Combatting Ransomware Attacks

Ransomware attacks are the fastest growing form of cyberattack worldwide. With a 500% rise in ransomware attacks against industrial entities between 2018 and 2020, power grid cybersecurity leads have their work cut out getting on top of this ever changing, highly disruptive and hugely costly form of attack. The availability of more advanced encryption technologies, the rise in the value of cryptocurrency, the explosion of Ransomware-as-a-Service offerings on the dark web, and the sudden expansion of the victim pool through WFH and BYOD trends, has made ransomware attacks the go-to exploit for semi-skilled cybercriminals looking to maximise their ROI. As cybercriminals shift their attention away from low value ‘spray and pray’ targeting methods to higher value ‘big game hunting’ approaches, power grid cybersecurity and engineering teams must prepare now to fight a more ferocious and frequent cyber battle in the year ahead.

In this 60-minute webinar, we explore the factors fuelling the explosion of ransomware activity in the power grid environment, and examine the prevention, detection and response strategies that cybersecurity leads must employ to get ahead and stay ahead of the attackers. We consider how more reliable data backups can be created to support business continuity in the face of an attack, and how incident response strategies must transform to better support the attribution process, bring cybercriminals to justice, and deter future attacks.

When cybersecurity leaders get on top of their cyber hygiene, implement a reliable data backup strategy, develop a robust incident response procedure, refuse to pay the ransom, and pin their reputations to ‘fighting’ rather than ‘siding’ with cybercriminals, the power grid becomes unapproachable to thrill-seeking, havoc-wreaking, ROI-chasing cybercriminals!

Session 1: Understanding the factors driving the explosion of ransomware attacks worldwide and determining how these trends are likely to impact power grid operations in the next 2-3 years

• Profiling Ransomware-as-a-Service offerings and understanding how this trend is paving the way for more ferocious and frequent ransomware attacks against more complex IT and OT converged environments

• Reviewing the most recent and widely spread ransomware attacks and determining lessons learnt that can be applied to the power grid

• Predicting how next generation malware is likely to impact OT environments and what power grid cybersecurity leads must do now to get ahead of the threat

Roya Gordon, Energy Cyber Threat Intelligence Manager

Accenture

Roya joined iDefense-Accenture Security as a resources and industrial control systems (ICS)-focused cyber threat senior consultant in 2019. Before joining Accenture, Roya worked at Idaho National Laboratory (INL), one of the national laboratories of the United States Department of Energy (DOE), where she amassed experience in cyber-threat analysis and assessments for the US energy infrastructure. She holds an MA in global affairs with a focus on cyberwarfare, and a BA in international relations. Roya also served six years in the United States Navy as an intelligence specialist.

Session 2: Developing a robust prevention, detection and response strategy against ransomware attacks in IT and OT converged smart utility environments

• Leveraging advanced threat prevention techniques to build a multi-layered defence-in-depth technical strategy against ransomware attackers

• Developing a highly reliable tamper proof data backup strategy to support business continuity in the event of a ransomware attack

• Implementing a robust incident response strategy to support the attribution process with timely incident reporting

Alexander Harsch, Head of Cyber Resilience Department

E.ON

Alexander Harsch is Head of the Cyber Resilience Department and he is the responsible project manager for E.ON’s CyberRange-e. Alex and his department are providing Cyber Security Consulting to E.ON’s DSOs. He supported the design and implementation of certified ISMSes on the basis of the IT security catalogue of the Federal Network Agency and the international standards ISO/IEC 27001 and ISO/IEC TR 27019. Prior to joining E.On, Alexander worked for more than 10 years in the Management consultancy at PricewaterhouseCoopers in the area "Cyber & Forensics".

Session 3: Implementing the most effective technical solutions to guard against next generation ransomware attacks against the power grid

• Investing in an extensive social engineering awareness programme to build a robust human firewall against ransomware threats

• Maximising the effectiveness of threat prevention and detection solutions

• Guarding IT and OT converged environments from the threat of next generation ransomware attacks

Emil Gurevitch, Senior Security Architect

Networked Energy Services (NES)

Emil is a member of the OSGP Alliance, the global non-profit association dedicated to the adoption of the Open Smart Grid Protocol (OSGP). He helps promote, evaluate, architect, and deploy secure smart grids. Emil has 17 years of experience in identifying and helping remediate security vulnerabilities in critical systems, most recently in power grids. Emil was Security Lead at a large utility in Europe, helped develop security solutions at IBM, and holds a MSc in Computer Science with specialization in Information Security. Today, he is Senior Security Architect at NES where he helps develop secure Smart Grid products and threat detection solutions.

Welcome to Combatting Ransomware Attacks

Webinar Programme