Official Website of Pashchimanchal Vidyut Vitran Nigam Limited, Government of India

Cyber Security Corner

Do Use Strong, Unique Passwords: Create complex passwords (12+ characters, mix of letters, numbers, and special characters).
Do Enable Multi-Factor Authentication (MFA): Add an extra layer of security to your accounts.
Do Keep Your Software and Systems Updated: Install regular updates to fix security vulnerabilities.
Do Use Antivirus and Anti-Malware Software: Regularly update antivirus software to detect and block malware.
Do Report Suspicious Activity: Immediately report any unusual activities to IT or cybersecurity teams.
Do Use a VPN (Virtual Private Network) When on Public Wi-Fi: Encrypt your connection when on public networks.
Do Encrypt Sensitive Data: Use encryption for sensitive data storage and transmission.
Do Lock Your Device: Use a password, PIN, or biometric authentication to lock devices.
Do Regularly Back Up Important Data: Backup data to secure, encrypted locations to prevent loss.
Do Be Cautious with External Devices (USBs, External Hard Drives, etc.): Scan external devices for malware before use.

Don’t Click on Suspicious Links or Attachments: Avoid clicking links or opening attachments in unsolicited emails.
Don’t Reuse Passwords: Don’t reuse passwords across different accounts.
Don’t Share Sensitive Information via Email or Text Message: Never send passwords or sensitive information without encryption.
Don’t Ignore Software Updates: Delaying updates can leave you exposed to new security threats.
Don’t Use Weak Passwords: Avoid easily guessable passwords (e.g., “password123” or your birthdate).
Don’t Trust Pop-up Alerts: Don’t click on suspicious pop-ups that ask for personal or financial info.
Don’t Leave Devices Unattended: Always lock your devices when not in use to prevent unauthorized access.
Don’t Access Work Systems from Untrusted Devices: Never use public or untrusted devices to access work systems.
Don’t Open Unknown or Unsolicited Emails: Don’t open emails from unknown senders or unfamiliar subjects.
Don’t Over-share on Social Media: Be cautious of personal information shared online that could be exploited.

General Cyber Security Don’t View/Download

Best Practices Do View/Download

Frequently Asked Questions (User - Department)

What is phishing and how can I recognize it ?

Phishing is a type of cyberattack where attackers impersonate legitimate organizations or individuals to trick you into providing sensitive information (e.g., passwords, bank details). Be cautious of unsolicited emails or messages that contain suspicious links, attachments, or urgent requests. Always verify the sender's email address and do not click on links or open attachments from unknown sources.
How should I create a secure password ?

A secure password should be at least 12 characters long and include a combination of upper and lowercase letters, numbers, and special characters. Avoid using easily guessable information such as names, birthdays, or common words. It's recommended to use a password manager to keep track of your passwords securely.
Why is it important to keep software and systems updated ?

Software updates often contain security patches that fix vulnerabilities and protect against cyber threats. Failing to update your systems regularly can expose them to attacks, especially in critical infrastructure like power utilities, where vulnerabilities could lead to severe consequences.
What is multi-factor authentication (MFA), and why should I use it ?

MFA adds an extra layer of security by requiring more than just a password to access your accounts or systems. Typically, this involves something you know (password), something you have (a mobile device or token), or something you are (fingerprint). Enabling MFA makes it much harder for attackers to gain unauthorized access.
How should I handle sensitive or confidential information ?

Always store sensitive or confidential information in secure, encrypted locations. Avoid sharing such information over unsecured methods like email or unsecured messaging platforms. Be cautious about who you share sensitive information with and ensure that it’s only disclosed to authorized individuals.
What should I do if I suspect my system has been compromised ?

If you suspect a security breach, immediately report it to your IT or cybersecurity team. Disconnect your device from the network to prevent further damage, and do not attempt to fix the issue on your own. Your IT team will guide you through the appropriate steps, such as running malware scans and securing accounts.
Why is network segmentation important for power utilities ?

Network segmentation involves dividing the network into smaller, isolated segments to limit the potential spread of cyberattacks. In a power utility, it’s especially critical to prevent unauthorized access to sensitive control systems and infrastructure by isolating them from less critical networks.
What are the risks of using public Wi-Fi for work purposes ?

Public Wi-Fi networks are less secure, making it easier for attackers to intercept your data or launch attacks. Avoid accessing sensitive or work-related information while connected to public Wi-Fi. If necessary, use a Virtual Private Network (VPN) to encrypt your internet connection.
How can I identify and report suspicious emails or activities ?

Be cautious of emails from unknown senders or those that ask for sensitive information. Look for signs such as misspellings, unexpected attachments, or requests that seem urgent or out of the ordinary. If you suspect an email is phishing, report it to your IT department and avoid clicking any links or opening attachments.
What are the consequences of a cyberattack on a power utility ?

A cyberattack on a power utility can lead to disruptions in services, safety hazards, financial losses, and reputational damage. In critical infrastructure, such attacks can also result in significant risks to public safety. That’s why it's important for all employees to be vigilant and follow cybersecurity best practices.
Why should I be cautious with external devices like USB drives ?

External devices such as USB drives can carry malware or other harmful software that could infect your computer or the utility’s network. Always ensure that external devices are scanned for malware before use and avoid plugging in untrusted devices to any work systems.
What should I do if I receive a suspicious phone call or message ?

If you receive a suspicious phone call or message, particularly one requesting sensitive information or financial details, hang up and verify the caller's identity by contacting the organization directly using a trusted phone number. Do not provide personal or work-related information to unsolicited callers.

Header

Cyber Security Corner

Frequently Asked Questions (User - Department)

Important Websites

OTHER MENU

CONTACT US

IMPORTANT MENU