Energy firms unprepared for cyber attacks

Energy providers recognise the threats they face, but some are not responding with the tech to protect themselves, data shows.

Energy

Energy firms are expecting to be hit by cyber attacks in the not too distant future but are not prepared to deal with them.

So claims security specialist McAfee, who believes smart grids could be a real soft spot for energy companies in the coming years.

With more than half (56 per cent) of executives planning on connecting consumers to these grids via the internet, there could be trouble ahead, according to McAfee.

Although the majority admitted security vulnerabilities would arise from introducing these new systems, a third of global executives surveyed said they had not introduced special security measures to deal with the threats.

Jim Woolsey, former US director of central intelligence, is quoted in the report as saying 90 to 95 per cent of people working on the smart grid are not concerned about security.

They "only see it as a last box they have to check," Woolsey said.

It appears most critical infrastructure providers (CIPs) have had to deal with strong attacks in the recent past.

Eight out of 10 respondents said they had faced a large scale denial of service attack in 2010, with 85 per cent admitting to having experienced a network infiltration.

Furthermore, 40 per cent of CIP executives discovered Stuxnet in their environments, yet only 57 per cent of these launched special security audits or other measures in response.

The report, the preview version of which IT PRO managed to get its hands on, was carried out with the support of Centre for Strategic and International Studies a well-respected think tank from Washington DC.

The full report will be issued later in 2011.

It will come hot on the heels of a McAfee investigation into what it called the Night Dragon operation.

An unnamed selection of oil, energy and petrochemical firms were targeted by cyber criminals, in attacks that may have started as long ago as 2007.

The attacks, which used a range of techniques, appeared to have been coordinated from a central point, indicating the Night Dragon hackers were part of one global.

Symantec research from last year showed more than half of critical infrastructure providers believed their networks had been targeted by politically motivated cyber attacks.

Meanwhile, Stuxnet has continued to make headlines. A member of Anonymous recently claimed to be in control of the now infamous malware.

However, Snorre Fagerland, a senior threat researcher at Norman IT Security, claimed in a tweet that Anonymous only had Stuxnet binaries and disassembly, not the original source.

Featured Resources

B2B under quarantine

Key B2C e-commerce features B2B need to adopt to survive

Download now

The top three IT pains of the new reality and how to solve them

Driving more resiliency with unified operations and service management

Download now

The five essentials from your endpoint security partner

Empower your MSP business to operate efficiently

Download now

How fashion retailers are redesigning their digital future

Fashion retail guide

Download now

Recommended

PowerShell threats increased over 200% last year
cyber security

PowerShell threats increased over 200% last year

14 Apr 2021
McAfee to sell enterprise business to STG for £2.8 billion
mergers and acquisitions

McAfee to sell enterprise business to STG for £2.8 billion

9 Mar 2021
McAfee’s MVISION XDR takes security beyond the endpoint
cloud security

McAfee’s MVISION XDR takes security beyond the endpoint

28 Jan 2021

Most Popular

The benefits of workload optimisation
Sponsored

The benefits of workload optimisation

16 Jul 2021
Samsung Galaxy S21 5G review: A rose-tinted experience
Mobile Phones

Samsung Galaxy S21 5G review: A rose-tinted experience

14 Jul 2021
IT Pro Panel: Why IT leaders need soft skills
professional development

IT Pro Panel: Why IT leaders need soft skills

26 Jul 2021