India’s national power grid is facing renewed scrutiny as major cyber-security gaps and stalled upgrade plans raise concerns over the country’s energy resilience. With the power sector moving rapidly toward digital and smart-grid technologies, experts warn that inadequate cyber defences leave the grid exposed to potentially catastrophic attacks.
Insiders confirm that several key transmission substations across the country still lack Next-Generation Firewalls (NGFWs) and other advanced protection systems. Despite a rise in cyber threats globally — many of them targeting critical infrastructure — these vulnerabilities remain unresolved, prompting alarm among security agencies.
A major cyber-security tender floated by Power Grid Corporation earlier this year, aimed at strengthening the grid’s defences, was cancelled in August. Sources indicate that a company allegedly backed by certain officials failed to meet eligibility requirements, leading to pressure for the tender’s withdrawal. The cancellation has raised questions about the corporation’s preparedness during a time when global grids are frequently targeted by sophisticated cyber actors.
The matter has now reached Parliament. An unstarred question scheduled for response on December 9 seeks detailed clarification from the Union Power Minister on substations identified as cyber-security weak points, facilities requiring urgent intervention, whether a comprehensive audit has been conducted within the past year and the roadmap for upgrades following the cancelled tender. MPs have also asked whether any national agency is assisting in real-time grid monitoring.
Cyber-security specialists warn that the power grid remains a high-value target for adversaries. They caution that a single breach could trigger widespread outages affecting homes, industries and essential services. Given the surge in State-sponsored cyber-attacks worldwide, experts say India cannot afford delays in strengthening its power infrastructure.
Analysts argue that urgent central intervention is required to break the current impasse. They recommend immediate installation of multi-layer cyber defences, expedited security audits and strict compliance with global standards such as NERC-CIP and ISO 27001. Without decisive action, they warn, the national grid remains dangerously exposed at a time of escalating cyber risk.
