The digitalization of the energy industry has led to a convergence of operational and informational technologies across metering infrastructures worldwide. This OT/IT convergence brings with it all the benefits of the connected, IoT era such as personal energy management insights, automated energy management and grid transparency. However it has also resulted in increasingly complex OT/IT ecosystems creating with new areas of vulnerability and increasing exposure to attacks.
We caught up with Klaus Mochalski CEO of Rhebo to get his view on these new challenges and on what can be done to address them.
About Rhebo
Rhebo develops and markets OT and IIoT cybersecurity for the energy sector, critical infrastructure and manufacturing companies. The company provides cross-locational cybersecurity, intrusion detection and visibility in industrial automated networks (ICS) from the initial cyber risk analysis to cybersecurity operation through OT monitoring with threat & intrusion detection. Since 2021, Rhebo is part of Landis+Gyr AG.
Rhebo is a partner of the Alliance for Cybersecurity of the Federal Office for Information Security (BSI) as well as the Teletrust - IT Security Association Germany. The company was awarded the "IT Security Made in Germany" and "Cybersecurity Made In Europe" labels for its strict data protection and data security policies.
Klaus Mochalski, CEO of Rhebo
Which security challenges do energy companies face today?
Klaus: Digitalization, system integration and remote control have opened and connected former stand-alone, isolated utilities. All of a sudden the industrial automation systems of power plants, substations, renewable energy resources etc. can fall victim to cyber attacks. The advantageous interconnectedness and interoperability established by frameworks like IEC 61850 can even create a cascade of system failure by spill-over.
But doesn’t IT security have a long successful history of dealing with such attacks.
Klaus: This only counts for IT systems, not for operational technology (OT) networks. And since the OT is very different to the IT in terms of processes, protocols and requirements, IT security measures cannot easily be copy-pasted to the OT. Plus, the real danger are professional adversaries that don’t use off-the-shelve attack methods.
What does this mean for operational technologies in the energy industry?
Klaus: In particular state-sponsored, well-resourced hacker groups mean serious business. They don’t just want some ransom, they aim for wide-spread disruption. And they do it by means of unknown vulnerabilities and back doors, which no firewall knows about yet. And as soon as the adversaries are inside the network, common security measures are blind to their activities. They fail to detect. In the energy industry this can be particularly disastrous as millions of homes, offices, industries etc can be affected.
What can be done about it?
Klaus: Energy companies need visibility within their networks, in particular within the OT. Thousands and thousands of substations and remotely controlled energy resources in Europe are unmanned and a complete black box for control room operators. The objective must be to gain full OT visibility and to be able to detect novel attack patterns as well as malicious activities of professional adversaries within the OT networks before they can wreak havoc.
What kind of solutions exist that provide such OT visibility and threat detection ?
Klaus: Landis+Gyr subsidiary Rhebo provides the only vendor-independent threat detection and network monitoring systems for industrial automated networks that can also be used to monitor Advanced Metering Infrastructures (AMI). By protecting OT & IoT networks and devices against cyberattacks and technical error states, Rhebo’s solutions help grid operators increase plant availability and implement security regulations and standards. Rhebo’s industrial protector for example is a non-intrusive real time monitoring solution for detecting network anomalies such as cyber-security events and technical error states. This allows a network operator to mitigate vulnerabilities and cyber-attacks thereby improving plant availability and securing expensive IoT devices with embedded threat monitoring. We recommend starting with the Rhebo Industry 4.0 Security Audit to get a comprehensive risk assessment of the Industrial Automation & Control System (IACS) as per ISO 27000 and IEC 62443 standards.
Could you explain what additional benefits customers can expect from the Rhebo - Landis+Gyr alliance ?
Klaus: For us, being part of Landis+Gyr follows our strategy to seamlessly secure critical IoT devices in industrial networks. With Rhebo’s suite of solutions, Landis+Gyr can extend the functionalities of its high-performance smart metering devices with comprehensive cybersecurity and availability. For customers i.e., grid operators and DSO’s that operate critical metering infrastructure, this means getting end to end threat detection and protection across their AMI, thus paving the way for further digitalization and automation of their services.
For a comprehensive security audit with asset discovery and risk analysis across your own OT networks, sign up for the Rhebo-Industry 4.0 Stability and Security Audit and learn how 360° OT Monitoring can bring holistic cybersecurity across your AMI.