Govt plans to mandate cyber security measures for electricity grids

India’s electricity grid operators will have to install firewalls and other measures used by companies to avert an attack on their information technology systems and check rising hacking incidents of power networks across the world.

Grid operators and regulatory agencies will need to have a continuity plan handy in the event of a cyber attack, according to draft rules published by the Central Electricity Regulatory Commission. The move is part of an overhaul of the decade-old guidelines.

The report comes barely months after the nation’s monopoly nuclear power producer admitted its information system had been breached, underscoring the need for more action to protect critical installations. Energy networks across the world have been key targets for hackers, prodding governments to take safeguard measures.

The draft report advises central and state transmission utilities and load dispatch centers to ensure protection of sensitive data and identify reserve transmission capacities that can take over in case of a disruption apart from regular monitoring of risks. It also recommends that these bodies prioritize resources and allocate adequate workforce for online security.

To deal with malware, India protects its central power grid through multiple firewalls and has isolated it from office networks, power minister R.K. Singh told lawmakers in parliament last month. The country has been a target of cyber attacks, with 529 federal and state government websites being hacked since 2016, according to information technology minister Ravi Shankar Prasad.