Every day, data informs the decision-making processes of power sector companies around the world. Collecting, storing, and effectively using data is vital at both individual system and network level.
However, it isn’t just utilities, power generation companies and other legitimate enterprises that are aware of this. Criminals are too, and there is no better – or perhaps worse – example of data protection risk than the risk of a ransomware attack.
Enjoy 12 months of exclusive analysis
- Regular insight and analysis of the industry’s biggest developments
- In-depth interviews with the industry’s leading figures
- Annual digital subscription to the PV Tech Power journal
- Discounts on Solar Media’s portfolio of events, in-person and virtual
Or continue reading this article for free
More specifically, public services such as electric power are the world’s second most-targeted industry sector by blackmailers.
The average cost of a data breach in the energy industry is US$6.39 million for a single incident, according to research published in 2020 by IBM. Authorities are waking up to the threat.
Gartner forecasts that 75% of all enterprises will have faced ransomware attacks of some kind by 2025. The consultancy says nearly a third of all countries in the world will pass legislation concerning ransomware by that time.
That may be a positive step forwards, but bear in mind that as of last year, 2021, less than 1% of countries had such legislation in place, dealing with legal penalties for ransomware attacks and other aspects like how to negotiate out of them.
As well as the economic cost, which should not be understated, breaching energy companies’ operational data networks can also present severe safety and security risks.
“In recent years, ransomware attacks against the power industry have increased rapidly. Once controlled by attackers, it will cause business interruptions in the power system, economic losses, and even serious security incidents,” says Michael Fan, Director of Data Storage Solution Sales at Huawei.
It can also make companies liable if customer information is stolen or leaked, while of course, it can endanger the stable operation of grids or other infrastructure, posing risks to continuity and quality of energy supply.
In an investigation conducted this year into data breaches across electric power and adjacent sectors, telecoms company Verizon found that many energy enterprises are quite conservative in their approach to adopting new technologies.
That means they are often only weakly protected, if at all, but at the same time are high-value targets for would-be ransomware attackers. The frequency of website application attacks and system intrusion attacks on electric power companies is rising rapidly, faster than in any other industry, Verizon found.
“Huawei launched a ransomware protection storage solution for the power industry to build the ultimate protection for power business data security,” Michael explains.
What to do?
There are several types of ransomware attacks. From long-term extortion of large enterprises and key government infrastructure to criminal enterprises marketed to one another as “ransomware-as-a-service,” all the way to sophisticated and persistent cyberattacks classified as Advanced Persistent Threats (APT).
Whatever the nature of the threat, simply paying the attackers their demanded ransom or cooperating with blackmail is not a smart way to end a ransomware situation.
Cyber economy research group Cybersecurity Ventures found that not only are attacks happening somewhere in the world every few seconds, but of those that paid ransoms, 80% were extorted a second time.
Meanwhile, almost half of the companies extorted don’t get back all or even any of the data stolen, even if they pay or meet other demands. Not to forget that even after the ransom is paid, by then the average downtime will already have been 16 days of lost productivity, and recovery is slow due to server performance being affected.
Four-layered protection to keep data safe and confidential
Fortunately, there is an answer. With decades of R&D experience in the ICT field, Huawei has more than 70 cybersecurity certificates and 35 AEO certificates in 28 different regions and countries.
Huawei Electric Power Industry Ransomware Protection Storage Solution is tailored to the power industry’s needs, protecting against ransomware attacks and other data breaches.
The solution has been launched for the electric power industry after its successful application in the financial and chemical industries.
With industry-leading data recovery speeds and a 99.9% ransomware identification rate, Huawei offers the most comprehensive ransomware protection storage solutions around, based on four ‘layers’ of protection technology.
From primary storage to backup, Huawei’s Ransomware Protection Storage Solution provides four layers of protection, better securing the data assets of electric power companies.
These layers identify and intercept ransomware, while securely snapshotting and backing up valuable data, and creating an isolation zone for affected areas of the network.
Secure snapshots mean recovery is possible within seconds, while Huawei’s backup storage enables 172TB/hour recovery, 5x faster than competitor products. End-to-end encryption prevents hackers from accessing confidential data when they break into the storage network, thus minimising the harm of data leaks.
Layer 1 detects, analyses and intercepts incoming ransomware viruses as it creates a production storage Air Gap: keeping sensitive data copied, offline and therefore inaccessible to attackers. On detecting and intercepting attacks, it takes proactive measures to isolate and prevent ransomware spreading and ensures stored data copies are uninfected.
Layer 2 uses the secured snapshots on the production storage to recover data within seconds. A write once read many (WORM) file system can set data protection cycles on both production and backup storage. That prevents arbitrary modification and deletion of data during the protection period.
Layer 3 sees production storage and backup storage copied to a separately established physical isolation area, using Huawei’s Air Gap technology. A copy of this isolated area can be used for data recovery purposes if both production and backup storage are found to be breached. This is kept offline during key points in the process, making it impossible for a ransomware attacker’s hack into the production network to penetrate the secured isolation zone.
Layer 4 ensures confidential data remains confidential, with secure encryption of protocols, production storage, backup storage, Air Gap replication links and more.
Huawei’s OceanProtect Data Protection and OceanStor Dorado high-end and high-reliability all-flash storage system together give you the industry’s most comprehensive protection based on accurate detection and fast data recovery.
Currently, multiple enterprises around the world have selected Huawei’s anti-ransomware protection solution and achieved zero data tampering and deletion. The storage recovery performance has improved fivefold, unified management of production and backup storage and facilitates O&M and reduces TCO by 30%.
Don’t let your company become another ransomware statistic. Don’t risk losing customers’ trust by taking chances on data security and letting the bad guys in.
Learn more about how Huawei Electric Power Industry Ransomware Protection Storage Solution ensures data security.