Issue link: https://fhpublishing.uberflip.com/i/912901
NETWORK / 20 / DECEMBER 2017 / JANUARY 2018 Q: What kind of cyber threats should power firms be concerned about? A: There are many different types of attack. They include data the and tampering, eavesdropping and potentially damaging distributed denial of service (DDoS) attacks. A fast-growing and potentially far more damag - ing attack is the destruction of service (DeOS) attack that can physically damage hardware and equipment by, for example, corrupting the firmware on internet-connected devices. In a power grid for instance, it is thought to be possible to overload grid components and block protective features that keep compo - nents from overheating, damaging transform- ers or other equipment. Q: Development of the so-called smart grid where sophisticated control systems are used to manage an ever-more com - plex supply and demand balance, means the amount of industry data in exist- ence is growing rapidly. How valuable is this data and in what ways are hackers targeting the smart grid? A: Looking to comment on all facets of smart grid data with a statement of "value" is a moot point. For example, in itself a small data packet is maybe meaningless, but looking at the source/destination address may reveal underlying endpoints of interest. So the point is how do you stop people looking inside your kimono in the first instance. Building an OT system that adheres to defined standards is a prudent approach here. Q: As the grid of the future continues to develop and requires more systems to manage than the more simplistic plant- to-home network of the past, will this present hackers with further opportu - nities to steal data? What could they potentially do with this data? A: Security is all about a set of defined layers. If the layers are breached then the last stand is encryption. Encryption is a key element in cyber-security for utilities. Nokia offers a comprehensive multi-layer encryption solu - tion – IP/MPLS layer and transport layer using optical and microwave systems. With this solution utilities can pick the right encryption component using a best fit approach based on the network architecture deployed and rest assured that the data flow on the plane will be useless outside of operational contexts. Q: Do you think cyber security has evolved as quickly as the network itself ? A: If we are considering most OT networks it's not apparent that there is significant evolution with respect to cyber security. Our strategy at Nokia is to help utilities get a grip on evolving the cyber protection landscape so as to embrace the new commu- nications technology that will underpin new business models (e.g. DER, EV, DSO). This is embracing the standards and offer- ing solutions to implement them across both OT and ICT layers and additionally for the entire company. Q: What work is Nokia doing to help mitigate the risk of cyber-attacks? A: Not only are attacks becoming ever-more sophisticated, but the potential damage that can result is growing, even physical damage to critical infrastructure such as electricity distribution grids. Mission-critical networks can ill afford any successful cyber-attacks. Not just financial loss is at stake; lives can be put in jeopardy. Deploying the right level of security is a high priority. Nokia offers an advanced and comprehensive approach that is built on its long experience and in-depth expertise of both security and mission-critical networks and operations. In line with best practices and published standards, the Nokia solution CYBER SECURIT Y Responding to network threats The recent increase in sophisticated, targeted security threats by both external and inside attackers has increased the awareness and urgency of communication service providers, mission-critical network operators and utility network operators for implementing comprehensive security strategies. Nokia's Mauricio Subieta - cyber security for utilities program lead - speaks to Network.