By: Ravie Lakshmanan
Tata Power Company Limited, India’s largest integrated power company, on Friday confirmed it was targeted by a cyberattack.
The intrusion on IT infrastructure impacted “some of its IT systems,” the company said in a filing with the National Stock Exchange (NSE) of India.
It further said it has taken steps to retrieve and restore the affected machines, adding it put in place security guardrails for customer-facing portals to prevent unauthorized access.
The Mumbai-based electric utility company, part of the Tata Group conglomerate, did not disclose any further details about the nature of the attack, or when it took place.
That said, cybersecurity firm Recorded Future in April disclosed attacks mounted by China-linked adversaries targeting Indian power grid organizations.
The network intrusions are said to have been aimed at “at least seven Indian State Load Despatch Centres (SLDCs) responsible for carrying out real-time operations for grid control and electricity dispatch within these respective states.”
The attacks were attributed to an emerging threat cluster Recorded Future is tracking under the name Threat Activity Group 38 (TAG-38).
The company further assessed that the targeting is intended to facilitate information gathering related to critical infrastructure assets or is likely a precursor for future activities.
China refuted the allegations that it was involved, stating “many of U.S. allies or countries with which it cooperates on cybersecurity are also victims of U.S. cyberattacks.”