Combating the emerging cyber threat to power infrastructure

Earlier this month Power Engineering International reported on the detection of a cybercrime operation that poses a serious potential threat to power plant operations in Europe and America.

US cyber security group Symantec uncovered the “Energetic Bear” malware operated by a state-backed group with early indications suggesting origination in Russia. Energy firms in 84 western countries were the targets of what was a well-coordinated cyber-espionage campaign.

This week PEi spoke to Daniel Jammer, Nation-E President and Founder and one of the world’s leading developers of cybersecurity software, about how governments, companies, and homeowners can cyber-secure their energy supplies and the accompanying consumer data.
Command and Control Centre
“This (Energetic Bear) is only the beginning of a lot of viruses or malware that are capable of attacking our infrastructure. This is the first time our physical infrastructure, in the shape of our utilities and energy infrastructure, have come under threat.”

Jammer says that despite the hundreds of millions being invested in information technology to upgrade software and deal with cyber-attacks, the persistence of malware is relentless and that informs his approach.

“The way we should think is in mirror-reverse, meaning we need to see that our energy must not just come from a localized infrastructure. It needs also to be monitored at single points. A utility today is approaching from a command and control centre, monitoring everything from there with the result that if something is attacked everything is attacked. If that happens to a utility it means hospitals, an airport, water utilities, everything is affected.”

Nation-E’s technology entails all critical systems having an independent monitoring infrastructure, still connected to a command and control centre, but one that will continue to ‘live’ after an attack.

“You can island an airport, a water utility or bank for several hours, giving you time to reshape your critical infrastructure in the command and control centre, getting everything back online and back to normality. The problem is, if you do not have this type of technology in place, everything collapses at the same time.”

Jammer’s company has built up its reputation by being hothoused in one of the most security-conscious countries in the world, Israel. Unhappily for Israel, continuous threats to physical infrastructure constitute a fact of life. A happy by-product is that its companies can bring that experience to a world which has slowly woken up to the emerging cyber-threat.

“For us it’s not something new, but for the outside world it is becoming more and more applicable,” Jammer said. “The Energetic Bear is spreading continuously from one network to another. The cyber has no timing; it can be inside your system and you don’t know when it will attack you. It could be today, six months or one year. So we need to define what is important to us in order to protect it. After the Energetic Bear virus the last persons who have been naàƒ¯ve or sceptical about cyber-threats are now fully aware that this type of phenomenon is real.”

Nation-E’s most recent business in protecting critical infrastructure was very high profile, FIFA being the client.

“Our last exposure was for protection of the 2014 World Cup broadcasting and satellite infrastructure, and basically you saw that every game was seen without disruption. On the other side we are working with utilities, water utilities and banking infrastructure. We produce something very unique which will help humankind resist the threat.”

While not dealing directly with the customer, other companies (think the likes of IBM, Cisco and Intel) take the technology under their umbrella when serving the customer.

Jammer paints for PEi some doomsday scenarios his company’s technology seeks to prevent. The growing progress of renewables and the growth of a smart grid is used to illustrate one such scenario.

“Look at the potential for smart meter infringement “a case where a consumer gets a à‚£5000 bill instead of the usual à‚£100 and you are forced to get a lawyer involved. Look at it the other way around ” malware leading to your utility invoicing you for à‚£5 instead of à‚£100 “1 million people getting that à‚£5 invoice ” the utility losing à‚£95m, this continuing for 12 months and it going into billions. What we are looking at is not only malware that can black you out, it can also infringe the billing process and infringe the security of power.”

The capacity for interruption of the burgeoning smart grid presents numerous possibilities for those with malign purposes.

“The smart grid is about integrating all sources of energy into one network,” Jammer continues. “If that network is infringed, the malware might instruct providing solar power at 10pm and not at 1pm when the utility really needs it. There will be resulting power problems in the network, and those occurring frequently will cause blackouts that cost a lot of money. In the US in 2013, $164bn was lost due from power blackouts. Imagine how a cyber-problem could potentially cost so much more.”

The implications in terms of insurance coverà‚ are also striking, as comprehensively discussed at a recent forum on the matter by the Willis Group in London – but there is, as Jammer puts it, a much more tangible “threat to disrupt our lives, security and our democracy and we need solutions to protect that.”

No posts to display