Indian Company TATA Power's breach by cyber-attack group of china, Confirmed by Tata.

Tata Power, a leading power generation company in India, has confirmed it was hit by a cyberattack.

"Tata Power cyberattack impacted IT systems; bill payment portal down for a week" by

After that, the minister of India "Power Minister stresses on policy action, cybersecurity of national grid"

In a brief statement released on Friday, the Mumbai-based company said that the attack impacted some of its IT systems.

“The company has taken steps to retrieve and restore the systems. All critical operational systems are functioning; however, as a measure of abundant precaution, restricted access and preventive checks have been put in place for employee and customer-facing portals and touchpoints,” it said in its filing (PDF) with local stock exchanges.

Tata Power did not share any further specifics on the matter. The PR representative refused to answer questions related to the nature of the attack and its impact on the organization and declined to say whether any data was stolen. “As stated in the Statement, the Company has taken steps to retrieve and restore the systems. All critical operational systems are functioning,” the representative said.

The company generates, transmits, and retails power in the South Asian nation and aims to double the share of clean energy in its portfolio to 60% in five years from about a third now, with a target to become net zero by 2045. It claims to have an installed and managed electricity generation capacity of 13,974MW, which is the highest in the country.

In the recent past, Tata Power has also shown interest in growing its business through rooftop solar and microgrids, storage solutions, solar pumps, EV charging infrastructure, and home automation. The company serves more than 12 million consumers via its distributor companies.

The Indian government has highlighted the cybersecurity of the country’s nationwide electricity network as a challenge in its public statements. A report by U.S.-based cybersecurity company Recorded Future in April alleged that Chinese state-sponsored hackers had targeted the Indian power sector in a long-term project. According to a media report, the Ministry of External Affairs of India spokesperson Arindam Bagchi responded to that report and said the country had not raised this issue with China. China’s foreign ministry spokesperson Zhao Lijian reportedly refuted the allegation.

It further said it has taken steps to retrieve and restore the affected machines, adding it put in place security guardrails for customer-facing portals to prevent unauthorized access.

The Mumbai-based electric utility company, part of the Tata Group conglomerate, did not disclose any further details about the nature of the attack, or when it took place.

That said, cybersecurity firm Recorded Future in April disclosed attacks mounted by China-linked adversaries targeting Indian power grid organizations.

The network intrusions were said to have been aimed at "at least seven Indian State Load Dispatch Centers (SLDCs) responsible for carrying out real-time operations for grid control and electricity dispatch within these respective states."

The attacks were attributed to an emerging threat cluster Recorded Future is tracking under the name Threat Activity Group 38 (TAG-38).

The company further assessed that the targeting is intended to facilitate information gathering related to critical infrastructure assets or is likely a precursor for future activities.

China refuted the allegations that it was involved, stating that "many of U.S. allies or countries with which it cooperates on cybersecurity are also victims of U.S. cyber attacks."

We are sure that additional details will come out in the days ahead as Tata isn’t a tiny company and parties will usually filter out sooner or later. Watch this space for details.

Reference: CyberTalos, ,, 

Created By:

Sign in to leave a comment