focus

Cyber-attacks target energy grids

Many of the services we take for granted today, such as energy supplies, could become the target of cyber-criminals, even if they operate from the other side of the world. Digitalisation has made networks much more vulnerable to this type of attack, and so Leonardo is working to constantly improve the defence of critical infrastructure 

The dark side of digitalisation: vulnerability

Today’s world is increasingly digitalised, with computer systems controlling not only digital networks, but more conventional ones too, such as energy generation and distribution systems and the centres connecting our road, rail, airport and telecommunications networks. This infrastructure is increasingly being targeted by hacker attacks undertaken by individuals or organisations, whether state or non-state.

This is a challenge facing the whole world, including Italy, a country with a complicated, diverse energy industry incorporating numerous plants that were built a long time ago and have been updated over the years, combining new generation systems and infrastructure with other technology dating back to a time when people were less aware of the risk of cyber-attack.

Hackers often aim to extort sums of money from their targets but could also be motivated by the goal of destabilising a country’s defences. Many of the conflicts of the future will be fought digitally. This is why cyber security is an essential theme on the agendas of nations, businesses and individual citizens. Cyber security technologies, integrated with physical protection, are essential to protect sensitive data, critical infrastructure and industry.

CYBER ATTACKS GROWTH RATE IN THE PERIOD 2019-2021 CLUSIT DATA +12%

The challenge facing Leonardo: to guarantee monitoring and an immediate response

Defending strategic resources is the most critical imperative in the event of an attack: it is essential to ensure that sources of energy, communications and infrastructure remain operational at all times.

This is one of Leonardo’s key goals, offering its services as a key industrial partner to guarantee the security of sensitive data and the robustness of strategic infrastructure, contributing to technological sovereignty across Europe. Leonardo supports operators of essential services in 360 o management of cyber security, offering them the benefits of its ‘Threat Intelligence’ platform to prevent cyber-attacks through identification of potential threats, their motivations and dynamics.

Leonardo also assists in fulfilling regulatory requirements in the areas of security and incident reporting, and guarantees 24-hour monitoring of infrastructure through its Security Operation Centres (SOCs), with dedicated teams to manage and resolve cyber-attack incidents.

Moreover, as the human element is key to managing security, Leonardo offers dedicated platforms (Cyber Range and Cyber Trainer) to educate critical infrastructure employees in the field of cyber security, keeping them up to date and ready to respond immediately to even the most complex and sophisticated threats.

SECURITY OPERATION CENTRE (SOC) KEY FIGURES 5.000 70.000 130 OVER NETWORKS AND USER CYBER-PROTECTED IN COUNTRIES 1.500 OVER ALARMS MANAGED PER DAY 90.000 SECURITY EVENTS MONITORED EACH SECOND

The latest agreements with key players in the energy sector

To guarantee monitoring of critical facilities and prompt intervention when required, Leonardo works both first-hand to make constant improvement to its own systems, services and solutions, and in partnership with some of the most important players in energy and infrastructure.

Leonardo and Maire Tecnimont have signed an agreement supporting the evolution of production techniques through the design of new generation greenfield plants (yet to be built) and brownfield plants (already operational) to transform natural resources and green chemistry.

The goal is to increase the competitiveness of Italian and international companies with integrated cyber security solutions and digitalisation of operating processes. The initiative aims to develop a single platform for Italian engineering and design that will stand out as an international benchmark for the construction of turnkey industrial sites with a high level of digital content, cyber security and technologies to guarantee more sustainable processes and products.

Field testing prototypes of new solutions to meet the demands of cyber security in energy infrastructure is the goal of a partnership between Leonardo and A2A. The experiments will focus above all on analysis of cyber risk to digital assets and services, virtualisation of practical tests, and protection of the workstations used to control plants.

These are critical processes to protect strategic infrastructure, essential in exploiting the opportunities offered by our energy system’s evolution towards digitalisation and decentralisation – consequences of the energy transition and development of renewable energy sources – while at the same time responding to the implications for security.

Experiments will be conducted with a new generation system to analyse cyber risk, enabling management of the entire intelligence cycle, from definition of requirements to collection of information sources, analysis and generation of reports, and indicators of compromise. This will allow precise identification of threats and the probability of an attack taking place, with implementation of the most appropriate countermeasures.

Additionally, Leonardo will explore with SNAM the possibilities offered by today’s most innovative technologies to increase the operational efficiency and robustness of industrial plants.

Areas of collaboration include Industry 4.0 – with applications for digitalised management of infrastructure and industrial processes based on IT, OT, IoT (Internet of Things), Artificial Intelligence and Machine Learning, Big Data, Blockchain, Advanced Analytics and Digital Twinning. The collaboration also extends to infrastructure security, employing situational awareness solutions, mission-critical communication technologies and advanced sensors. Drones and satellites will be employed in monitoring assets.

In the area of cyber security, the partnership involves analysis of the context of cyber-attacks and monitoring, detection and response to such attacks.

There are no results.