• ransomware protection electricity banner pc

    Ransomware Protection Storage in the Electric Power Industry

    Build the last line of defense for power data security.


  • Overview
  • Benefits
  • Architecture
  • Technologies
  • Products
  • News and Events

Power Data Security Is Fundamental

From generation, transmission, and transformation to distribution, consumption, and dispatching, today's electric power enterprises are in the business of data. Indeed, data has become the core asset of the industry, only heightening the threat of data blackmail to the security and stability of power grids.

  • Energy Safety

    Tampering with key data — from monitoring and warning information to the operational instructions of key nodes — can causepower system faults or major security incidents.
  • Reputational Damage

    The exposure of sensitive information causes damage to an enterprise's reputation.
  • Economic Loss

    According to an IBM report in 2020, the average cost of data breaches in the energy industry is US$6.39 million each incident.
  • Service Interruption

    Malicious encryption of a database paralyzes power company services.

Ransomware Attacks in the Electric Power Industry

why1 pc

Electric power enterprises and infrastructure are the focus of attacks.

why2 pc

The double extortion model increases the risk of data breach.

why3 pc

Ransomware as a Service (RaaS).

why4 pc

The supply chain becomes the main entry point for extortion attacks.

why5 pc

Advanced Persistent Threat (APT)-like ransomware attacks.

why6 pc

The new normal of insecure data.


architecture en 2

More Accurate Identification

Added I/O-based and entropy-based storage detection mechanisms, up to 99.9% identification accuracy through the network-storage collabration, cover pre-, in-, and post-event.

Harder to Attack

Building an in-depth system with two lines of defense and six layers of protection, makes IT systems harder to be attacked. The innovative network-storage collabration protection mechanism is updating the network security and storage interception blocklist in real time based on the captured threat file features.

Faster Service Recovery

Huawei storage provides protection actions: snapshot, backup, and Air-GAP. Based on the network-storage collabration recovery mechanism, actions are triggered in advance, greatly reducing the recovery time to the second-level.


Key Technologies

key technologies1 en

E2E Data Encryption

Protocol-layer encryption NFS, CIFS/SMB.
Advanced Encryption Standard (AES)-256 encryption of production and backup data.
Encryption during air gap replication.
Encryption during remote replication of data and copies.
key technologies2 en

Air Gap Replication

By setting the replication Service Level Agreement (SLA), data copies are automatically and periodically replicated from the production or backup storage to the isolation environment. The replication link is active only during replication, which ensures data copies are offline most of the time, reducing the possibility of attacks.
key technologies3 en

File System WORM and Secure Snapshot

A protection period can be set for production or backup data to prevent data modification or deletion during this time range.
Secure snapshots ensure storage data is read-only and cannot be modified or deleted within a specified time range.
key technologies4 en

Ransomware Detection

A baseline model is established based on historical data to check for any abnormalities in the changed feature values of the metadata of copies.
Abnormal copies are further compared to determine file size changes, entropy values, and similarities.
The Machine Learning (ML) model is used to determine whether file changes are caused by ransomware encryption, flagging them accordingly.
key technologies 5 en

Intelligent threat detection

The intelligent clustering algorithm prevents brute force cracking. The CDE can detect 100 layers of compression nesting.
key technologies 6 en

Intelligent threat handling

Network security collaboration restores ransomware attack paths based on threat events, delivers linkage policies, automatically isolates lost hosts, and handles threats in minutes.


products 5

OceanProtect Backup Storage

Offering superb performance,efficient reduction. Stability, and reliability, to help users implement efficient data backup and reduce TCO

products 2

Huawei HiSec Insight Security Situation Awareness System

Built on Huawei's mature commercial big data platform — FusionInsight — HiSec Insight (formerly CIS) performs multi-dimensional correlation analysis of massive data based on an Artificial Intelligence (AI) detection algorithm. It proactively detects a wide range of security threat events in real-time, tracing the attack behavior of the entire Advanced Persistent Threat (APT) attack chain. The system also collects and stores multiple types of network information, helping users detect threats, conduct forensics, and ultimately eliminate threats.


Data center management

For intelligent and unified management of data center storage, Huawei provides a data management engine (DME) platform. Through a unified management interface and open northbound and southbound APIs, Huawei centrally manages Huawei storage, third-party storage, switches, and hosts, and implements resource provisioning, O&M, protection, and future mobility.

products 4

OceanStor Dorado All-flash storage

Providing high performance of up to 21,000,000 SPC-1 IOPSTM, six-nines reliability(99.9999%), and intelligent acceleration for critical services.


OceanStor Scale-Out Storage

The Huawei OceanStor distributed storage series helps enterprises unlock the value of massive data, offering diversified storage for applications such as virtualization and cloud resource pools, big data analytics, High Performance Computing (HPC), video, content repository, backup, and archiving.

usg6600e 1203

HiSecEngine USG6600E Series AI Firewall

Next-generation firewalls designed for medium- and large-sized enterprises, institutions, and next-generation data centers, they provide NGFW capabilities and collaborate with other security devices to proactively defend against network threats and resolve performance deterioration problems.

products 3

FireHunter6000 Series Sandbox

Using virus-based and reputation-based scanning, static analysis, and virtual execution technologies as well as Huawei’s unique behavior pattern library, the FireHunter6000 series is capable of detecting unknown malicious files and providing accurate detection reports accordingly. It interworks with other security devices to quickly block advanced malicious files, preventing unknown threats from spreading and protecting core information assets for enterprises. The FireHunter is especially applicable to finance and government agencies, energy providers, and high-tech enterprises.

News and Events