Cyberdefence exercise: Securing the virtual shield wall

Locked Shields is the world’s largest and most advanced international network defense exercise. Siemens, a cooperation partner of the NATO Cooperative Cyber Defence Centre of Excellence, has contributed its electrical power control system to the exercise in recent years.

 

By Christopher Findlay

Modern societies depend on a set of critical infrastructures, and none is more critical than energy supply, which keeps all other elements running. Because cyberattacks have become more prevalent due to digitalization, cybersecurity training is becoming an essential part of securing and protecting assets. At a recent cyberdefense exercise in Estonia, governments and industry partners, including Siemens, collaborated with the NATO Cooperative Cyber Defence Centre of Excellence (NATO CCD COE) to train against cyberattacks.

Banking, the internet, water supply, and other essential services cannot operate without power. This interface between the physical world and the virtual digital space creates tremendous new possibilities and generates huge amounts of data that can be used to optimize services or gain a better understanding of usage patterns.

Strong defenses – a local specialty

The ancient capital of the young Baltic state has a long history as a fortified position. Tallinn’s medieval ramparts bear testimony to a successful defensive game through the ages, as does the beautiful old town, which has survived the ravages of wars and sieges largely intact. Over its roofs, Vana Toomas (Old Thomas) has been on the lookout since 1530. As one of Tallinn’s emblems, the wrought-iron guardsman straddling a weather vane atop City Hall represents a tradition of steadfast watchfulness.

 

Some modern-day ephemeral threats, however, cannot be warded off with physical towers and battlements, and so the defenders who have “Locked Shields” today are deploying virtual protections to ensure the continued operation of the infrastructures assigned to them. Twenty Blue Teams in multiple countries must maintain the services and networks of a simulated military airbase. In the sixth floor of the Swissôtel Tower, the referees watch as rows of monitors display a sustained cyberattack in real time. 

 

“Locked Shields is the biggest and most complex international live-fire exercise in the world,” says Sven Sakkov, Director of the NATO CCD COE, which has organized the exercise since 2010. At its core is an issue that affects the very underpinnings of modern societies, he says: “Our everyday life depends on cybersecurity. It’s about the banking system, about the economic life of a modern country. The energy sector is one of the critical parts of that critical infrastructure, because everything we do needs electricity, and the assuredness of supply and the resilience of the grid are fundamental in how the modern world operates.”

Realistic threat landscape

Supply security and grid resilience are fundamental to how the modern world operates.

Sven Sakkov, Director, NATO CCD COE

The Siemens Spectrum Power solution has been by far the most complex system ever used in the Locked Shields exercise series.

Raimo Peterson, Technology Branch Head at NATO CCD COE

Control centers are the heart and brain of any power system. Therefore, their safe operation and protection is of utmost importance.

Volker Distelrath, Head of Cybersecurity, Siemens Energy Management Division

Aiming for the heart

That’s why the Spectrum Power system is ideal for “target practice” in this cyberdefense training. “Control centers are the heart and brain of any power system. Therefore, their safe operation and protection is of utmost importance,” says Volker Distelrath, Head of Cybersecurity at the Siemens Energy Management Division. 

 

The way grids are operated and managed has changed drastically in the last years with the penetration of renewable and decentralized energy resources. The need for network optimization, interaction with prosumers and consumers, and the numbers of new market participants have all significantly increased. With information and communication technology penetrating distribution networks and even households, the growing interconnections create more vectors for potential attacks to critical infrastructure. Consequently, cybersecurity is a top priority for power system operators today.

The advanced network management and automation platform combines central access management for SCADA systems with smart-grid elements and is interoperable with the systems of other manufacturers. Therefore, the Spectrum Power can be integrated with any existing IT security environment. But its manifold functions also underscore the importance of defending this key asset against malicious actors. 

 

For Siemens, involvement in the training of cyber-experts offers insights into how they defend targets like the Spectrum Power. Since Siemens is a leading provider of cybersecurity solutions and also offers comprehensive consulting services on this topic, the opportunity to apply this know-how to a large-scale attack scenario is also a unique occasion for learning and practicing. For the company, it is extremely important to be able to improve both the safety of its own products and the quality of the consulting services it offers to make customers’ infrastructures even safer.

 

At the same time, the Red Team’s efforts to penetrate the system are also of great interest to the Siemens team participating in Locked Shields. “This knowledge will help us to improve our systems and make them more robust against potential cyberattacks,” says Distelrath. “This training is crucial, and builds up experts’ confidence, knowledge, and experience in handling sophisticated cyber-attacks,” he believes. 

2019-01-28

Christopher Findlay, journalist based in Zurich, Switzerland

Picture credits: Markus Zucker, photographer and film-maker based in Berlin, Siemens AG

Subscribe to our Newsletter

Stay up to date at all times: everything you need to know about electrification, automation, and digitalization.