Cybersecurity in electricity industry: the need for cyber-secure interconnection

Electric networks: high cyber-risk environments

Wind, solar, hydroelectric, nuclear, fossil fuels, etc.: the ways of producing energy may differ, yet electricity suppliers and distributors face the same challenge: to continue to interconnect their networks, while ensuring cybersecurity for all.

A high-tension electricity sector

Electricity generation and distribution are critical activities that pose significant human, economic and environmental risks in case of failure. Without electricity, how many vital infrastructures would be stopped dead in their tracks? How many sensitive buildings would be rendered inaccessible or uncontrollable? And how much equipment would be seriously damaged by a blackout?

If you wanted to harm a country, which targets would you attack first? One answer immediately springs to mind: its power generation networks. Cyber criminals have understood this and have focused on energy systems in recent decades. So, for us, writing this Stormshield whitepaper on the evolution of cyber attacks on power systems since 2015 is a natural extension of our core business: analysing cyber-malware, anticipating future risks and proposing solutions.

Specific constraints for the cybersecurity of the electricity networks

These examples show how sensitive our dependence on electricity is, especially in vital areas of activity. This is especially true since the safety of many facilities could be compromised in the event of an accident, or if the reaction time is too long. Electrical infrastructures are even more different from traditional IT environments, as they are located in physical environments with significant constraints, not least because of electromagnetic waves. Often composed of several remote sites (production plants, dams, distribution network, meters, etc.), electrical infrastructures must ensure that sensitive and potentially confidential information exchanged between sites (information gathering, network regulation commands, etc.) is neither altered nor intercepted.

However, this geographical distribution is based on several production centres and a fragmented distribution network with countless sensors and PLCs. This architecture often requires remote maintenance, either on a scheduled basis or as a rapid reaction to an incident. However, this type of network and building is sometimes several decades old, as interruptions to the service for the purpose of hardware upgrades are problematic. Finally, many service providers work on these networks, not all of whom have the same level of confidence, awareness and/or equipment in terms of cyber risk.

Ensuring the performance and availability of electricity networks

In order to continue to meet electricity demand under all circumstances, companies in the sector must be able to rely on secure communication networks. This will enable them to ensure the authentication, confidentiality and integrity of the data processed, and also to provide secure remote access to their technicians and third-party service providers.

At the same time, the electrical industry must prevent attacks on OT network components and control stations. This includes the installation of security elements in close physical proximity to the equipment to be protected without an IT rack, in physical environments as constrained as an electric dam or a nuclear power plant. Finally, live system support and security maintenance (MCO/MCS) makes it possible to extend the life of the infrastructure. In response to each of these needs, Stormshield provides a suitable, reliable and scalable solution.

Protect your networks with Stormshield Network Security firewalls

Our range of Stormshield Network Security (SNS) firewalls offer you the ultimate in network protection with high availability through their bypass features and intrusion prevention system (IPS). Our solution lets you change WAN access links according to their availability; segment your networks; take advantage of in-depth and contextual analysis of standard (IEC 61850 – MMS, Goose, SV – or IEC 104) and proprietary industrial protocols. The SNS range also offers granular control over authorised messages and control of operational values through the implementation of custom patterns.

Finally, in response to the constraints of the electrical sector, our industrial firewalls are hardened and can be easily mounted in your cabinets.

Do you need multiple distributed protection solutions? Our Stormshield Management Center (SMC) centralised management solution allows you to manage them all from the same administration server. This saves time and reduces configuration errors. And in addition, our Stormshield Log Supervisor (SLS) log management solution allows you to view the status and logs of your entire IT network at a glance.

With Stormshield XDR, you can effectively combine Stormshield solutions. Be notified of incidents based on analyses of your endpoints, networks, web files and emails before managing the response with your various security products, driven by centralised incident management. This is the ideal combination for alerting you in real time and managing a rapid, long-term response on both the network and endpoints.

Bring cyber-serenity to your business with trusted products

Because a cyber attack in the energy sector can create a domino effect on the economy, organisations in the sector are governed by a series of cyber rules and standards. In addition to the national level, these organisations must comply with European cybersecurity regulations such as the NIS and NIS2 Directives, the RGPD, the Cybersecurity Act or the IEC 62443 standard. Other standards (e.g. Common Criteria EAL3+ & EAL4+ or ISO/IEC 27000 series) are not mandatory under current legislation, but help to improve the level of cybersecurity for energy companies.

Stormshield products help companies comply with these requirements by improving the cyber resilience of their infrastructure. For example, Stormshield Network Security (SNS) and Stormshield Endpoint Security (SES) products enable Essential Service Operators (OESs) to deploy security solutions that improve the level of protection of their critical and mission-critical information systems. By choosing Stormshield, you benefit from solutions that are certified and qualified at the highest European level. To maintain this level of protection and confidence, Stormshield products are subject to a continuous strengthening process. Through this robust and reliable approach, we align with the standards set by agencies such as ANSSI in France, CCN in Spain and BSI in Germany as they evolve. To learn more about the compliance of Stormshield products with cyber regulations in the energy sector, please see our dedicated document.

With Stormshield, give your business cyber-serenity. Our teams remain at your disposal to identify the needs of your electricity production network and provide you with the most effective solutions.