[ISN] New Technology Detects Cyberattacks By Their Power Consumption

http://www.darkreading.com/analytics/security-monitoring/new-technology-detects-cyberattacks-by-their-power-consumption-/d/d-id/1318669 By Kelly Jackson Higgins Dark Reading 1/20/2015 Startup’s “power fingerprinting” approach catches Stuxnet infection within seconds in DOE power grid test bed. A security startup launching early next week uses trends in power consumption activity, rather than standard malware detection, to spot cyberattacks against power and manufacturing plants. The technology successfully spotted Stuxnet in an experimental network before the malware went into action. PFP Cybersecurity, which officially launches on Monday and was originally funded by DARPA, the Defense Department, and the Department of Homeland Security, basically establishes the baseline power consumption of ICS/SCADA equipment such as programmable logic controllers (PLCs), supervisory relays, or other devices and issues an alert when power consumption or RF radiation changes outside of their baseline usage occur. Such changes could be due to malware, as well as to hardware or system failures, for instance. The US Department of Energy’s Savannah River National Laboratory (SRNL) recently tested the PFP technology’s ability to detect Stuxnet on a Siemens SIMATIC S7-1200 PLC. Joe Cordaro, advisory engineer with SRNL, says the PFP system right away found Stuxnet on the PLC, before the infamous malware began to activate