Tata Power Company Limited, India’s largest integrated power
company, on Friday confirmed it was targeted by a cyberattack.
The intrusion on IT infrastructure impacted “some of its IT
systems,” the company said[1]
in a filing with the National Stock Exchange (NSE) of India.
It further said it has taken steps to retrieve and restore the
affected machines, adding it put in place security guardrails for
customer-facing portals to prevent unauthorized access.
The Mumbai-based electric utility company, part of the Tata
Group conglomerate, did not disclose any further details about the
nature of the attack, or when it took place.
That said, cybersecurity firm Recorded Future in April disclosed[2]
attacks mounted by China-linked adversaries targeting Indian power
grid organizations.
The network intrusions are said to have been aimed at “at least
seven Indian State Load Despatch Centres (SLDCs) responsible for
carrying out real-time operations for grid control and electricity
dispatch within these respective states.”
The attacks were attributed to an emerging threat cluster
Recorded Future is tracking under the name Threat Activity Group 38
(TAG-38).
The company further assessed that the targeting is intended to
facilitate information gathering related to critical infrastructure
assets or is likely a precursor for future activities.
China refuted the allegations that it was involved, stating
“many of U.S. allies or countries with which it cooperates on
cybersecurity are also victims of U.S. cyberattacks.”
Read more https://thehackernews.com/2022/10/indian-energy-company-tata-powers-it.html