Around 225,000 connections were unplugged from electricity grid in Ukraine by hackers. This gained attention of cybersecurity experts all over the globe and marked as the first cyber-takedown of a power system. Experts commented that this was not any other attack and active preventive measures need to be taken to avoid these attacks & thwarts in future. They also emphasized on taking security measures rather than only providing firewalls to control systems. Eric Byres, a security consultant and major contributor in commercialization of firewalls for industrial control system said, “It’s really brought the whole thing to a head and made people aware that this isn’t just chatter about the sky falling.”
North American Electric Reliability Corp. (NERC), who has an authority to set standards for power grid, is trying to stop these attacks by upgrading cybersecurity codes. These codes need network monitoring and other defense techniques to stop attacks, such as disconnection in Ukraine. An extensive and rapid utilization of these codes would help in preventing attacks from hackers. Reports from U.S. Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) and other researchers indicate that that the attack in Ukraine was sustained and had different prongs. Byres said, “These attackers are not blindly hacking away. They’re doing their research.” The attack also made adverse and long-lasting effects on local utilities, or oblenergos. According to ICS-CERT’s February bulletin, “While power has been restored, all the impacted oblenergos continue to run under constrained operations.”
Robert Lee, a former cyberwarfare operations officer, U.S. Air Force, commented, “Everything about this attack was repeatable in the United States.” He visited Ukraine for assessment of the December attack. He added, “While their security wasn’t awesome, it definitely wasn’t below the [industry] standards.” Currently, Lee is the CEO of San Antonio-based firm, Dragos Security, which is a leading developer of cybersecurity tools for SCADA systems.
Experts suggest development of an active approach that would detect and prevent non-permissible intrusions. DNP3 communication is ubiquitous in power grids of North America. Grids are becoming smarter by connecting interactive devices, such as smart meters, rooftop solar installations, electric car chargers, and other smart devices. These are connected to protect grids from attackers and manage power flows.
Connecting smarter devices was common in IT sector, but its use is increasing in SCADA systems over the past decade. Eric Byres developed Tofino Industrial Security Solution, which was one of the first SCADA traffic checkers in 2005 and released it in 2008. He developed it in the British Columbia Institute of Technology’s Critical Infrastructure Security Centre, Burnaby. Tofino was acquired by Belden, a St. Louis–based networking firm. “It’s not just looking at what protocols are allowed but what’s the exact functionality of that message,” explained Byres. “For example, will it just read the status of a protection relay, or completely reprogram the device? Obviously, there is a big difference between those two actions when it comes to security.”
Every SCADA data packet that crosses a network is checked for the validity and then allowed to pass through. Though this approach needed further development, but it set up a base for using complex binary messages for DNP3 protocol. An extension of Snort, an intrusion- detection system was developed in 2012. Recent advancements have enabled detection of peculiarities in SCADA traffic patterns with the help of visualization tools.
Analysts studying the industry have revealed a comprehensive information about changing industry trends and precise statistics in research reports. Recently, Big Market Research has added a report titled, “Global Cyber Security Industry 2016 Deep Market Research Report.” The report provides an extensive analysis of classifications, recent trends, and industry chain structure. Furthermore, it helps businesses and investors by covering significant market statistics of capacity, production, & revenue analysis of manufacturers, manufacturing cost structure, and new project feasibility analysis.
Latest Report of Global Cyber Security Market Report: 2016 Edition available here: http://www.bigmarketresearch.com/global-cyber-security-report-2016-edition-market