In a world where web-based hacker attacks have reached far beyond lifting personal credit card information, a Herzliya- based firm is preparing to launch a first-of-its-kind Energy Cyber Security Center this fall.
“We are now in the position to help every country, every utility – whether it’s gas, water, or energy – to secure their digital network, to integrate today with electric cars, with energy infrastructure, with storage devices,” Daniel Jammer, founder and CEO of energy cyber security firm Nation-E told The Jerusalem Post.
Aiming to tackle threats to infrastructure around the globe, the company plans to launch its Energy Cyber Security Center in Hadera on September 15.
There, Nation-E and its growing team of professional hackers will provide testing for companies around the globe – evaluating the strength of microgrids, smart meters, and all grid-connected devices, and determining how and why attackers are able to infringe.
“We are talking here about what is not a game – it is real life, real responsibility,” Jammer said. “To integrates renewables, to integrate our new century of grid becomes dangerous. We need to start securing it, we need to start monitoring it. “ At the recent World Cup, Nation-E was chosen by the Brazilian government to provide full support for the broadcasting infrastructure, including constant monitoring and securing of the energy supply, Jammer said. Such monitoring was crucial, Jammer explained, due to the hundreds of electricity meters, batteries, 6,000 diesel generators, and other devices all connected to one system.
As Nation-E works to build up its customer base for the Energy Cyber Security Center, Jammer has identified many potential clients: sea ports and airports, production lines, hospitals, data centers, financial services, sports and entertainment centers, utilities, telecommunications – such as smart-home infrastructure, machine-to-machine communication, and consumer data – and global engineering houses like Siemens, General Electric, and IBM. At the center, professional team members will provide energy cyber security, energy risk management, and business continuity.
“Everybody wants to have data, to understand what’s happening,” Jammer said. “But these data are vulnerable.”
Jammer and his employees are aiming to provide a solution to that problem – to prevent future infringements into increasingly smart electricity networks, against hackers who can get into these networks and from there, access all of the data stored within tomorrow’s “smart house.”
“The first layer of smart grid can be rolled out in a very smart way if you understand that you need to secure your customer,” Jammer explained.
In the modern utility, having a “dynamic network where you can reach millions of customers at the same time” is essential, according to Jammer.
Such communication must be bi-directional, so that consumers – who are increasingly becoming producers – can determine when to feed the renewable energy they generate at home to the grid.
“To communicate with someone who has energy is a gift,” Jammer said.
“Either utilities need to invest more and more into generation assets, or they are working with people like you and me.”
Nation E’s cyber security system works by targeting several different fronts. For the private consumer, an energy cyber security router sits in the home, connected to personal computers, mobile devices, smart meters, and any renewable energy infrastructure that may feed electricity to the home and the national grid, Jammer explained.
Utilities, on the other hand, can make use of the company’s Cerebrum system, which allows them to act as a command and control center that communicates securely with consumers. In the future, consumers will potentially be able to provide the grid with electricity through home solar or wind energy generators.
For the energy cyber router, the company will be charging a one-time fee of $299 plus $2.50 per month for each at-home infrastructural connection, such as solar energy generators, storage units, or automotive charging spots.
As far as utilities and the Cerebrum software are concerned, these companies will receive the software itself for free but will need to pay $2.50 for every consumer they want to connect.
“The idea is to give all the companies in the world the possibility to test it, to integrate it, to mitigate it, to challenge it, and to say they want to install it,” Jammer said.
At the center, utilities will be able to learn how to integrate these cyber security features within their particular network, specifying their individual needs and receiving risk mitigation recommendations from the center’s employees.
The center’s “Red Team” – essentially a hacking team – will try to attack energy storage, fuel cells, inverter-converters, wind and solar energy generators, and other pieces connected to the grid.
“This team will give you everything that you need in order to integrate and have a certified approach. Your network is cyber secure and ready to go,” Jammer said.
Thus far, about 40 utilities from Germany, Luxembourg, France, and a number of other countries have begun approaching Nation-E about the future center and the company’s technology, Jammer said.
Nation-E’s Energy Cyber Security Center will work in cooperation with the Israel Electric Corporation’s “Cyber Gym,” also located in Hadera, which serves a different, but related function, Jammer explained.
While the IEC’s Cyber Gym also works on preventing vulnerabilities in grid infrastructure, it is doing so on a more macro level, focusing on the larger supervisory control and data acquisition (SCADA) and information technology systems, according to Jammer.
“What we are doing is we are giving them the possibility to integrate with our system and give a complete holistic approach to a utility, from the command and control center to the last point of the energy infrastructure,” he said.
Energy cyber security is becoming increasingly critical, commenting on a particular incident in which utilities faced threats earlier this month, Jammer stressed in a recent follow-up phone interview. At the beginning of July, media sources around the globe reported on the Russian “Energetic Bear” virus that enabled hackers to penetrate power plants in Europe and the United States.
“A cyber-attack has no face, and that’s the problem,” Jammer said. “It has no sender and doesn’t matter from where it comes. In order to mitigate it we need to position ourselves correctly.”