Infrastructure protectionMcAfee, Intel collaborate on protecting energy infrastructure

Intel and McAfee team up to secure energy infrastructure // Source: abbasguclu.com.tr

McAfee announced a collaboration with Intel better to protect the world’s energy utilities, including generation, transmission, and distribution, from increased cyber attacks. The two companies have provided a blueprint for a comprehensive solution of multiple products which create layers of security and operate together without great complexity or without impacting availability.

The two companies say that their solutions deliver technologies for securing the energy infrastructure, decreasing chances of malicious attacks, increasing uptime, and decreasing resource-intensive responses to fix and update systems. The “reference implementation” created mirrors real-world energy infrastructure platforms and environments, so customers can see the technology implemented fully and integrated across endpoint, network, and cloud. The solution is focused on satisfying the energy industries need for situational awareness, seamless multi-zone protection, native supervisory control, and data acquisition (SCADA) support, and remote device management.

McAfee and Intel created a reference implementation which integrates a number of McAfee security solutions, relevant to substations and network operations centers, with selected Intel processors and hardware-based security and manageability technologies. The reference implementation emulates the components and functionality commonly found in a critical infrastructure environment. The companies say that the added capability of end-point security, network security, and security management solutions can deliver a secure environment with increased reliability.

The two companies note that the reference implementation allows the audience to witness the system response of an unsuccessful cyber-attack thwarted by McAfee Embedded Control and the impact of a successful attack on an “improperly configured” system. The audience can see how the critical infrastructure operator can remotely and securely mitigate the threat of the comprised “improperly configured” system with McAfee’s ePolicy Orchestrator coupled with Intel vPro Technology.

The two companies note that protecting utility infrastructure is challenging for many reasons, including network diversity, data overload, complex endpoint management, and tools that lack the right security context for energy.

“To adequately secure critical systems against cyber attacks, the right products and technologies must be integrated into the entire infrastructure—from the enterprise, to the SCADA and control systems, and even to the automated device networks—without impacting reliability or interfering with operations,” Eric Knapp, critical infrastructure expert at McAfee. “McAfee, together with Intel, has combined commercially-available chipset capabilities and cyber security products into the perfect recipe for substation security, providing advanced protection while removing operational complexity, and improving reliability through remote manageability.”

The challenges facing energy infrastructure are many. The complexity and diversity of the electrical power delivery systems make protecting them from cyber attacks very difficult. Energy provider’s infrastructure comprises a diverse set of networks that cannot be effectively secured by simply adding technologies designed for typical enterprise IT environments. Many of the power grids’ aging assets predate the Internet revolution and are particularly vulnerable from attack and unable to identify or report malicious activity up the network chain. Substations, known as one of the most vulnerable parts of the smart grid, are particularly at risk from attack. Meanwhile, hackers have grown more sophisticated, increasing the need to defuse or deter zero-day and more sophisticated attacks.

Securing electric power delivery is thus a daunting task because of:

— Multiple zones included: Corporate IT, SCADA, and device networks: Each different zone has unique technical challenges.

— Coping with “big data” overload: Security devices on the network produce incredibly large number of logs, overwhelming stretched IT departments.

— Simplifying endpoint manageability and improving visibility: Energy endpoints are spread geographically and rarely updated and, many times, lack the ability to detect or communicate and identify a security breach. Device failures can be costly especially when they require updates if not properly managed.

— Providing the right security context for the grid: Standard IT products don’t have the right features to identify issues within the energy infrastructure or don’t understand the unique utility lexicon making it difficult to apply specialized measures need for control systems.