Hackers can do more than infiltrate networks and steal data. Under the right set of circumstances, they can also cause vital infrastructure, like power grids, to go dark.
To help utility companies avoid that fate, Microsoft has launched a new Azure Cyber Analytics Program for electrical grid customers. Under the terms of the offering, dubbed Microsoft Azure Certified Elite Partner Program for Cyber Analytics in Power and Utilities, the Redmond, Wash. software maker is covering the initial cost of deploying its cloud-enabled IT and security management offering, Operations Management Suite (OMS).
“The program is designed to engage Azure Certified Elite System Integrators to perform the OMS Service integration for utility customers enrolled in the program,” said Larry Cochrane, principal program manager of the Energy division at Microsoft Azure, in a July 18 announcement. “What this means to the utilities industry is customers can better track threat actors currently in their network, identify malicious software dialing outbound from their servers, and establish an alerting system to enable active network cyber defense.”
The system collects data from customer logs and analyzes it using the suitably named Log Analytics Service in OMS. It also applies threat intelligence derived from Microsoft’s own massive cloud footprint to block attacks. Finally, it provides an anti-malware assessment that customers can use to determine the protection status of their security software.
Participants are also entitled to a limited subscription to Microsoft’s Azure cloud computing platform. Grid operators can use these resources to for their own training, development and application deployment projects, said Cochrane.
The new Azure Cyber Analytics Program for electrical grid customers is currently available in the U.S. Microsoft plans to roll out the program to other territories soon, Cochrane said.
Although hacking electrical grids is a popular ploy in movies and TV shows, the threat is all too real.
After reports in 2015 of hackers infiltrating a dam not from New York City and systems belonging to Calpine, a power producer serving parts of the U.S. and Canada, security experts sounded the alarm on the sorry state of cyber-security and critical infrastructure.
“Cyber-security companies have been focusing on technologies that protect traditional IT networks for the past 20 years,” Perelman told eWEEK’s Sean Michael Kerner, in December 2015. “These technologies are not designed to protect operational networks that manage dams or electric substations, which means they have minimal or no protection measures in place.”
That same month, hackers had cut power to more than 225,000 people in Ukraine. According to a report on incident from the Electricity Information Sharing and Analysis Center (E-ISAC) and investigators from the SANS Institute, the attackers had access to electrical grid systems for months before plunging entire neighborhoods into darkness.
In 2009, Russian and Chinese spies reportedly planted malware onto to the systems of U.S. electrical grid operators. Although no electrical outages were tied to the attacks, which did little more than help hackers to map out their victims’ infrastructures, they exposed some weak points in the networks of power delivery companies.