Effective Cyber Security for Critical Infrastructure, No “Silver Bullets”

Today, critical infrastructure is constantly under attack. Stuxnet. Crash Override. Industroyer. However much these names may sound like something out of Marvel or D.C. comix, they are all very real, very significant threats to critical infrastructure security. And while cyber criminals can be creative and nimble, typical efforts to thwart them can be slow to adapt. Established technology, organizational silos, and financial limitations all make it challenging to secure infrastructure of such massive scope.

But there’s good news: Detecting, responding to, and protecting against attack on critical energy infrastructure can get a significant boost from smart digital transformation.

Understanding the Danger

State-sponsored hackers, hacktivists, or cyber terrorists are among those who routinely target critical infrastructure. No wonder the Department of Energy in February announced a $96 million budget line for formation of a new Office of Cybersecurity, Energy Security, and Emergency Response (CESER) to focus on energy infrastructure security.

Let’s consider some recent examples of attacks on critical infrastructure:

• Security firm Radiflow recently discovered mining malware in a water utility’s operational technology network (responsible for monitoring and control).
• Malware caused 250,000 households on Kiev’s power grid to go without power in December 2017
• State-sponsored malware known as Triton was used to attack industrial hardware in the Middle East.

There’s no doubt then that protecting critical industrial systems needs to be a top priority. But effective cyber security requires security at all layers – not just at the product level, but also in our integration with the platforms we build on, and even extending to include how some of the operators within our utility customers will be trained.

As part of our Digital Energy vision, our mission is to make sure we’re building on an industry leading foundation so that we can support all security requirements up and down the stack. In addition, the rapid increase in smart grids and smart meters, and the proliferation of distributed energy resources or DERs (among the many other transformations impacting energy transmission, and distribution), the need for security continues to stretch further and further out to the edges of the grid.

Critical Infrastructure and Cyber Security

Securing critical infrastructure will require constant innovation as new challenges and threats arise along new vectors. It’s no longer simply about making sure that people who can physically access utility sites are vetted and properly trained. Distribution and generation assets need protection, microgrids must be secured, and operational technology has to be regularly scanned for any vulnerabilities and updated against new threat vectors.  

Given the size and scale of these attacks, being able to respond in “machine time” scales (micro-seconds) rather than human time scales (hours or days, in the best of cases and often extending to months) is most critical. A comprehensive cyber-security must include the use of machine-based and adaptive techniques based on machine learning.

With the IIoT market expected to reach $195 billion by 2022, it’s a safe bet that bad actors are out there right now trying to figure out new ways to crack into our critical infrastructure.

That’s why GE is investing in secure, reliable cloud-based technologies; advanced artificial intelligence and machine learning; and innovative new technologies:

• Following best practices used by major cloud companies that have been doing foundational work in this area over the past 15 years (and drawing on deep budgets) to protect their critical infrastructure and shared assets, we are augmenting existing platform mechanisms to secure against cyber threats.
• Actively investing in and applying advanced analytics techniques including machine learning. With a smart system able to quickly notice any anomalies (and that overtime will adapt to new anomalies as they arise), a utility is able to adapt more rapidly to changing threats in the environment. After all, with traditional human vulnerability scans, by the time you notice you’re breached, you’ve likely already been breached for weeks.
• We are also working on blockchain pilots to help utilities conduct transactions in a secure way, even in situations or locations where there is no central authority.

Protecting the data itself is also essential. As we tout the orchestration and optimization opportunities of our Advanced Distribution Management System (ADMS), for instance, we are focused on providing data security through all phrases of the data life cycle — at the point of generation, in motion, and at rest.

Ultimately, there is no one silver bullet security solution. That’s why it’s important to partner with someone who knows the industry and the technology and can put critical infrastructure security first.

#GEAUC18 #PoweringForward #DigitalEnergy #Grid