Deutsche Telekom, Hitachi Energy and Securitas have formed an alliance to protect energy suppliers against cyber attacks.

Securing critical infrastructures requires an overarching understanding of OT, IT and physical security. A team of experts from Deutsche Telekom Security, Hitachi Energy and Securitas has developed an overarching approach that combines physical protection with enterprise network and digital operational technology security. It enables critical infrastructures to meet protection and regulatory challenges.

“Critical infrastructures are being attacked more and more frequently, said Thomas Fetten, CEO of Deutsche Telekom Security. “The latest example in Portugal unfortunately shows how cyber attacks can affect networked technology. Electricity is particularly important. A successful, precise attack on this area of critical infrastructure would cripple life as we know it. The economy, too. That’s why we’re pooling our expertise in fighting physical attacks, just as we do against attacks from virtual space.”

Pierre-Alain Graf, head of Hitachi Energy’s global security business, added: “We have a saying: the future is uncertain but electric. We are addressing climate change with renewable energy from the sun, water and wind. And are generating electricity in an increasingly decentralised way. This inevitably makes us more vulnerable to attack. The partnership therefore extends the umbrella of protection to production technology.”

And Anders Gustavsson, head of remote video at Securitas Services in Europe, said: “Building a Fort Knox around solar farms and substations is not enough. Attackers shy away from robustly secured facilities. They move into cyberspace. Together, no one can fend off attacks on company networks, operating technology and sites alone. That’s why we’re pooling our expertise.”

Attacks on the energy sector target society as a whole. Attackers include state-backed hacker groups. The German domestic intelligence services cite the intelligence services of Russia, China and Iran as the source of cyber attacks against German plants. In 2015 and 2016, hackers sabotaged power supplies in Ukraine, highlighting the impact of such attacks for the first time. More than 700,000 households were without power for hours.

The energy industry represents the most critical of infrastructure. Targeted attacks on pipelines, power plants or substations are on the rise. Examples include Colonial Pipeline in the USA and the Danish wind turbine manufacturer Vestas. In Brazil, hackers targeted the nuclear branch of Eletrobras.

The sector is one of the top-three targets for cyber criminals worldwide. That’s because the industry is now highly digital. Beyond corporate IT, smart operating computers with sensors control electricity. Digitally networked, they are also targets for attackers. Physical security is needed for plants in the energy sector. This is especially true for remote distribution stations, pumping stations and high-voltage pylons. If hackers get their hands on a control cabinet, they can attack from the inside. Even the best network firewall cannot protect against this. Here, for example, networked video cameras can keep watch over the site.