Cyberattacks on critical infrastructure intensify

Cyberattacks on critical infrastructure intensify

Summary: Forty percent of executives responsible for securing critical infrastructure such as power grids and oil, gas and water lines say that their vulnerability to attacks has increased, according to McAfee and the Center for Strategic and International Studies.

TOPICS: Security

Forty percent of executives responsible for securing critical infrastructure such as power grids and oil, gas and water lines say that their vulnerability to attacks has increased. And 30 percent of those executives say that their companies aren't ready for a cyberattack, according to a survey from McAfee and the Center for Strategic and International Studies.

The report, based on a survey of 200 IT security execs, indicates that critical infrastructure has become a bit more secure, but only by a modest amount.

In a nutshell, newfangled infrastructure such as smart grids aren't being designed with cybersecurity features. Security is just the last box to be checked off during an implementation.

From the report:

Overall, we found little good news about cybersecurity in the electric grid and other crucial services that depend on information technology and industrial control systems. Security improvements are modest and overmatched by the threat. Much as they may suffer from distributed denial of service attacks, these industries suffer even more from what might be called a “distributed denial of attack.” Very few companies are rising to the challenge posed by state-sponsored infiltration and potential attack. That is particularly true in the Western Hemisphere, India, and Europe. In East Asia, government regulators seem to be pursuing a more concerted campaign to bolster security substantially.

Among the key findings:

  • China was seen as the country most likely to launch a network attack on critical infrastructure.

  • 36 percent of respondents use tools to detect role anomalies.
  • 80 percent of respondents have faced large scale denial of service attacks. A quarter of respondents see these attackes daily or weekly and have been extortion victims.
  • India and Mexico have the high rate of cyber attack extortion attempts. Sixty to 80 percent of executives in these countries noted extortion attempts.
  • Brazil, France and Mexico lag in security measures. China, Italy and Japan were most secure.
  • China and Japan had frequent interactions with government security officials. Execs in the U.S., Spain and U.K. had little contact.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • McAfee wants military spending

    "One of the more startling results of our research is the discovery of the constant probing and assault faced by these crucial utility networks. Some electric companies report thousands of probes every month. "<br><br>As do all internet facing computers.<br><br>"Our survey data lend support to anecdotal reporting that militaries in several countries have done reconnaissance and planning for cyberattacks on other nations power grids"<br><br>McAfee repeating the same all lie over and over again.<br><br>Once more, NEVER CONNECT critical control infrastructure to public networks. Not even though a McAfee firewall.<br>Do not even plug them into the same network the PHB surfs 4 chan on even.<br><br>Do not confuse the spammers probing your companies email server with a cyber war on your control systems (which should not even be connected to China, let alone probe-able).<br><br>Stuxnet was planted by Russian contractors, and a more effective attack would have been if they'd hit the Siemens control boards with a spanner. So be careful who you hire for security jobs.
    • Stuxnet was planted by Russian contractors?

      Why would they plant a US/Isreal designed and developed worm in the control systems of a Russian ally?
      Will Farrell
      • Money?

        @Will Farrell ,
        Money presumably, I *read* that it was believed to be Russian contractors that planted it. I assume it was for personal gain.
  • Why are ICS even connected to the public internet?

    I understand why the facility and it's staff might need to be online, but why are the ICS themselves connected? This offers no benefit that I can see and simply makes them vulnerable to foreign attack.

    Who connected vital infrastructure assets to a public network? Any enemy with a 5th grade education can take a shot at them. It just doesn't make sense.

    If these devices actually are already connected, then they should be taken off the network immediately and those responsible should be fired. In any case where such a device is compromised, then the person responsible should be considered a co-conspirator and be punished accordingly.

  • Is it Safe?

    Windows Admin Folks must be surely tired of this.<br><br>There is no end in site and the wealth of exploits that target the Windows operating system is unabated.<br><br>Make peace with the fact that with applying security patches and anti-virus measures, you will be on a continual treadmill fixing Windows PCs. And just as soon as they get fixed, there is no guarantee that next day they won't get infected as long as your Enterprise users keep going on the Internet with Internet Explorer.<br><br>So, what is a Windows System Administrator to do?<br><br>Take a look at Ubuntu Linux: The safest operating system on the planet.<br><br>I've said that before and stake my reputation on it.<br><br>This time, I'll highlight a technique you can use to put some distance between your vulnerable Windows Clients and the Internet.<br><br>That layer is an Ubuntu Linux Browser Terminal Server.<br><br>Set it up as a proxy for your class of users who need to go on the Internet. Install xrdp, squid, make some adjustments to squid to recognize when users (agent string) try to wend their way onto the net with IE and block them unless the url is MS Updates.<br><br>Push a lock-down to the IE connections tab via a login script that adds the Ubuntu Proxy and keeps users from editing the connections tab (regedit).<br><br>Add an acl rule to Squid that allows users to access the any of your corporate Intranet websites (* and MS Update, but denies if they try to access the Internet with Internet Explorer.<br>Set up Ubuntu with Kerberos to authenticate against Active Directory.<br><br>Add an Icon for the proxy that calls Remote Desktop Connection and allows users to log onto the Browser Terminal Service to do their browsing.<br><br>Add Samba to Ubuntu and create a mount point to the user's Windows Share folder so they can download from Firefox.<br><br>Be sure to enable the Firefox AppArmor profile with:<br><br>$sudo aa-enforce /etc/apparmor.d/usr.bin.firefox<br><br>User can then click their RDC Icon and surf their brains out with no fear.<br><br>Ubuntu Linux Browser Terminal Server.<br><br>It works and it's safe. I stake my reputation on it.
    Dietrich T. Schmitz, ~ Your Linux Advocate
  • RE: Cyberattacks on critical infrastructure intensify

    this thread did not target windows or linux or mac or any other OS out there.... come on D T S Every system connected to the net in any way is vulnerable. I know enough about issue with every major OS so don't give us that Linux is the safest OS on the planet.
  • RE: Cyberattacks on critical infrastructure intensify

    The USA would be most likely to perform an infrastructure attack.