, a foreign policy think tank based in Mumbai. “We have border disputes with China. We have issues with the kind of cooperation they have with Pakistan and their activities in the Indian Ocean. So, it is always a possibility that they will bring that rivalry in the cyber domain,” Patil told ETEnergyWorld.
Chinese firms are long known for supplying a large chunk of the Indian power generation equipment — including boilers, turbines and generators – and are mostly active at the Engineering, Procurement and Construction (EPC) level. Also, in the last two years, a few power utilities in states including Rajasthan, Madhya Pradesh, Tamil Nadu, Odisha and Puducherry have awarded projects for implementation of Supervisory Control and Data Acquisition (SCADA) systems of 20 towns to a large Chinese firm.
Chinese state-owned China Southern Power Grid International (HK Company Ltd) had in January submitted a proposal to build, own and operate power transmission networks in a consortium with CLP India Pvt Ltd. This was in response to bids called for three projects including transmission system for an ultra-mega solar park in Jaisalmer and two inter-regional transmission corridors.
In the generation segment, of the total thermal capacity of 48,540 Megawatt commissioned in 11th Plan period (2007-12), main plant equipment for 18,187 Mw was supplied by Chinese manufacturers. During the 12th Plan, too, main plant equipment for 18,770 Mw of the total thermal capacity addition of 46,563 Mw was supplied by Chinese manufacturers. “Out of total thermal capacity of about 87,837 Mw under construction, main plant equipment for about 30,275 MW are being supplied by Chinese manufacturers,” Power minister Piyush Goyal had said in a written reply to a question in parliament last month.
The huge presence of Chinese equipment and technology comes at a time the government is focussing on increasing the use of smart grids which use information technology to optimize power use and make the systems more efficient. A US network security company FireEye had last year released information identifying an ‘almost certainly’ Chinese group had attacked websites of more than 70 institutions in India in recent years using a script called “water main”.
HOW DAMAGING COULD BE AN ATTACK ON THE GRID?
Among the popular instances of attack on industrial control systems is the one caused by computer worm Stuxnet that attacked the cyberspace in 2010. Of the many countries infected, India had the third-highest damages. According to media reports, of the 10,000 infected Indian computers at the time, 15 were located at what are called ‘critical infrastructure’ facilities. These included the Gujarat andups at Power Grid Corporation of India Ltd and P
“This investigation actually resulted in the eye-opening revelation that India’s industrial control systems are susceptible like that of any other nation. It was indeed a matter of grave concern that the only known and documented attempt to compromise SCADA systems at a widespread scale had a substantial impact on India, including the organizations manning the utilities like power, hydroelectric and gas, etc,” cyber intelligence specialist Pukhraj Singh writes in a note.
According to Sameer Patil, such attacks have the potential to damage or disrupt power equipment and shut down critical power grid systems which, in turn, could affect industries and lead to mass power outage.
India is not the only nation dealing with concerns over cyber security of the national grid — countries around the world have faced such threats. Australia had blocked a $7.5 billion deal a few months back to lease its biggest electricity grid to Chinese and Hong Kong investors citing “national security” concerns.
China’s State Grid Corp and Hong Kong’s Cheung Kong Infrastructure Holdings were attempting to acquire a 50.4 percent controlling stake in Ausgrid, the electricity distribution network for New South Wales.
The head of the US National Security Agency (NSA) had last year said US is vulnerable to cyber attacks from China and other countries capable of shutting down the power grid and disable vital infrastructure. Similarly, in what was believed to be the first-ever cyber attack to result in a power outage, hackers brought down power supply to thousands of homes in Ukraine in 2015. The county’s energy minister had said it was investigating a ‘suspected’ cyber attack on the power grid that affected several regional power companies.
Later, in 2016, a top security expert – Robert M Lee, CEO of cyber security company Dragos Inc — had said the cyber attack on Ukraine’s energy grid could be replicated in the UK. He was referring to the government’s plan to allow China to have a major stake in the Hinkley Point nuclear power plant.
WHAT IS BEING DONE & THE WAY FORWARD
According to Patil, the Stuxnet worm episode led to a rise in the general awareness in the country about cyber threats. An email sent to the power ministry seeking response remained unanswered. Power minister Piyush Goyal had recently said in a written reply in Lok Sabha systems are already in place for protecting the power grids in the country from cyber attacks. “Rule 8(2) of the Information Technology (reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 framed under clause 87(2)(ob) of the Information Technology Act, 2000, mandate compliance to Information Security Management System,” he said.
Goyal also informed critical setups at Power Grid Corporation of India Ltd and POSOCO have been certified for Information Security Management System Standard. Ministry of Power has also constituted CERT-Thermal, CERT-Hydro and CERT-Transmission (Computer Emergency Response Teams) with nodal agencies as NTPC, NHPC and PGCIL respectively, to safeguard against cyber attacks.
Experts say countries must desist from singling out China as he source of the problem and focus on ramping up their defence efforts against threats undermining energy infrastructure. “It is not right to blame it alone on China as anyone could introduce a malware into a smart grid and hack the system, thereby, crashing the grid. The country needs to focus more on its research and development efforts and make itself efficient enough to fight such attacks,” said Reji Kumar Pillai, a well-known powergrid expert and the President of India Smart Grid Forum.
Pukhraj Singh, quoted above, also agrees with this view and asserts that a malware does not have any specific nationality or any face.
“Right now we are being attacked from all sides. It is just not the Chinese which bring in some sort of vulnerability. Most of the foreign cyber security products are either compromised or the companies have been co-opted by an intelligence agency. Over the last decade, there has been a lot of chatter about Chinese hardware and software coming in India. But incidentally, till date, no one has actually found a backdoor,” he said. Singh had spearheaded a team of experts to prepare a report for the government post the Stuxnet worm attack.