Information Security Strengthening

National Power Information System Equal Protection Evaluation Report

The process of information system level protection assessment involves five stages: classification, filing, rectification, assessment, and inspection. It involves multiple roles such as construction units, public security organs, assessment institutions, consulting service providers, and product service providers. Through cooperation with assessment institutions and level protection consulting service providers, we provide integrated level protection assessment services for the owner Assist the owner in completing the corresponding procedures (initial inspection, final inspection), provide business rectification and construction plans, and offer full-process services to the owner.

2 Reading

Under the guidance of China's dual carbon goals, "building a new type of power system with new energy as the main body" is the latest major decision made by the state for the development of the power system against the backdrop of the carbon peaking and carbon neutrality goals. Among them, the security of numerous software systems in the power industry led by large power groups such as State Grid Corporation of China, China Southern Power Grid Company, Huaneng, Datang, Huadian, State Power Investment Corporation, China Energy Investment Corporation, State Power Investment Corporation, China Resources Group, China International Engineering Consulting Corporation, and Electric Power Planning and Engineering Institute is of vital importance. This is mainly reflected in the aspect of power operation safety. With the continuous development of the Internet industry, the security issues of web systems in power plants have become increasingly prominent. Information security incidents caused by web application layer vulnerabilities in power enterprises occur from time to time. For instance, there was once a serious incident where the power marketing data of a provincial company was maliciously tampered with. The classification protection of cyber security has drawn great attention from power enterprises. How to enhance the security protection capabilities of information systems under classification protection, accurately convey power information, and maintain the social image of the power grid has become the primary task in the security construction of power enterprise portal websites.

等级保护备案证明

List the top ten cybersecurity attack incidents in the global power industry:

A Brazilian power company was attacked by the Sodinokibi ransomware

European energy giant EDP was hit by a ransomware attack

3. Malicious software infected the internal network of a nuclear power plant in India

A major cyber security incident occurred at a nuclear power plant in Ukraine

Venezuela's power system has suffered multiple cyber attacks within two years, leading to large-scale power outages

The Johannesburg Power Company in South Africa was hit by a ransomware attack

7. Hackers exploited known vulnerabilities in Cisco's firewall to launch denial-of-service (DoS) attacks against US power companies

8. The French company Ingerop was hit by a cyber attack, resulting in the leakage of sensitive data at the Fessenheim nuclear power plant

9. Siemens equipment has serious vulnerabilities, making substations vulnerable to attacks

10. The incident of Russian hackers attacking US nuclear power plants and water supply facilities

The power system is an important component of the key infrastructure for social operation. It not only concerns People's Daily lives but also has a profound impact on the field of industrial control and even national security. Therefore, it is particularly important to focus on strengthening the security construction of power system software facilities and the internal security protection of power enterprises. Since 2009, State Grid Corporation of China has included the technical protection measures against attacks and tampering of its external websites and the security protection situation of its external service systems in the network information security inspection items. It has become a consensus in the power industry to adopt professional application security protection products to fill the loopholes of the traditional information security protection system and enhance the protection of websites and B/S applications. In fact, as early as 2007, State Grid Corporation of China took the lead in launching the work of cybersecurity level protection. The State Electricity Regulatory Commission also issued the "Guiding Opinions on the Grading Work of Information System Security Level Protection in the Electric Power Industry", further emphasizing the strengthening of cybersecurity protection construction in the power system, which is an important measure to implement the national power system information network security level protection work. In the national power system, web security is widely confronted with security risks such as SQL injection, cross-site scripting tools, and weak passwords. Coupled with the rapid development of various network attack methods, the security risks faced by the power system are intensifying day by day. This is what people refer to as the network security level assessmentEqual Protection AssessmentIt is receiving increasing attention from managers and operation and maintenance personnel of power enterprises.

The common tools and methods currently used for power systems are as follows:

1. Utilize malicious codes such as viruses, worms, Trojans and spyware to disrupt WEB systems;

2. By taking advantage of system vulnerabilities and using buffer overflow methods to obtain administrator privileges, one can arbitrarily modify the content of WEB sites and steal information.

3. XSS attack, that is, cross-site scripting attack. Malicious attackers insert malicious html code into WEB pages. When users browse the page, the html code embedded in the WEB will be executed, thereby achieving the special purpose of the malicious users.

4. Utilizing DOS, DDOS and other methods to cause service paralysis;

5. By exploiting vulnerabilities in website applications and using methods such as SQL injection or cross-site attacks, one can obtain system or database administrator privileges, thereby arbitrarily modifying the database to achieve the purpose of web page tampering or destruction.

Facing the severe situation of cyber security, our company provides cyber security level assessment to all power system development enterprises across the country, which is what people call"Equal Protection Assessment" According to the ownerEqual Protection AssessmentThe requirements will be allocated by our company for the ownerEqual Protection AssessmentThe institution (authorized by the Ministry of Public Security), andEqual Protection AssessmentProvided by the institutionEqual Protection AssessmentThe activity conducts service quality supervision to assist the owner in completing the information systemEqual Protection AssessmentWork and obtain the compliance certificate (Information System Security Level Protection Filing Certificate) issued by the cyber supervision department of the public security organ.

等保测评过程

Information SystemEqual Protection AssessmentThe process involves five stages: classification, filing, rectification, assessment, and inspection, and involves multiple roles such as the construction unit, public security organs, assessment institutions, consulting service providers, and product service providers. Through cooperation with assessment institutions and information security protection consulting service providers, an integrated service is provided for the ownerEqual Protection AssessmentServices: Assist the owner in completing the corresponding procedures (initial inspection, final inspection), provide business rectification and construction plans, and offer full-process services to the owner.

The materials provided

"XXX- Information SystemEqual Protection AssessmentResearch Form

Constraint conditions

"Information System"Equal Protection Assessment"Entrustment Contract

"Information System"Equal Protection Assessment"Confidentiality Agreement

Equal Protection AssessmentCycle

Small-scale safety rectification takes 2 to 3 weeks, and the report issuance time is one week. The overall duration is 1 to 2 months. If the rectification is not timely or involves the purchase of equipment, the time is hard to say, but the overall requirement is to complete it within one year. The most uncertain factor in the assessment cycle is rectification. The faster the rectification, the faster the conclusion. Therefore, if the user unit wants to end the assessment as soon as possible, it must promptly implement and complete the safety rectification.

Service area

Beijing, Shanghai, Tianjin, Chongqing, Liaoning Province, Heilongjiang Province, Jilin Province, Guangdong Province, Hainan Province, Fujian Province, Hunan Province, Sichuan Province, Chongqing Municipality, Guizhou Province, Yunnan Province, Guangxi Province, Hubei Province, Henan Province, Shandong Province, Gansu Province, Xinjiang Province, Xizang Autonomous Region, Hebei Province, Shaanxi Province, Shanxi Province, Zhejiang Province, Jiangsu Province and other regionsEqual Protection Assessment

More solutions for "information security reinforcement"