GE and Thales to mitigate cybersecurity threats in power sector


Thales and GE Steam Power are establishing a collaboration to deliver a suite of cybersecurity solutions to power plant operators.

This agreement comes a few months after the release of Thales’ Cyberthreat Handbook, detailing the major groups of hackers and identifying the power generation industry as one of the most at risk.

The partnership was cemented at the International Cybersecurity Forum (France) and brings together Thales’ cyber knowledge and GE’s expertise in the power generation industry to help protect customers from cyber risks by providing threat intelligence, joint training and a combined portfolio of cyber solutions.

Related content:
Read other cybersecurity stories here

To further their mission, Thales and GE have published a joint cyber threat intelligence report that provides unprecedented analysis about threats in the energy sector. The landscape of cyber threats to the power generation industry follows the evolution of cyber threats in the broadest sense. It evolves, becomes more complex and requires permanent and specialized monitoring.

According to the report:

  • Up to 10% of cyber attacks on operations like power plants are led by highly effective threat actors, whether state-sponsored or cybercriminals. The growing intertwining of companies’ information technology (IT) and operations technology (OT) systems allows attackers to create bridges between any machine and the core infrastructure. While vulnerabilities in IT environments are mostly understood and managed, OT vulnerabilities still lack attention.
  • Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition Systems (SCADA) are increasingly targeted by cyberattacks, especially from state-sponsored groups who know how to exploit the possibility of harshly targeting these systems in the event of international conflicts.
  • It has become vital for power generation operators to get specific and regular training to understand what they are fighting and how to better protect their systems.

Through this partnership, Thales and GE are joining forces to perform joint training for customers that operate individual or fleets of power plants.

As part of the agreement, GE has already installed equipment at the National Digital Exploitation Centre (NDEC), created by Thales and the Welsh government for cyber and digital development and education, in order to carry out demonstrations of cyber-attacks and response scenarios using Thales’s Cyber Range and GE hardware.

This story was originally published by our sister site, Power Engineering International, a Clarion Power & Energy brand.