L-G issues notification to fight off cyber attacks against power infra
New Delhi: In view of a potential cyber attack threat to the power system in the national Capital, L-G VK Saxena has approved a notification to declare critical information infrastructure (CII) of power utilities and associated computer resources as 'protected systems.'
The person authorised in writing by the power utilities to access these 'protected systems' will also be notified through the notification.
"This will ensure that critical power infrastructure in the city will be protected from any kind of attack or breach," said a statement from the L-G office.
In 2020 2021, cyber security monitoring agencies of the Centre had observed some cyber attack attempts aimed at disrupting the power system operations.
The Ministry of Power had on March 8, 2021, written to the chief secretaries of all states and UTs for precautionary steps.
Cyber attackers are increasingly targeting the power sector, hence taking preventive measures and mitigating threats to protect the Indian Power System needs the special attention of all power sector holders, the Ministry had then pointed out.
The notification approved by the L-G would help put into place certain checks, including information security practices and procedures, and access control.
They will ensure that the computer resources of the power utilities Delhi Transco Ltd (DTL), State Load
Dispatch Centre (SLDC), and discoms TPDDL, BRPL, and BYPL will be secured against any incapacitation or destruction, the statement said.
The computer resources of these utilities fall in the category of the 'Critical Information Infrastructure,' or
CII, the destruction or incapacitation of which, will have a debilitating impact on national security, economy, and public health, it said. The notification to be issued now will authorise persons specifically identified by these utilities and be approved by the power department of the Delhi government.
Any person who secures access or attempts to secure access to these protected computer systems, in contravention of the provisions of the laid down procedures, will be punished with imprisonment for up to 10 years and also be liable for a fine, it said.
