• Rhebo strengthens the cybersecurity of globally distributed energy resources with pilot project at energy supplier BayWa r.e.
• Existing vulnerabilities identified and mitigated through Stability and Security Audit
• Software integration on INSYS icom routers accelerates full coverage installation

Leipzig / Munich, Germany, May 5, 2020 – Renewable energy production plants are particularly at risk of becoming attack targets by cyber criminals. Given the mostly national to global distribution of the energy resources, it is extremely difficult to ensure complete security and to minimise access points.

In a pilot project with the manufacturer of industrial components INSYS icom and the energy provider BayWa r.e., Rhebo implemented a dedicated cybersecurity system for Industrial Automation & Control Systems (IACS) at both a wind farm and a photovoltaic park. For this purpose, Rhebo's IACS monitoring with anomaly detection Rhebo Industrial Protector was integrated on the already installed high-performance industrial gateways of INSYS icom. The installation was purely software-based, so that the upgrade of the existing security system and the monitoring could be implemented completely remote-controlled. Rhebo analyses every communication that takes place between the power plants, the IACS of the virtual power plant and servers of the company. It then reports any deviation from the expected communication behaviour. This behaviour-analytical approach also enables the real-time detection of novel attack types which blindside regular firewalls and intrusion detection systems.

»The simple integration of the Rhebo solution into our SystemSafe infrastructure on INSYS icom gateways enables us to fully secure all remote-controlled wind and solar parks against technical failures and cyberattacks without significant additional effort«, Mohamed Harrou, Head of SCADA bei BayWa r.e., explains the advantages of the new system.

Insecure FTP-Servers and WhatsApp

The initial Stability and Security Audit gave the responsible persons at BayWa r.e. a detailed insight into the operation of their IACS for the first time. For the audit, the entire communication between the distributed energy resources, the IACS and servers was recorded for several days and analysed by Rhebo. The analysis showed that almost three quarters of the total traffic was due to communication between the facility’s devices and the vendor servers. Furthermore, several previously unknown security risks were identified. Among others, the anomaly detection identified communication via an unsecure FTP server with vulnerable firmware, unencrypted data transfer as well as private communication via a Whatsapp client. In addition, communication errors and failed connection attempts were identified which affected network quality. All anomalies were subsequently corrected by BayWa r.e. The cleaned up communication pattern acts as a blueprint for the anomaly detection during operation of Rhebo Industrial Protector. Every change is reliably reported so that operators can efficiently mitigate security events and technical error conditions.

On May 14, 10-11 a.m., Mohamed Harrou from BayWa r.e. and Rhebo presented the results in a joint webinar: »BayWa r.e. - 24/7 Cyber Security for Renewable Energy Plants«.
You can watch the recorded webinar here.

The full success story can be downloaded from rhebo.com.

About Rhebo

Rhebo is the only vendor-independent provider of industrial monitoring solutions ensuring both cybersecurity and stability of ICS and IoT infrastructures. The German company’s solutions monitor all communication within the ICS and on distributed critical IoT devices. Any attacks, vulnerabilities as well as technical error states are reported in real-time. Thus, Rhebo vendor-neutrally supports  industrial, energy and water companies to increase cybersecurity, productivity and availability of their systems and plants to safeguard their digital transformation. 

In this role, the company is partner of the Alliance for Cyber Security of the Federal Office for Information Security (BSI), is actively developing standards and technical guidance in the Teletrust - Bundesverband IT-Sicherheit e.V. and the Bitkom Security Management Working Group.

Contact Rhebo

Jens Pacholsky
Public Relations Rhebo GmbH
Tel. +49-341-393-790-180
press@rhebo.com