Most Critical Infrastructure Unprepared For Stuxnet-Like Attack

Companies are embracing new technology such as grid computing and edge computing, but without ensuring that they are protecting themselves from new types of vulnerabilities. The result is increasing attacks on critical infrastructure and large corporations.

Critical National Infrastructure or CNI organizations like oil, gas, water and power companies have become the prime target for Internet hackers and a handful were subjected to Distributed Denial of Service (DDoS) attack last year. A DDoS attack overloads the system with illegitimate traffic leading to a network crash.

According to a report undertaken by software security firm McAfee, critical Infrastructure companies still lag behind in implementing cyber security norms, even after growth in threat levels. The survey conducted by the security firm included some 200 IT executives from over 14 countries.

Almost 30 percent of the IT executives surveyed believe that their company is not prepared for a full fledged cyber attack and 40 percent expect a major attack within the next year. In spite of this only 25 percent of firms in this sector have installed tools to monitor network activity and detect anomalies.

The concern for greater CNI security rose to prominence after the emergence of the Stuxnet worm which exploits security gaps in Windows system and targets industrial programs. According to McAfee nearly half of companies in the electricity sector found Stuxnet on their systems.

The survey found that the Japanese government is best prepared to tackle cyber crime while UK was rated lowest among the 14 surveyed countries. China topped the list as the most common source of cyber attacks.