Situation
The concern of the Electric Power Research Institute (EPRI) researchers was the ability to detect never-before-seen attacks against the critical components of the electric power grid via attacks against their Supervisory Control and Data Acquisition (SCADA) equipment. They were interested in knowing how to detect and perhaps stop the infamous STUXNET worm.
Solution
We installed our AI-based CC/B1 security solution to monitor all internal SCADA network traffic in the researcher’s lab environment. The researchers then attacked the lab SCADA systems with a copy of the STUXNET worm.
Results
Using AI machine learning and deep packet inspection we found:
• Similarities to previously know viruses, worms and malware that allowed our intelligence to determine with 99.999% certainty that the traffic was indeed bad and should be blocked.
• AI allowed us to accurately determine this without any foreknowledge of the attack specifics.
• Going forward the researchers found this very useful for other attack types