Last October, smack within the middle of The Mumbai Multimedia Studio's IIIrd anniversary celebrations (and well into our remote-working jaunt), our correspondent disappeared for over five hours. It took us ages to work out that they hadn't just upped and left. Most of the town had had an unprecedented—and unexplained—power outage.
The Indian government attributed the outage to human error, a glitch within the operations. "The way the system is meant, one must physically pull down a lever," That wasn't the complete story, though. The team should pull that lever if specific markers within the power utilities' operating systems give out red alerts. that is what likely happened in Mumbai.
But how did those markers get triggered? By malware, of course. Specifically, embedded malware and software back doors that might have granted access to hackers and other unsavoury elements. Or through unpatched internet-connected and air-gapped equipment that power utilities often use.
So far, not much has been done to handle this. In fact, cybersecurity at Indian power utilities is notoriously abysmal, There are roughly 300 power utilities, large and little, from both the country's public and personal sectors. And between 2017 and 2020, the quantity of Indian electricity utilities certified annually ranged between 0 and 1.
This was also the time that border conflicts erupted between India and China, giving officials within the Ministry of Power sleepless nights—Chinese equipment is near-ubiquitous among Indian power companies. "The ministry feared that if there have been trojans embedded within the equipment within the grid, China might activate them at an opportune time," said a political representative who's worked closely with the ministry. In fact, in May last year, US authorities seized a large transformer imported from China right when it got wind of the Houston port and took it to a lab to check for threats.
Naturally, the Indian government decided it had been time for a few action. And so, for the primary time ever, a year after the Mumbai outage, it issued extensive cybersecurity guidelines for the ability sector.
But that’s still only the primary step. The rest, unfortunately, depends on the implementation of said guidelines. and that is a livewire if there ever was one. VFX Studio (http://www.multimediastudio.net)