Global attacks against critical infrastructure on the rise

McAfee, one of the worlds leading technology security companies, recently carried out a report on the attack-state of critical infrastructure systems, such as gas, power and water and found surprising results. The firm sent a survey to 200 IT departments, representing utility companies in fourteen countries around the globe, and found that eight out of ten claimed their systems had been attacked within the previous twelve months - a 40 percent rise in just two years.

One of most high profile cyber attacks on an industrial system was the 2010 Stuxnet worm which was targeted at Iran, speculated to originate from the United States and Israel. Luckily there was no damage caused however, considering its was target a nuclear power station. It was claimed that the intention of the application was to "circumvent digital data systems, so the human operator could not get there fast enough."

There is not much a surprise about where the fingers are being pointed by McAfee with China being the firms top suspect followed closely by Russia and the United States. The majority of attacks were Distributed Denial of Service (DDoS) attacks which flood computers with too much data causing the targeted machine(s) to become overwhelmed.

A US National Security Advisor to the Bush Administration, Stewart Baker, said "we asked what what the likelihood was of a major attack that causes significant outage, that is one that causes severe loss of services for at least 24 hours, loss of life or personal injury or failure of a company," and then claimed that "three quarters thought it would happen within the next two years."

Image Credit: Centrica

Report a problem with article
Previous Story

Simple registry hack reveals early Windows 8 features

Next Story

TechSpot: T-Mobile G-Slate / LG Optimus Pad Tablet Review

15 Comments

Anooxy said,
Let's secure it with McAfee, then the Power Plant will work 90% slower.

And send out cute invitations to virus' and worms...

i dont understand, why do these places have internet access, why are people allowed to download files onto these networks. And why is McAfee still around?

lflashl said,
i dont understand, why do these places have internet access, why are people allowed to download files onto these networks. And why is McAfee still around?

In the case of stuxnet and the nuclear reactors, they didn't have Internet access or even network access. Other computers did. They would then get a USB key plug it into a regular machine, and infected the thumbstick and transfer the virus to the machin that way. So I guess the big issue is the machine in a nuclear power plant was running windows. As to what they were transferring, it could have been firmware updates for the Semen systems, not sure. The flaw they used was the lnk vulnerability.

Edited by warwagon, Apr 19 2011, 3:20pm :

warwagon said,
...it could have been firmware updates for the Semen systems, ...

There you have it, the flaw in the system - somebody clicked on a Viagra advert.

Roadrunna said,

There you have it, the flaw in the system - somebody clicked on a Viagra advert.

It was probably spear fishing, same thing that got rsa.

The image just reminded me of my 'can't play Portal 2' woes!

On topic - I find it hard to trust a report from McAfee, I'd prefer to see something from an independent party that doesn't stand to gain or lose from the results.

Critical infrastructure needs to be off the net, have no conventional inputs ie. USB, have its own self sufficient OS, hardware design and its own unique kernel so that nobody knows how to or can make software for it. problem solved.

danoxx said,
Critical infrastructure needs to be off the net, have no conventional inputs ie. USB, have its own self sufficient OS, hardware design and its own unique kernel so that nobody other than the trusted developer knows how to or can make software for it. problem solved.

danoxx said,
Critical infrastructure needs to be off the net, have no conventional inputs ie. USB, have its own self sufficient OS, hardware design and its own unique kernel so that nobody knows how to or can make software for it. problem solved.

and how do you propose they install said proprietary OS and software ooooo via speech recognition or perhaps telepathy .... As for McAfee I wouldn't trust their AV to stop anything with any sort of know how (hence why it's colloquially known round here as McStuffies)

Commenting is disabled on this article.