Ransomware Protection Storage in the Electric Power Industry
Build the last line of defense for power data security.
Power Data Security Is Fundamental
From generation, transmission, and transformation to distribution, consumption, and dispatching, today's electric power enterprises are in the business of data. Indeed, data has become the core asset of the industry, only heightening the threat of data blackmail to the security and stability of power grids.
Energy Safety
Tampering with key data — from monitoring and warning information to the operational instructions of key nodes — can causepower system faults or major security incidents.Reputational Damage
The exposure of sensitive information causes damage to an enterprise's reputation.Economic Loss
According to an IBM report in 2020, the average cost of data breaches in the energy industry is US$6.39 million each incident.Service Interruption
Malicious encryption of a database paralyzes power company services.Ransomware Attacks in the Electric Power Industry
Key Technologies
E2E Data Encryption
Protocol-layer encryption NFS, CIFS/SMB.
Advanced Encryption Standard (AES)-256 encryption of production and backup data.
Encryption during air gap replication.
Encryption during remote replication of data and copies.
Air Gap Replication
By setting the replication Service Level Agreement (SLA), data copies are automatically and periodically replicated from the production or backup storage to the isolation environment. The replication link is active only during replication, which ensures data copies are offline most of the time, reducing the possibility of attacks.
File System WORM and Secure Snapshot
A protection period can be set for production or backup data to prevent data modification or deletion during this time range.
Secure snapshots ensure storage data is read-only and cannot be modified or deleted within a specified time range.
Ransomware Detection
A baseline model is established based on historical data to check for any abnormalities in the changed feature values of the metadata of copies.
Abnormal copies are further compared to determine file size changes, entropy values, and similarities.
The Machine Learning (ML) model is used to determine whether file changes are caused by ransomware encryption, flagging them accordingly.
Intelligent threat detection
The intelligent clustering algorithm prevents brute force cracking. The CDE can detect 100 layers of compression nesting.
Intelligent threat handling
Network security collaboration restores ransomware attack paths based on threat events, delivers linkage policies, automatically isolates lost hosts, and handles threats in minutes.
Products
OceanProtect Backup Storage
Offering superb performance,efficient reduction. Stability, and reliability, to help users implement efficient data backup and reduce TCO
Learn More
Huawei HiSec Insight Security Situation Awareness System
Built on Huawei's mature commercial big data platform — FusionInsight — HiSec Insight (formerly CIS) performs multi-dimensional correlation analysis of massive data based on an Artificial Intelligence (AI) detection algorithm. It proactively detects a wide range of security threat events in real-time, tracing the attack behavior of the entire Advanced Persistent Threat (APT) attack chain. The system also collects and stores multiple types of network information, helping users detect threats, conduct forensics, and ultimately eliminate threats.
Learn More
Data center management
For intelligent and unified management of data center storage, Huawei provides a data management engine (DME) platform. Through a unified management interface and open northbound and southbound APIs, Huawei centrally manages Huawei storage, third-party storage, switches, and hosts, and implements resource provisioning, O&M, protection, and future mobility.
Learn More
OceanStor Dorado All-flash storage
Providing high performance of up to 21,000,000 SPC-1 IOPSTM, six-nines reliability(99.9999%), and intelligent acceleration for critical services.
Learn More
OceanStor Scale-Out Storage
The Huawei OceanStor distributed storage series helps enterprises unlock the value of massive data, offering diversified storage for applications such as virtualization and cloud resource pools, big data analytics, High Performance Computing (HPC), video, content repository, backup, and archiving.
Learn More
HiSecEngine USG6600E Series AI Firewall
Next-generation firewalls designed for medium- and large-sized enterprises, institutions, and next-generation data centers, they provide NGFW capabilities and collaborate with other security devices to proactively defend against network threats and resolve performance deterioration problems.
Learn More
FireHunter6000 Series Sandbox
Using virus-based and reputation-based scanning, static analysis, and virtual execution technologies as well as Huawei’s unique behavior pattern library, the FireHunter6000 series is capable of detecting unknown malicious files and providing accurate detection reports accordingly. It interworks with other security devices to quickly block advanced malicious files, preventing unknown threats from spreading and protecting core information assets for enterprises. The FireHunter is especially applicable to finance and government agencies, energy providers, and high-tech enterprises.
Learn More
News and Events