Latest news with #Supervisory
Indian Express
17 hours ago
- Business
- Indian Express
India's wind sector must innovate and secure, not just scale
Amid heightened Indo-Pak tensions, a Pakistani outlet claimed cyberattacks had knocked out 70 per cent of India's electricity. The false report exposed a very real anxiety: What happens when energy infrastructure becomes a frontline in cyber warfare? For years, the renewable energy sector has diligently optimised turbine efficiency, improved grid integration and focused on speedy deployment. These remain essential. However, an equally pressing threat looms quietly in the background: Cybersecurity and the pace of maximum value addition and localisation in manufacturing. Unlike finance or defence sectors, where digital safeguards have long been entrenched, robust cybersecurity measures are only now being introduced into India's renewable energy framework. And it's about time. A compromised SCADA (Supervisory Control and Data Acquisition) system or remote-access breach could disable a wind farm — or multiple sites — in mere seconds. As India pushes towards achieving 500 GW of non-fossil-based electric installed capacity by 2030, including an ambitious target of over 100 GW from wind, the true challenge goes beyond just scaling up. It lies in securing what we install and how it is manufactured. The proposed amendment requires all operational wind turbine data to be stored within Indian territory. Foreign entities will no longer be allowed to remotely access or control Indian wind farms, a clear attempt to eliminate vulnerabilities to external cyber threats. More importantly, Original Equipment Manufacturers (OEMs) will be required to establish R&D facilities in India, signalling a decisive shift from passive assembly to active domestic innovation. This aligns with NITI Aayog's 2024 roadmap, emphasising localisation of both hardware and control systems. Given the various global incidents where cyberattacks have crippled energy grids, India's push for digital self-reliance isn't just necessary — it's urgent. Mandating local R&D isn't just about job creation or investment; it's about creating wind turbine technology designed for India's grid, climate, and challenges. India — not China or Europe — must become the epicentre for wind turbine innovation and manufacturing. However, strong policy intent must translate into effective execution, and here the amendment stumbles. Firstly, there is a greater need to build capacity for enforcement. Without a concrete monitoring mechanism, these rules risk becoming paper mandates. Secondly, the amendment needs to articulate India-specific design adaptation clearly. Renewable energy projects here face extreme operating conditions — temperatures exceeding 45°C, saline coastal air, monsoon deluges, and erratic grid voltages. Yet, there is no mandate for in-country prototype testing or climate-resilience validation before inclusion in the RLMMs (Revised List of Models & Manufacturers). This oversight risks importing turbines built for European conditions that buckle under India's punishing climate. Third, the policy skirts the need for embedded systems security. Today, power converters used in wind turbines and solar inverters in solar projects are effectively software-defined assets. They depend on SCADA systems, PLCs, and firmware that may be compromised — often subtly and invisibly. Without mandatory audits of software stacks and hardware backdoors, especially from OEMs in adversarial jurisdictions, India's wind and solar assets remain vulnerable. To operate in India, vendors/OEMs must obtain certification and clearance from Indian authorities and adhere to Government of India (GOI) regulations. These regulations should include provisions for force majeure situations, where vendor/OEM-supplied equipment may fail to receive support and patches, potentially leading to significant security breaches and national security risks. This ensures that even in times of geopolitical uncertainty, India's energy infrastructure remains operable, supported, and secure. Additionally, existing regulatory frameworks — like the Central Electricity Authority's temperature thresholds or the National Institute of Wind Energy's certification protocols — are treated as optional references, not core requirements. This disconnect must be addressed if we want turbines that are not just 'Made in India' but truly Engineered for India. The writer is a Partner at Dalberg Advisors, where he leads climate-related projects in Asia Pacific and globally
Time of India
07-05-2025
- General
- Time of India
Drill sees mixed response & confusion among residents
Indore: The civil defence drill conducted in Indore was largely successful, with the city coming to an almost complete standstill as planned, on Wednesday. However, presence of functioning streetlights at several locations raised concerns about the thoroughness of the drill's execution by the the clock struck 7:30 pm, the city observed a planned blackout initiated by the district administration. Vehicles halted at major intersections as traffic volunteers signalled drivers to stop. Entry points, underpasses, food deliveries, and cabs were restricted, with only emergency vehicles many residents were aware of the drill, confusion lingered among several commuters. Some, mistaking the halt for routine traffic congestion, took U-turns, while others switched off their engines and waited calmly, tuning in to the public announcements made by volunteers. "I was heading home from work. I read about the blackout in newspaper, but wasn't sure whether it would be taken seriously," said Rakesh Pipariya, a motorist halting at Vijay Nagar Square."Overall, the blackout was successful in our area. Most people complied and stopped their vehicles. A few had to be informed about the purpose of the drill, and some thought it might last much longer. We clarified their doubts," Pravesh Yadav, a female traffic constable posted at Rajwada told sirens echoed at designated time, most areas observed blackout, though a few streetlights remained on. Within minutes, a sense of collective patriotism took over the silence, with chants of "Bharat Mata ki Jai" ringing out from groups of citizens across different parts of the additional commissioner NN Pandey told TOI that of the 1,550 streetlights operated on low-tension lines, 700 panels are monitored online through the Supervisory Control And Data Acquisition (SCADA) system. "We shut down the online panels, the rest remained operational. These panels are connected to domestic supply lines in the respective areas. We managed to switch off streetlights on around 1,100 panels, including all the high masts as per the blackout planned from 7:30 pm."The power department decided to desist from cutting the supply and allowed citizens to volunteer during the prominent areas like Vijay Nagar, Rasoma, Super Corridor, MR 10, and LIG, the blackout concluded slightly earlier than planned, with traffic beginning to resume around 7:40 pm. The official conclusion of the blackout was marked by a final siren at 7:42 areas across the city observed blackout. But, in a few areas, lights of houses remained on. The elevators in highrise commercial and residential buildings were also halted with the lights off. In some areas like Tilak Nagar, MG Road, Chhawani, Bhanwarkua, and others, the siren sound was not heard. As the blackout began at 7:30 pm, many residents unaware of the drill thought it was a terror attack. "I was at the swimming pool during the blackout, most people were unaware of the drill and I had to explain to them about it. Many were believing in fake social media messages regarding terror attacks happening in the city during the blackout," said Dr Toshi Shrivastava, a resident of Tilak also raised awareness through meetings and campaigns, aided by 38 corporate volunteers, across malls and business hubs in the city.
Techday NZ
29-04-2025
- Techday NZ
Iberian blackout raises fears of growing cyber-attack risks
The recent widespread blackout affecting Spain and Portugal has sparked discussion over whether a cyber-attack could have been responsible, despite initial reports pointing to a technical fault. Large areas of both countries were left without electricity, disrupting transportation, communications, and daily routines. The power failure started when a key international power line was disconnected, causing cascading disturbances across regional energy grids. This blackout, which persisted for hours in certain regions, was traced to a fault in the high-voltage transmission network managed by Spain's Red Eléctrica de España (REE). Speculation about the possibility of a cyberattack arose swiftly after the incident, driven in part by recent high-profile cyber incidents globally. Early reports cited a 'rare atmospheric phenomenon' as a likely cause, but suspicions of malicious activity persisted, underscoring the heightened concern surrounding cyber threats to critical infrastructure. Comparisons were drawn with previous cyberattacks, such as the Colonial Pipelines ransomware incident in the United States in 2021. Nevertheless, both REE and Portugal's grid operator Redes Energéticas Nacionais (REN) ruled out signs of unauthorised access after reviewing SCADA (Supervisory Control and Data Acquisition) logs, telemetry, and firewall data. Despite these assertions, the cause remains under investigation by Spain's National Cybersecurity Institute, and a cyberattack has yet to be definitively discounted by all parties. Certain factors led to the initial suspicion of a cyber-attack. These included simultaneous failures at multiple points, which was reminiscent of coordinated cyber-induced grid events observed in Ukraine in 2015 and 2016. Moreover, the collapse of mobile and internet services, coinciding with the blackout—and the failure of some backup systems—encouraged further speculation. The situation unfolded during a period of elevated cybersecurity alertness in Europe, amid ongoing geopolitical tension. The absence of immediate, clear communication from grid operators allowed conjecture to fill the resulting information gap. Specops Software explored these questions, highlighting the broader context in which such concerns arise. Their analysis stated, "The suspicion around malicious activity shows how wary people around the globe are of cyber-attacks and the devastating impacts they could have." "Nation-state actors often probe or attack energy grids to gain leverage in broader conflicts. Disabling power generation or transmission can undermine civilian morale, disrupt military logistics, and signal coercive intent without immediate kinetic engagement." n the Russo-Ukrainian context, the 2015–16 attacks on Ukraine's grid by the Sandworm group demonstrated how precision outages (tripping substations via malware like BlackEnergy) can be used as a tool of statecraft." the analysis also outlined the motivations that hackers may have for targeting a national energy grid, noting. Financial motives are also a consideration, as highlighted in the analysis: "Financially motivated cybercriminals view energy companies (often large, highly automated, and reliant on digital controls) as lucrative ransomware targets. Encrypting SCADA backups or operator workstations can halt operations swiftly, pressuring victims to pay ransoms to restore power. Groups like BlackCat/ALPHV and LockBit 3.0 have increasingly targeted energy and critical-infrastructure firms." Beyond immediate disruptions, adversaries may use access to grid networks to understand the control system's architecture, harvest valuable data, or develop custom malware. The blog noted, "The Chinese group RedEcho have been accused of infiltrating India's power grids in recent years." Security specialists look for several indicators to determine if a power grid outage may be the work of cyber attackers. According to Specops Software, these include unexplained network reconnaissance, unauthorised access attempts, anomalous commands within control systems, discrepancies between physical measurements and logged data, the discovery of malware, and disruptions in monitoring and alerting systems. They noted, "Coordinated multi-vector anomalies—simultaneous disruptions in power and ICT (telecom networks, NMS servers) that outpace what one physical fault could explain," are a particular cause for concern. Passwords and credential management routinely contribute to the vulnerability of both IT and operational networks. Specops Software highlighted, "Weak or default passwords are one of the simplest and most common footholds an attacker can use to break into both IT and OT (SCADA/ICS) environments in a power-grid operator." They explained how remote access points protected by weak credentials, reused passwords, or insufficient multi-factor authentication can provide an entry route for attackers. The risk is multiplied if such vulnerabilities exist across both office and control-system environments, as happened during Ukraine's blackout in 2015. The incident in the Iberian Peninsula is still being examined, but the debate it triggered reflects a growing awareness of the risks facing critical infrastructure operators worldwide. Specops Software commented, "Ultimately, the Iberian blackout served as a powerful reminder of the potential risks of infrastructure being targeted by a cyber-attack. In the midst of a sudden grid collapse, it was all too easy to leap to the cyber-attack hypothesis, fueled by recent headlines and geopolitical anxiety. Even if the true cause was natural phenomena as the current evidence points to, the very real threat of a targeted intrusion demands vigilance." The analysis concluded, "Operators must treat every incident as an opportunity to harden their defenses, from enforcing airtight password policies and multifactor authentication to rigorous network segmentation and 24/7 anomaly monitoring. If nothing else, this episode underscores that preparation (not panic) is the best antidote to both technical failures and malicious assaults."
Express Tribune
09-03-2025
- Politics
- Express Tribune
CM orders oversight for maintenance
In a significant move to ensure transparency, accountability, and quality in the use of development funds, Khyber-Pakhtunkhwa Chief Minister Ali Amin Gandapur has ordered the formulation of a regulatory framework for the effective oversight of maintenance and repair (M&R) projects. The Chief Minister's Secretariat, through an official letter, has formally communicated this directive to the Chief Secretary, instructing the formulation of a robust mechanism to regulate the allocation and utilization of funds earmarked for the upkeep of roads, government buildings, irrigation canals, water supply schemes, and power transformers. According to the letter, the absence of a structured regulatory framework has led to inefficiencies, unnecessary expenditure of public funds, delays, and substandard work in M&R projects. To address these concerns, a comprehensive and integrated system for better management and accountability is required. It has further been communicated that the proposed regulatory framework should comprise District Supervisory Committees across all districts, headed by the respective Deputy Commissioners, and having membership of district heads of relevant departments, representatives from civil society, and officials from the Planning Department. Their primary responsibilities will include identifying and prioritizing M&R projects based on regional needs, public interest, and cost-effectiveness. Once projects are identified, they will be submitted to the relevant departments for final approval through departmental scrutiny committees. These committees will then formally communicate the approval to the District Supervisory Committees. The District Supervisory Committees will also be responsible for the effective monitoring of M&R projects, ensuring quality standards are met. To enhance transparency, an annual report detailing all M&R projectsincluding costs, pre and post photographic evidence, GPS coordinates, and other specifics will be submitted by the DSCs. Additionally, in case of emergencies, these committees will submit special reports to relevant authorities for immediate response and decision-making. Urgent maintenance work, including snow clearance from link roads, will be carried out based on their recommendations. Periodic meetings will also be held to review ongoing projects, with recommendations for improvements as needed. All the concerned quarters have been directed in the letter to immediately implement these directives of the CM in letter and spirit at all levels of governance. It may be mentioned here that last week, K-P became the first province in Pakistan to introduce a Bridge Design Code. This initiative aims to set minimum standards for the construction, repair, and design of bridges, aligning them with internationally recognized engineering principles. The CM has approved the implementation of this code across the province, ensuring that future bridge construction adheres to these newly established standards.
