Ransomware Protection Storage in the Electric Power Industry
Build the last line of defense for power data security.
Power Data Security Is Fundamental
From generation, transmission, and transformation to distribution, consumption, and dispatching, today's electric power enterprises are in the business of data. Indeed, data has become the core asset of the industry, only heightening the threat of data blackmail to the security and stability of power grids.
Energy SafetyTampering with key data — from monitoring and warning information to the operational instructions of key nodes — can causepower system faults or major security incidents.
Reputational DamageThe exposure of sensitive information causes damage to an enterprise's reputation.
Economic LossAccording to an IBM report in 2020, the average cost of data breaches in the energy industry is US$6.39 million each incident.
Service InterruptionMalicious encryption of a database paralyzes power company services.
Ransomware Attacks in the Electric Power Industry
Electric power enterprises and infrastructure are the focus of attacks.
The double extortion model increases the risk of data breach.
Ransomware as a Service (RaaS).
The supply chain becomes the main entry point for extortion attacks.
Advanced Persistent Threat (APT)-like ransomware attacks.
The new normal of insecure data.
Added I/O-based and entropy-based storage detection mechanisms, up to 99.9% identification accuracy through the network-storage collabration, cover pre-, in-, and post-event.
Building an in-depth system with two lines of defense and six layers of protection, makes IT systems harder to be attacked. The innovative network-storage collabration protection mechanism is updating the network security and storage interception blocklist in real time based on the captured threat file features.
Huawei storage provides protection actions: snapshot, backup, and Air-GAP. Based on the network-storage collabration recovery mechanism, actions are triggered in advance, greatly reducing the recovery time to the second-level.
E2E Data EncryptionProtocol-layer encryption NFS, CIFS/SMB.
Air Gap ReplicationBy setting the replication Service Level Agreement (SLA), data copies are automatically and periodically replicated from the production or backup storage to the isolation environment. The replication link is active only during replication, which ensures data copies are offline most of the time, reducing the possibility of attacks.
File System WORM and Secure SnapshotA protection period can be set for production or backup data to prevent data modification or deletion during this time range.
Ransomware DetectionA baseline model is established based on historical data to check for any abnormalities in the changed feature values of the metadata of copies.
Intelligent threat detectionThe intelligent clustering algorithm prevents brute force cracking. The CDE can detect 100 layers of compression nesting.
Intelligent threat handlingNetwork security collaboration restores ransomware attack paths based on threat events, delivers linkage policies, automatically isolates lost hosts, and handles threats in minutes.
OceanProtect Backup Storage
Offering superb performance，efficient reduction. Stability, and reliability, to help users implement efficient data backup and reduce TCO
Huawei HiSec Insight Security Situation Awareness System
Built on Huawei's mature commercial big data platform — FusionInsight — HiSec Insight (formerly CIS) performs multi-dimensional correlation analysis of massive data based on an Artificial Intelligence (AI) detection algorithm. It proactively detects a wide range of security threat events in real-time, tracing the attack behavior of the entire Advanced Persistent Threat (APT) attack chain. The system also collects and stores multiple types of network information, helping users detect threats, conduct forensics, and ultimately eliminate threats.
Data center management
For intelligent and unified management of data center storage, Huawei provides a data management engine (DME) platform. Through a unified management interface and open northbound and southbound APIs, Huawei centrally manages Huawei storage, third-party storage, switches, and hosts, and implements resource provisioning, O&M, protection, and future mobility.
OceanStor Dorado All-flash storage
Providing high performance of up to 21,000,000 SPC-1 IOPSTM, six-nines reliability(99.9999%), and intelligent acceleration for critical services.
OceanStor Scale-Out Storage
The Huawei OceanStor distributed storage series helps enterprises unlock the value of massive data, offering diversified storage for applications such as virtualization and cloud resource pools, big data analytics, High Performance Computing (HPC), video, content repository, backup, and archiving.
HiSecEngine USG6600E Series AI Firewall
Next-generation firewalls designed for medium- and large-sized enterprises, institutions, and next-generation data centers, they provide NGFW capabilities and collaborate with other security devices to proactively defend against network threats and resolve performance deterioration problems.
FireHunter6000 Series Sandbox
Using virus-based and reputation-based scanning, static analysis, and virtual execution technologies as well as Huawei’s unique behavior pattern library, the FireHunter6000 series is capable of detecting unknown malicious files and providing accurate detection reports accordingly. It interworks with other security devices to quickly block advanced malicious files, preventing unknown threats from spreading and protecting core information assets for enterprises. The FireHunter is especially applicable to finance and government agencies, energy providers, and high-tech enterprises.