Friday, May 27, 2022
BlackOuts durring CyberAttacks
Photo: InfoWars

The danger of cyber attacks on energy suppliers has seldom been as great as it is now. Fraunhofer researchers have now found a way to locate attacks early. The danger of cyber attacks is increasing most recently also in view of the war that Russia is waging against Ukraine. According to experts, the risk of major cyber attacks has seldom been greater than in recent months and weeks.

"Wave of cyber attacks on western countries, such as cyber espionage, ransomware, deletion attacks, attacks on the financial sector, critical infrastructure, scientific institutions, municipalities can be expected," cyber security researcher Haya Shulman from the Fraunhofer Institute for Secure Information Technology.

But even before the Ukraine war, the number and aggressiveness of cyber attacks had increased significantly. The threat to critical infrastructure and the economy is significant. According to the digital association Bitkom, cyber theft, espionage and sabotage cause total damage to the German economy of 223 billion euros every year. In the end, incidents of extortion and sabotage of operational processes were often involved. They are usually the direct result of ransomware attacks, i.e. attacks with malware that criminals use to gain access to computer systems.

Hackers wants to turn off the power plants...

Meanwhile, energy suppliers are also repeatedly in the focus of cybercriminals. Researchers at the Fraunhofer Institute for Optronics, System Technologies and Image Exploitation (IOSB-AST) have now developed an AI solution designed to protect the sensitive infrastructure.

The network control rooms responsible for secure network operation are particularly sensitive in the case of energy suppliers. Electrical processes in power plants are monitored and controlled in the control rooms. The network control room ensures that there are no interruptions in supply. For example due to external influences such as fallen trees on power lines or frequency fluctuations.

What is the worst that can happen after an attack on energy suppliers?

In 2016, electricity went out across the board in hundreds of cities in Ukraine, and dozens of substations were down. International security experts, including those from the Federal Office for Information Security (BSI), then assumed that the blackout was the result of a cyber attack by a hacker group from Russia. The incident has shown that power failure due to such an attack is fundamentally possible, especially in power networks that are structured according to a more centralized principle. In Europe the power grid is controlled decentrally and is considered relatively resilient to cyber attacks.

This means that ideally, even after a successful attack, there are always areas that are intact and from which the power supply to the area can be quickly restored. And yet: Thousands of data and measured values ​​are analyzed every day in the network control rooms, from which critical operating situations are identified and corresponding switching and control processes are derived. "If an attacker gains access here from outside and, for example, measured values ​​are intentionally manipulated, this can lead to incorrect switching operations up to and including a blackout as the worst-case scenario," says the Fraunhofer IOSB-AST.

Detecting attack attempts using AI

According to the Fraunhofer IOSB-AST, it has now developed a method that can be used to detect attacks on energy suppliers before they become effective. "Digital twin-centric services and applications for the dynamic operation and protection of the future energy supply system" is the tapeworm name of the research project funded by the Federal Ministry of Economics, Said Hylite from BSI

The result of the project is based on machine learning: In a first step, an AI-supported intelligent monitoring solution for network control systems learns the normal behavior at the measurement and communication level.

"The software can not only detect the current operating situation and technical failures or faults, but also anomalies in the measured values ​​or the data traffic between the electrical network and the control system"... Fraunhofer Institute.

This means that the responsible operator in EC time possible. Access is via a web-based real-time visualization that provides a quick overview of the AI Supported Anomaly Assessments (AISAA). The Fraunhofer Institute announced that the AI solution should now be made available to potential customers for integration into network operations.

Recommended for Engineer Workplace

Best Gifts for Engineer

BlackOuts durring CyberAttacks
Photo: InfoWars

The danger of cyber attacks on energy suppliers has seldom been as great as it is now. Fraunhofer researchers have now found a way to locate attacks early. The danger of cyber attacks is increasing most recently also in view of the war that Russia is waging against Ukraine. According to experts, the risk of major cyber attacks has seldom been greater than in recent months and weeks.

"Wave of cyber attacks on western countries, such as cyber espionage, ransomware, deletion attacks, attacks on the financial sector, critical infrastructure, scientific institutions, municipalities can be expected," cyber security researcher Haya Shulman from the Fraunhofer Institute for Secure Information Technology.

But even before the Ukraine war, the number and aggressiveness of cyber attacks had increased significantly. The threat to critical infrastructure and the economy is significant. According to the digital association Bitkom, cyber theft, espionage and sabotage cause total damage to the German economy of 223 billion euros every year. In the end, incidents of extortion and sabotage of operational processes were often involved. They are usually the direct result of ransomware attacks, i.e. attacks with malware that criminals use to gain access to computer systems.

Hackers wants to turn off the power plants...

Meanwhile, energy suppliers are also repeatedly in the focus of cybercriminals. Researchers at the Fraunhofer Institute for Optronics, System Technologies and Image Exploitation (IOSB-AST) have now developed an AI solution designed to protect the sensitive infrastructure.

The network control rooms responsible for secure network operation are particularly sensitive in the case of energy suppliers. Electrical processes in power plants are monitored and controlled in the control rooms. The network control room ensures that there are no interruptions in supply. For example due to external influences such as fallen trees on power lines or frequency fluctuations.

What is the worst that can happen after an attack on energy suppliers?

In 2016, electricity went out across the board in hundreds of cities in Ukraine, and dozens of substations were down. International security experts, including those from the Federal Office for Information Security (BSI), then assumed that the blackout was the result of a cyber attack by a hacker group from Russia. The incident has shown that power failure due to such an attack is fundamentally possible, especially in power networks that are structured according to a more centralized principle. In Europe the power grid is controlled decentrally and is considered relatively resilient to cyber attacks.

This means that ideally, even after a successful attack, there are always areas that are intact and from which the power supply to the area can be quickly restored. And yet: Thousands of data and measured values ​​are analyzed every day in the network control rooms, from which critical operating situations are identified and corresponding switching and control processes are derived. "If an attacker gains access here from outside and, for example, measured values ​​are intentionally manipulated, this can lead to incorrect switching operations up to and including a blackout as the worst-case scenario," says the Fraunhofer IOSB-AST.

Detecting attack attempts using AI

According to the Fraunhofer IOSB-AST, it has now developed a method that can be used to detect attacks on energy suppliers before they become effective. "Digital twin-centric services and applications for the dynamic operation and protection of the future energy supply system" is the tapeworm name of the research project funded by the Federal Ministry of Economics, Said Hylite from BSI

The result of the project is based on machine learning: In a first step, an AI-supported intelligent monitoring solution for network control systems learns the normal behavior at the measurement and communication level.

"The software can not only detect the current operating situation and technical failures or faults, but also anomalies in the measured values ​​or the data traffic between the electrical network and the control system"... Fraunhofer Institute.

This means that the responsible operator in EC time possible. Access is via a web-based real-time visualization that provides a quick overview of the AI Supported Anomaly Assessments (AISAA). The Fraunhofer Institute announced that the AI solution should now be made available to potential customers for integration into network operations.