TI Safe - The industry of the future requires that companies are increasingly interconnected. In your assessment, what are the main risks of digitizing power grids and how can they be mitigated?
Paulo Antunes - We are really experiencing the Internet of Energy (IoE) revolution, in which we see more and more connected power devices in cloud systems, as well as a huge array of protection equipment accessible through LANs (Local Area Network of local area). Companies do this in order to extract value from the information on these devices so they can be more efficient and competitive. However, the more devices connected, the greater the exposure surface and hence the greater the risk of cyber attacks. That's why cyber security is so important to the IoE revolution, because all this technology will only gain scale if people rely on this system if it is secure.
There are several risks involved in power systems, the most dangerous of which are related to the possibility of someone taking remote control of a substation or power plant. And, thus, act to carry out a wide shutdown in the electric power supply. Like the recent blackout Venezuela, due to failure in the hydroelectric Guri, that supplies almost 80% of the country. President Nicolás Maduro attributed the lack of electricity supply to a cyber attack (still unproven). There is also the classic case in Ukraine in which a blackout officially awarded by the US Department of Homeland Security for hacking attack.
At Siemens, we consider that an energy system requires a holistic approach, including:
- Safety equipment and systems
- People trained in cyber security
- Appropriate processes for control and use of cyber security technologies.
The solution depends on each installation and client. We understand that there is no single answer. Thus, the phases of a project go through:
- Infrastructure evaluation of the energy automation system
- Implementation of security measures
- Maintaining cybersecurity over time
Siemens is very attentive to this issue and about a year ago signed a document called Charter of Trust, together with several multinational companies. In this document, there is a commitment to cybersecurity to be on the agenda of CEOs and core of enterprises, with 10 principles for a more secure digital world. More information is available on the website: https://new.siemens.com/global/en/company/topic-areas/digitalization/cybersecurity.html
TI Safe - How can reliable and robust power automation networks be architected in this advanced manufacturing scenario?
Paulo Antunes - Siemens makes use of the international standard IEC-62433 to define the safety mechanisms of its electrical energy automation projects. This standard defines how protection and deployment of such systems should be made. We also use the principle of in-depth defense in defining a secure system, the principle of secure design in the definition of network topology and architecture, and the principle of least privilege in defining the roles of users in the system. To achieve the required level of security, we have combined a number of security measures. They are applied according to the reality of each company and in a way not to interfere in critical telegrams used, for example GOOSE:
Access control and credential management
- Malware protection
- Secure Remote Access
Our products are being developed with a number of embedded cyber security features, such as:
- RBAC - Role-based access control with central user management.
- Logging with cyber security central alert management
- Digitally signed firmware with crypto-chip usage
- Encryption in protocols for sensitive information traffic
- Safe storage of sensitive information inside the equipment
Thus, we immediately address two points of our holistic approach:
- Secure equipment
- Appropriate processes for using cyber security technologies
TI Safe - How does the automatic cyber security checking tool of Siemens Power Automation Systems work?
Paulo Antunes - The tool we use is called Siesta (Siemens Extensible Security Testing Appliance). It is a solution that supports us in the execution of projects and can be applied in the following phases:
- Infrastructure evaluation of the energy automation system
- Implementation and confirmation of security measures
The solution has a number of built-in routines, which tests the existing system against standards and implements best practices for configuring equipment to detect vulnerabilities and configuration errors in solution components. The result is a report in "Farol" format, classifying the level of problems found in red / yellow / green. This serves as a basis for defining the security measures that must be applied to ensure cyber risk mitigation in critical energy infrastructures.
Company launches new channel in the instragram and from May starts roadshow for the energy segment
TI Safe is on the Instragram. In March, the company launched its profile on the network, with the premiere behind the scenes of the cybersecurity program of Innovations TV. The program, to be screened in the United States in April by Fox Business, Discovery Channel and VoA News, was recorded at the TI Safe office in Rio de Janeiro and at Companhia de Eletricidade da Bahia, in Salvador. The next coverage of the Channel will be the Hannover Messe. Beginning with 1 in October, the TI Safe profile will post exclusive photos and videos. Follow: www.instagram.com/ti_safe.
Another novelty is that, starting in May, the Brazilian round of TI Safe presentations for the electric sector will begin. Please wait for more information soon.
Leakage of audiences in politics has become a common practice. But not everything can be leaking, it is possible that it is also theft
Among all the barbs publicly exchanged between President Jair Bolsonaro and Gustavo Bebiano, former minister of the General Secretary of Social Security, a controversy hovered in the air: were the audios that proved that Bebiano did not lie, as he accused one of the president's sons ? In this specific case it was clear that there were many interests involved, so the purposeful leak by the politician was not effectively questioned. However, the subject raised the public for the existence of a black market for the purchase and sale of audios.
Marcelo Branquinho, CEO of TI Safe, explains that the simplest way to access whatsapp application data from anyone remotely is to obtain that user's password. "When you install the application on the handset, cloud backup is enabled and all messages and audios downloaded are stored. Just have the user and password of the user in the cloud to access this data from anywhere in the world, "explains Branquinho. But how can you get the passwords used to access the cloud? At this point, some Russian companies get involved in getting and selling this information. According to Branquinho, the service goes out for U $ 50, 00 and in 48 hours it is possible to obtain the password of the person, simply providing the user name that needs to be hacked.
Another way to access audio files is even simpler. The whatsapp web tool, which enables any computer or tablet to mirror information about messages, audios and videos exchanged by the application installed on the phone, has been gaining more and more supporters in the business environment. This feature opens a channel for data theft, since the phone is close enough for the content to be accessed by another computer. Finally, the practice of cell phone cloning, which is usually by the use of a frequency scanner or a high-frequency radio receiver, is another way of obtaining the data. "From these devices it is possible to identify the line and serial numbers of the device. The data received are transferred to a clandestine cell phone, "details Branquinho.
Malware for androids, which manage to steal a message through whatsapp, the so-called "Skygofree", also have quite sophisticated espionage features. "You can take photos, capture video, get call records and read text messages. The malware records conversations and noises automatically when the infected device enters a specific location and connects the device to wifi networks controlled by hackers, "he says. It also has a new type of spyware that can sift through WhatsApp messages and compromise them in an unwanted way. Android-based malware may not only go through chats, but also induce a variety of surveillance methods in WhatsApp, which could hinder privacy.
Recent blackout in Venezuela calls into question the need to protect interconnected electrical systems
There are no official data on hacker intrusions in the Brazilian Electrical System. However, the authorities have long been aware of the risks. The Cyber Defense Command of the Brazilian Army put into practice, at the end of last year, the simulated exercise called "Cyber Guardian", in which Brazilian government and private companies carry out preventive training against cyber attacks. According to industry experts, despite being an important protective measure, it should not be the only one.
Marcelo Branquinho, CEO of TI Safe, warns of the fragility and risks of the Brazilian electricity system and parallels the blackout in Venezuela, which, like Brazil, is an interconnected system of generation, transmission and distribution. "The blackout occurred after a failure at the Guri hydroelectric power plant in the Venezuelan state of Bolívar, responsible for 70% of the country's electricity supply. The government of Nicolás Maduro accused the United States of having caused a cyber attack and this possibility, effectively, should not be discarded, "he emphasizes.
In the evaluation of Branquinho it is necessary to observe that the electrical infrastructure in Venezuela is old and has not undergone security updates and, therefore, is a very easy target for hackers. "The shutdown (intentional or not) of a main branch substation can jeopardize much of the country's energy supply. This scenario makes it possible for a well-planned cyberattack to really lead the country into darkness. Depending on the cyber weapon used it can be very difficult to recover the systems hit, leading to power outages for days or weeks, "he details.
Therefore, for the executive, Brazil, which has conditions of generation, transmission and distribution of electricity very similar to those of Venezuela, should not only simulate and train to exit a power crisis quickly, but also establish public policies that, effectively , ensure security in mission-critical enterprises.
Begins at 1 in April at Hannover Messe, the leading event for industrial technology development in the world
TI Safe will be the only Brazilian company to talk about cyber security at the Conference and will have two speakers in the main grid
Between 1 and 5 in April will take place in Hannover, Germany, the largest and most influential industrial technology fair in the world. In this edition, Hannover Messe will have more than 6,000 exhibitors and the expectation is that 220 thousand people will visit the Fair this year. Technical innovation is the predominant element of parallel forums, conferences and special events, which will take place simultaneously. Hannover Messe brings together all major technologies and core areas of industry, research and development, industrial automation, IT, industrial supply, production technologies and services for energy and mobility.
At the main seminar, two executives from Brazil's TI Safe will speak. On 3 in April, Thiago Branquinho, using real cases, will present how to protect the distribution of energy to millions of people against cyber attacks. Already on the 4 of April, Marcelo Branquinho will talk about the learning of machines applied to the cybernetic security of industrial plants.
TI Safe is the only Brazilian company focused on cyber security in the Congress.
Angela Merkel, German Chancellor, and Stefan Löfven, Prime Minister of Sweden, open the opening ceremony. Names like Christoph Dammermann, from the Ministry of Economic Affairs, Innovation, Digitization and Energy of North Rhine-Westphalia, one of the 16 states of Germany; Marius Dackweiler of the Karlsruhe Institute of Technology (KIT); Dennis Grossmann Add-on Manufacturing Consultant at Print-Concept; Dominik Dörr, founder of SIMUTENCE, among others, will talk about innovation and technology during the five-day event.