fast international shipping
ISO 9001/27001 Corporate certification
Manufacturer certified experts for your project-
fast international shippingISO 9001/27001 Corporate certificationManufacturer certified experts for your project
In 2015, the Ukrainian electricity grid was disrupted on a large scale by a hacker attack. Over 200,000 inhabitants were without electricity for hours. The attack had started months earlier, when computers were targeted with phising mails or e-mails with manipulated office files. These computers were then used as a bridgehead and from there the network was analysed and secretly taken over piece by piece. In this way, several transformer stations, which were almost completely automated, could also be controlled.
During the actual attack, computers were then paralysed by deleting system files and a telephone centre was made unusable by means of a Distributed Denial of Service (DDoS) attack. This was done to prevent regaining control of the systems in a timely manner. Despite the best efforts of the attackers, the power utilities were able to restore power within a few hours.
Not only substations but also power plants can be monitored. From a simple sensor to transformers and circuits to a turbine or generator. Nowadays, everything is networked and potentially accessible to attackers.
If values are manipulated here, it can not only lead to disruptions in the power grid, but also to permanent damage to the infrastructure. But it is not only attackers who can be identified and warded off. Technical defects can also be detected earlier and, depending on the situation, be repaired before the component fails completely.
What a defect can trigger was seen in Russia in 2009, when an accident occurred in the hydroelectric power plant of the Sayano-Shushensk reservoir, killing 75 people. The damage was massive. It took five years to repair. Affected by the outage was primarily a factory for aluminium, which was the main customer of the hydroelectric power plant. Due to the failure of the power plant, production had to be curtailed. It is estimated that about 500,000 tonnes less aluminium could be produced per year.
The third cause of an incident is the dissatisfied employee, sabotage from within. These are usually the most dangerous, as the employees are already familiar with the network and know the weak points. In this way, a great deal of damage can be caused in a targeted manner. Both an attack and an incident could have been avoided with a monitoring solution for operational technology (OT).
A solution that would only monitor the IT would not see what is happening in the OT and vice versa. Therefore, a solution that sees the big picture, IT and OT, is a good idea. Of course, it is important that the solution understands both the IT protocols and the OT protocols. Only with a packet inspection can it be ensured what is happening in the company.
We work together with the provider Nozomi Networks, which has already convinced the international energy supplier Enel of the SCADAGuardian solution. Their infrastructure and communication is continuously monitored. After a short learning phase, which depends on the processes in the company, SCADAGuardian monitors both the devices and the communication. Depending on the density of sensors, you can then trace every packet on the network and perform a forensic analysis of an incident. If an attack or anomaly is detected, SCADAGuardian can raise an alarm, either via email, ffene interfaces or actively intervene if requested by the customer.
If you are interested in the solution or a trial, please feel free to contact us by email, phone or our contact form.