InfoSec 2011: Energy firms pummelled by DDoS attacks

A McAfee report shows energy providers are getting hit by some serious DDoS attacks.

Critical infrastructure

Critical infrastructure providers (CIPs) have admitted to being consistently pounded by Distributed Denial of Service (DDoS) attacks, a McAfee report has shown.

IT PRO saw some of the headline figures two months ago when we managed to see a preview of the report, showing eight in 10 CIPs surveyed said they had faced a significant DDoS attack in 2010.

The full report now shows the sheer scale of attacks, with 29 per cent of critical infrastucture providers surveyed saying they were being hit by "large scale" DDoS attacks multiple times each month.

Almost two-thirds said such DDoS strikes had hit operations "in some way," indicating the severity of the problem facing CIP firms.

"In the 21st century, everyone is a target," Raj Samani, chief technology officer at McAfee, told IT PRO at the InfoSecurity 2011 conference today in London.

"There is always the potential of an incident do we as UK citizens expect our privately regulated energy industries to be enforced and tied to Government regulation to ensure these things don't happen? That's a big question we need to ask ourselves."

Samani said the industry needs "to get away from the motive and focus on the impact" of DDoS attacks on critical infrastructure.

CIPs themselves need to understand the importance of security by design, he said. The McAfee report showed the majority of those looking to connect to the smart grid had no plans to implement additional security measures to cover that process.

"Many organisations do recognise the fact they are a target, but what our results suggest is they all need to understand the potential impact of not implementing security by design," Samani added.

As for competition in providing CIPs with security solutions, Samani said McAfee was more concerned about beating the cyber criminals than with what other vendors were doing.

"Vendors aren't our competition. The bad guys are," he added.

Stuxnet was listed as the most significant threat affecting CIPs to date - something which has proven doubters wrong about the possibilities of cyber attacks, Samani said.

Read on for the big news and interviews coming out of InfoSecurity 2011 this week.

Featured Resources

Virtual desktops and apps for dummies

An easy guide to virtual desktop infrastructure, end-user computing, and more

Download now

The total economic impact of optimising and managing your hybrid multi-cloud

Cost savings and business benefits of accelerating the cloud journey

Download now

A buyer’s guide for cloud-based phone solutions

Finding the right phone system for your modern business

Download now

What’s next for the education sector?

A new learning experience

Download now

Recommended

Russian spy chief rebuffs “pathetic” SolarWinds hack accusations
cyber attacks

Russian spy chief rebuffs “pathetic” SolarWinds hack accusations

18 May 2021
Data breaches increase by a third as staff continue to work from home
cyber security

Data breaches increase by a third as staff continue to work from home

17 May 2021
What is phishing?
phishing

What is phishing?

17 May 2021
Cisco to acquire threat intelligence provider Kenna Security
Acquisition

Cisco to acquire threat intelligence provider Kenna Security

14 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
Hackers use open source Microsoft dev platform to deliver trojans
Security

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021