Energy Industry

September 14, 2020
9

Written By Stephen Cardot

Situation

The concern of the Electric Power Research Institute (EPRI) researchers was the ability to detect never-before-seen attacks against the critical components of the electric power grid via attacks against their Supervisory Control and Data Acquisition (SCADA) equipment. They were interested in knowing how to detect and perhaps stop the infamous STUXNET worm.

Solution

We installed our AI-based CC/B1 security solution to monitor all internal SCADA network traffic in the researcher’s lab environment. The researchers then attacked the lab SCADA systems with a copy of the STUXNET worm.

Results

Using AI machine learning and deep packet inspection we found:

• Similarities to previously know viruses, worms and malware that allowed our intelligence to determine with 99.999% certainty that the traffic was indeed bad and should be blocked.

• AI allowed us to accurately determine this without any foreknowledge of the attack specifics.

• Going forward the researchers found this very useful for other attack types

About Stephen Cardot

Veteran IT developer with 28 years’ experience in designing robust, scalable solutions. Patent author of real-time risk scoring and data insurance. Believes sub-second risk control and incremental risk transfer are the future of cyber safety and security.

Related Posts

Oil/Gas Distribution

Oil/Gas Distribution

CloudCover was brought in to address network security concerns for a large US based energy distribution and storage company with hundreds of employees in multiple locations across the United States following the Colonial Pipeline ransomware data breach event in 2021. Upon investigation, we discovered that Russian attackers had infiltrated the network through the VOIP phone system. Thanks to the expertise of the CC/B1 team, they were able to quickly detect and block the threats.

read more
Government

Government

When a Local or County government experiences a cyberattack, it’s not just the entity’s network security that’s at risk — it’s also the lives of the residents who depend on it to supply safe drinking water, access to oil and gas, and critical emergency services. Government organizations have become prime targets for cyberattacks due to their dependence on critical IT systems, lean budgets and minimal staff, and the treasure trove of valuable information stored in their networks.

read more
Banking

Banking

Financial services and banking institutions have long been prime targets for cyber attacks for a simple reason – where there’s money, there’s money to be made. According to a study conducted by the Federal Reserve Bank, companies in this sector are 300x times more at risk for data security threats than any other industry. Knowing this, the midwest bank knew they needed to implement a comprehensive network security strategy – and they needed to do it with a lack of staff and budget.

read more