Industry Focus > Energy and Utilities

Improving Network Security to Secure Critical Infrastructures and Reduce Malware Exploits With Real-Time Actionable Threat Management

5 Industry Needs

  • Backdoor malware, ransomware, and advanced persistent threats (APTs) have become a persistent high-risk security threat primarily developed and used to sabotage critical infrastructures. Network monitoring and testing are also critical. Utilities should use intrusion detection (IDS) and security information and event management (SIEM) to catch potential malware infections and other network breaches.
  • Utility providers face a difficult network operations and security climate. Organizations have large and geographically diverse operations, including a wide range of remote offices and mobile field technicians, which many traditional security technologies are not able to scale and protect.
  • The growing reliance on internet-based communication has further increased the vulnerability of control systems to cyber criminals. The energy and utilities industries require a comprehensive network security solution that will provide both network visibility to mitigate security risks and strong intrusion detection to detect both internal and external security threats.
  • Operational systems are increasingly subject to cyber attacks, as many are built around legacy technologies with weaker security protocols that are inherently more vulnerable. There are also continuing efforts to use older Windows servers and outdated equipment in order to maximize investments in the hardware.
  • Both media and security experts believe that utility companies are quickly adopting smart grids and connecting consumers to the global internet network without first establishing adequate security measures.

Infosec Needs for Energy & Utilities

Energy and Utilities Industry Briefs

Our Energy and Utilities Industry Focus Solutions Guide in one downloadable document.

Aanval Enterprise Industry Focus Solutions Guide (PDF)

Our Network Security Audits and Vulnerability Assessment Guide in one downloadable document. Visit IT Audit for more information.

Risk Management Solutions Brief (PDF)

Perspective

Cyber attacks are growing across all industries and the energy sector is an attractive global target by both national state actors and criminal enterprises. The world’s critical infrastructures are becoming more susceptible to cyber attacks as utility and nuclear power companies increasingly wire their control systems and industrial machinery to the global internet network, exposing critical vulnerabilities to the outside world. This is an enormous challenge as they have no choice but to embrace the interconnected digital world and all the advantages that innovative communication channels bring to the business and IT department including cost savings through remote monitoring. At the same time, they must defend against security threats as their risk increases exponentially and as cyber criminals develop virus and malware capable of stealing data but also taking control of infrastructure. Unfortunately, the energy sector lags behind other sectors in fending off hackers and a study conducted by Dimensional Research revealed that despite the prevalence in attacks, energy IT professionals were very confident in their ability to collect the data needed to detect a cyber attack although they lack real-world data.

Energy companies and electric utilities have experienced an increase in cyberattacks in the past year and Homeland Security says that it is the most attacked sector. Many companies in natural gas, electricity, and oil have experienced at least one successful cyberattack in the past 12 months. The media has also generated alarming concern over the security of the U.S. critical infrastructure and the relative ease of cyber criminals to disrupt the network and cause a disastrous failure of the electric power grid. Questions on how utility providers are safeguarding smart grids from security attacks have now become a repetitive subject of discussion in the news. Both media and security experts believe that utility companies are quickly adopting smart grids and connecting consumers to the global internet network without first establishing security measures.

The energy and utilities industries have always been an appealing target for cyber criminals intent on inflicting damage on a community or making a big publicity impact. The bleak assessment of why America’s energy and utilities providers are experiencing some difficulty in maintaining security, and why the number of cyber attacks have escalated over the years can be attributed to a number of unique factors and challenges. Overall, the growing reliance on internet-based communication has increased the vulnerability of control systems to hackers. Providers are also continuing to utilize older equipment that have not been previously connected to the internet in order to maximize investment in the hardware. Operational systems are also built around older legacy technologies with weaker security protocols that increase susceptibility to attacks. Oftentimes, the legacy technology vendor no longer supports the equipment, resulting in the lack of vulnerability patches, upgrades, or updates. Some providers are also accustomed to using older Windows servers in networks for which patches are not even available anymore. In addition, networking systems at utility companies also present a complex challenge because of the large and geographically dispersed operations environment which traditional security technologies are not able to scale to protect. Furthermore, the use of malware has become a persistent high-risk security threat primarily developed and used to sabotage critical infrastructures. According to Booz Allen Hamilton, ransomware and services that sell access to Supervisory Control and Data Acquisitions (SCADA) systems are quickly emerging as new challenges for operators of industrial control systems. Pricewaterhouse Coopers has estimated that “since 2000, the number of successful cyber attacks has increased tenfold against SCADA systems at power generation, petroleum production, and nuclear plants and water treatment facilities. Studies have shown that if providers were able to proactively practice even the most basic type of network security for corporate and industrial control systems, they would likely have detected or fended off some of the attack.”

Why critical energy and utilities organizations depend on Aanval

  • Secure a successful and comprehensive network security solution that will also deliver significant cost savings in return.
  • To proactively monitor and respond to both external and internal security breaches including malware exploits to minimize security risks and loss of privacy.
  • To obtain real-time situational awareness to quickly summarize network event information and provide analysts with the resources they need to identify actual risks and make critical decisions.
  • To maximize operational efficiency and lower security overhead costs by automating the time-consuming task of monitoring and managing both network and user activities and delivering crucial security alerts and reports.
  • To effectively adapt to any network-size environment, deliver crucial scalability to accommodate additional growth, and to efficiently store, manage, and archive more than 1 billion events.

Tactical FLEX, Inc. Solution

Energy and utilities providers face a difficult network operation and strenuous security climate. Advanced malware poses one of the greatest threats and the CSIS survey reports that “80% of IT departments have been targeted by at least one DoS attack and 85% has seen network intrusions. One quarter reported daily or weekly DoS attacks, and one quarter said they had been victims of extortion through network attacks or the threat of such attacks.” The study overall showered the increasing levels of cyber attacks and concern about security threats, but modest improvements in security.”

Tactical FLEX, Inc. understands that safety lies in both monitoring network systems and improving network visibility around the clock, and offers affordable, scalable, and reliable intelligent security solutions that provide control, true situational awareness, and complete threat management. Aanval’s comprehensive SIEM and IDS security solutions will help network administrators become more proactive in mitigating security risks and detecting and combating both malware infections while maximizing operational efficiency in real-time. In addition, Aanval’s next-generation technology features deliver multiple source event collection, correlation, and archiving, and false positive-reducing event validation which further enhances event analyses, making it easier to investigate anomalous behaviors that could signify advanced persistent threats (APTs).

Additionally, Tactical FLEX, Inc. is a trusted security vendor, with its products and services protecting core infrastructure facilities from small utilities to nuclear power plants in multiple countries.

Review Aanval Products and Aanval Services or contact us @ 800-921-2584 to speak with our knowledgable staff immediately.