Guarding against cyberattacks on the power grid

April 28, 2017 9:22 am0 commentsViews: 26
Cybercrime

Cybercrime

By Riaan Badenhorst, Managing Director, Kaspersky Lab Africa

When it comes to cybersecurity, the media spotlight falls predominantly on end-user breaches. But, imagine the consequences if hackers take down the electricity network of a country. At Kaspersky Lab, we believe a shift in focus is required. Power grids are incredibly complex networks that feature integrated automation and control functions. And, because these communicate through open protocols, there is not sufficient security built-in to protect against increasingly sophisticated cyberattacks. Industrial control system (ICS) environments form an integral part of this industrial space. As such, these have become some of the most targeted areas for malicious users in this sector. A recent Ernst & Young survey has found that almost half of power and utilities companies say it is unlikely that they would be able to detect a sophisticated attack. This is quite concerning given how reliant the digital world has become on the supply of reliable energy infrastructure. Think for a moment back to the days of load-shedding in South Africa and how it negatively impacted on productivity. Now imagine the potential of the power going down across the country and not coming back online. Protecting these national assets requires more than just a traditional IT security system or approach. It is not about maintaining the integrity of sensitive corporate data, but rather about ensuring the continuation of the process of supplying electricity. Further complicating matters, is the fact that ICS environments are often significantly customised and filled with proprietary (and often legacy) technologies. This makes it incredibly difficult to install a security solution that can plug all the potential gaps in the system. With electricity facilities becoming more connected they are no longer managed in closed systems. There is therefore a myriad of technical, infrastructural, and even organisational challenges to overcome if the infrastructure is to be protected effectively. Enterprise-level cybersecurity systems are not capable of fulfilling the specific requirements of electricity suppliers. Instead, an industrial-level solution that secures every layer of infrastructure without impacting on the operational continuity and consistency of the processes is required. However, cyberthreats can bridge the gap between industrial and enterprise systems – and it is becoming increasingly imperative to have a security solution that can fulfil vastly different organisational requirements. Industrial operations therefore need to work with a vendor capable of providing a full suite of complimentary solutions delivering protection on desktops, laptops, and mobile devices, servers, databases, all the way through to ICS environments. It is this integrated approach that will help ensure that the lights keep on in times of crisis. Industry has moved beyond just meeting the security demands of their sites, but needs to make sure the integrity of the entire infrastructure is maintained. The alternative, could be too significant to contemplate.

Techno Africa

Tags:

Leave a Reply