On April 23, 2021, the Bundestag passed the revised IT Security Act (ITSiG 2.0). ITSiG 2.0, the attack detection system, becomes mandatory for KRITIS. Critical infrastructures have to set up a holistic attack detection system within two years. The supply chain becomes part of the IT Security Act.
On April 23, 2021, the Bundestag passed the revised IT Security Act (ITSiG 2.0). In addition to expanded powers for the Federal Office for Information Security (BSI), cybersecurity requirements are being tightened. Critical infrastructures such as energy suppliers and water suppliers as well as waste disposal companies and large companies with economic importance are obliged with the amendment to implement a system for attack detection. According to the explanation of the legal text, this should protect the communication technology of the operators of critical infrastructures as comprehensively as possible, i.e. consider the entire infrastructure in order to »continuously identify and avoid threats«, according to Section 8a (1a). The operator's telecontrol, process and network control technology, which is referred to as Operational Technology (OT) to distinguish it from corporate IT, is therefore also moving into focus.
KRITIS protection is a must
"Even if the law remains largely unclear with regard to its design, the demand for a holistic system for attack detection is absolutely overdue," confirms Rhebo CEO Klaus Mochalski. »This takes into account both the increased relevance of OT cybersecurity and the trend towards the convergence of corporate IT and OT. In monitoring projects and risk analyzes for energy suppliers and industrial companies, among others, we have been identifying threats that run through the interfaces of the once separate networks for many years. This not only increases the risk that cyber attacks will occur via the OT. The risk that industrial processes such as energy supply and production will be permanently disrupted has also increased significantly in recent years «. The evaluation of the cyber attacks on energy supply companies that became public in 2020 shows an increase of 38 percent worldwide compared to the previous year. For industrial companies there was an increase of 111 percent (source: www.hackmageddon.com).
Unnecessary delay
Operators of critical infrastructures now have 24 months to implement the attack detection system. In the first drafts of ITSiG 2.0, the BSI had requested implementation within 12 months. Due to the complexity of some critical infrastructures, the implementation period was only doubled in the last few weeks of negotiations. "With regard to the current risk situation, a short-term commitment would have been desirable," said Mochalski, commenting on the adjustment at the last minute. »Especially because there have long been approaches and technologies that enable even complex infrastructures to be secured quickly. For example, some of our customers operate a variety of substations, renewable energy systems and other substations. The integration of our industrial network monitoring with anomaly detection can take place here in a very short time. This is also possible because we can easily base our solution on existing network components from e.g. B. Barracuda, INSYS icom, RAD and Welotec can integrate «.
Suppliers are made responsible
Another innovation of the ITSiG 2.0 is the extension of the legislation to large suppliers for critical infrastructures. This takes into account an increasingly complex cyber threat landscape in which the entire supply chain must be taken into account.
"Even if this regulation is presumably aimed at foreign suppliers for the 5G network, this is also the right step for all operators of critical infrastructures or economically relevant companies," emphasizes Mochalski. "Last but not least, the SolarWinds incident made this clear." With the attack technique known as supply chain compromise, the attackers first compromised the IT platform service provider SolarWinds at the end of 2020 in order to gain access to their actual targets - SolarWinds customers. "For this reason, we have been working with various manufacturers of OT components and critical IoT systems for a long time">. Rhebo has been protecting the energy storage systems from the German manufacturer Sonnen GmbH, which are used around the world, since 2019. At the beginning of 2021, Rhebo was taken over by the leading provider of energy management solutions Landis + Gyr. With the integration of Rhebo into the Advanced Metering Infrastructure from Landis + Gyr, critical infrastructures worldwide will in future receive a secure solution for the further digitization and automation of their services.
More at Rhebo.com
Rhebo GmbH
Rhebo develops and markets innovative industrial monitoring solutions and services for energy suppliers, industrial companies and critical infrastructures. The company enables its customers to guarantee both cybersecurity and the availability of their OT and IoT infrastructures and thus master the complex challenges of securing industrial networks and smart infrastructures. Rhebo has been a 2021% subsidiary of Landis + Gyr AG, a leading global provider of integrated energy management solutions for the energy industry with around 100 employees worldwide, since 5.500. Rhebo is a partner of the Alliance for Cyber Security of the Federal Office for Information Security (BSI) and is actively involved in Teletrust - Bundesverband IT-Sicherheit eV and Bitkom Working Group on Security Management for the development of security standards.