Cyberattacks On Critical Infrastructure Are Increasing, Study Says

Eighty percent of organizations that operate smart grid or other critical infrastructure components have experienced a large-scale denial of service (DDoS) attack, and a quarter of them have been victims of extortion through network attacks, according to a study published today.

According to In the Dark: Crucial Industries Confront Cyberattacks, a report issued by McAfee and the Center for Strategic and International Studies (CSIS), many critical infrastructure organizations remain unprepared to stop the next attack.

The survey of 200 IT security executives from critical electricity infrastructure enterprises in 14 countries found that 40 percent of executives believed that their industry’s vulnerability had increased, according to the researchers. Nearly 30 percent believed their company was not prepared for a cyberattack, and more than 40 percent expect a major cyberattack within the next year.

“We found that the adoption of security measures in important civilian industries badly trailed the increase in threats over the last year,” said Stewart Baker, who led the study for CSIS.

“Ninety to 95 percent of the people working on the smart grid are not concerned about security and only see it as a last box they have to check,” said Jim Woolsey, former United States Director of Central Intelligence.

The new study reveals that while the threat level to critical infrastructures has accelerated, the response level has not, even after the majority of respondents frequently found malware designed to sabotage their systems (nearly 70 percent), and nearly half of respondents in the electric industry sector reported that they found Stuxnet on their systems.

Have a comment on this story? Please click "Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.