Although the need for cyber security has gained growing prominence over the past few years, companies still face challenges around its implementation and cyber attacks continue to occur.
As attacks in Israel and Ukraine indicate, even something as basic as a phishing email or an infected flash drive can lead to days of disruption. And for an energy company that may depend on its relationship with its customers to maintain its business, that could be catastrophic.
In an interview with Engerati, Erik Schnelle, sales manager Europe at Rohde & Schwarz, said that in his experience the biggest challenges occur in small-and-medium-sized companies.
Unlike the large companies, which usually have sufficiently large IT departments that can address cyber security issues, these smaller companies, while often fully aware of the risks, don’t. Accordingly, they can benefit from counselling and support.
Moreover, while cyber security is not solely a concern of the energy industry, and extends to other sectors such as banking and health care, it is particularly crucial. Energy infrastructure, from power generation plants to transmission and distribution systems, is a critical infrastructure for countries that can literally make the difference between life and death.
Cyber security Europe - threats
Schnelle says that a challenge for energy companies is that information on making cyber attacks is relatively easily available.
“It is possible to access information on power system infrastructures and obtain the tools to attack them on the dark net,” he says. He adds that the challenge also extends to whether the attacker is an organised group with criminal or terrorist intent or a lone individual who is being opportunistic.
“With ageing infrastructure, networks and control rooms offer many opportunities for a cyber breach. For example, for smaller companies, software updates may come via USB stick, while any form of remote service requires the internet. Even a staff member surfing the internet can provide an opportunity for a cyber attack if care is not taken and the appropriate firewall and virus walls aren’t in place.”
There may also be separated networks, such as in atomic plants or at remote windfarms, and it was at such plants that the Stuxnet worm for example was designed to penetrate.
Cyber security challenges
A major challenge for the smaller companies in implementing cyber security is the limited resources they have available, both financial and human, Schnelle says.
“In the past, IT security was a very minor cost but a good solution to meet the needs of today’s energy environment isn’t cheap and can cost up to 10% of the total IT budget. Specialised tools are needed, for example to read SCADA protocols, and without these tools it is not possible to know what is happening within the data stream.”
The extent to which companies are inclined to implement solutions also varies across regions, Schnelle adds. For example, in Germany and other countries in Europe such as the Netherlands and Sweden, the infrastructure is relatively good and there are stringent regulations that are prioritising cyber security.
However, in other regions such as Eastern Europe, regulations are lacking and the infrastructure is generally older and lacking the standards base of more modern infrastructure and the potential for a major breach – such as happened in Ukraine – is greater.
It also should be borne in mind that countries and systems are interconnected and for example Europe’s gas comes from both the North Sea and Russia and national interconnections are being pushed in Europe.
Cyber security solutions
Schnelle comments that the key requirement for a cyber security solution is that it secures the complete infrastructure “from the desktop up to the communication network”.
Rohde & Schwarz’s solution encompasses the Browser in the Box, which secures web browsing through isolating the internet from the intranet; the NP+ next generation firewall solution that validates SCADA protocols; and the SITLine Ethernet encryption gate, which secures communication for example between data centres or between plants and customers.
In addition, the TrustedVPN provides a comprehensive security infrastructure as a fully automatic, turnkey solution.
“With these we are able to provide secure from the client up to the data centre in a solution aimed at medium-sized enterprises.”
Schnelle adds that the company has gained wide experience in the implementation of these solutions at customers and that they can be customised to their needs.
“Our solutions are inside the server rooms and infrastructures of companies so we know how we can help them. It’s very important for us to bring awareness and assist customers and to be a trusted advisor, rather than just a solution seller,” Schnelle concludes.