Deceptive Cyber Security: Can You Spot the REAL Orion?
PUBLISHED ON Oct 03, 2012
In the July 2012 issue of TechTalk we mentioned Professors Peter Idowu and Jeremy Blum of Penn State evaluating a Cyber Security approach known as a honeypot which may be applicable to the electrical utilities. In computer terminology, a honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer, data, or a network site that appears to be a part of a legitimate network – and which seems to contain information or a resource of value to attackers – but is actually an isolated and monitored decoy. Professor Blum’s group emulated the encrypted communications of the OrionLX Substation Automation Platform in order to create several hundred OrionLX decoys on a test network, creating uncertainty for a potential hacker about which OrionLX is the legitimate target.
In the Penn State simulation, all traffic to the web-based applications is monitored, so that attacks specific to this device can be recorded and analyzed. In addition, the emulation system uses Snort, a popular intrusion detection system, to log and analyze attacks on other aspects of the system, for example, the web server, secure shell server, and the operating system. Given that the honeypot emulation is restricted unauthenticated access, both types of attacks would include attacks whose goals are reconnaissance of critical infrastructure or subverting or bypassing the authentication mechanism. This venture has already resulted in improvements to the OrionLX security features.
As the honeypot system is finalized, Penn State plans to work with NovaTech Automation to find a utility willing to host the honeypot system on their network. If the honeypot system is deployed in the IP address space belonging to an electric utility, it is more likely to be probed in a targeted attack and more likely to fool an attacker into believing that the honeypot is an actual device. Work is still in progress and expectations are that the system will be ready for deployment in the field later in 2012. Electric utilities interested in this next phase, please contact Ray Wright, VP Utility Marketing at firstname.lastname@example.org.
Jul 11, 2012
Bitronics Ten Year Hassle-Free Unconditional Guarantee
This new warranty applies to all Bitronics products, and is retroactive to all shipments made from Bitronics from January 2, 2012. All previous Bitronics terms and conditions apply. 70 Series Update Version 3.09 firmware is the latest version. A...
Jul 11, 2012
View SEL® Event Reports in OrionLX Webpages SEL Event Reports and other SEL relay non-operational data can now be viewed in OrionLX webpages. The ASCII IED WEB option (code #55) enables online viewing of METER, HISTORY, DEMAND, METER E, PEAK,...
Jul 05, 2012
Better NovaTech Automation Products Through Research Ventures at PennState, North Carolina State, and Others
In the past year, NovaTech Automation has donated Orion and Bitronics products to power engineering, cyber security, and Smart Grid research projects at PennState University and North Carolina State University. Previous years’ donations...