Cyber Attact
Diposting oleh
onepointnet
|
Selasa, 19 April 2011
Onepointnet
Much of what we know about all the possibilities that occur to komputerm ranging from viruses, spyware, addware, malware and others, whether in the form of attacks from outside as well as attacks from within, it can occur without exception
Cyber attacks on critical infrastructure companies are on the rise, with a jump in an effort to blackmail and malware that is designed to sabotage the system, such as Stuxnet, according to a new report.
While attacks continue to rise, many companies are not doing enough to protect their systems rather than rushing to adopt new technology without ensuring they are quite safe against cyber attacks, concluded "In the Dark: Face Crucial Industry cyberattacks."
The report, due to be released on Tuesday, commissioned by McAfee and written by the Center for Strategic and International Studies (CSIS). This includes the results of an electronic survey of IT security executives from 200 companies that provide oil, gas, electricity, water and wastewater services in 14 countries during the last quarter of 2010.
Security at the electricity company has been a concern for decades, but this issue became famous with the emergence last year Stuxnet malware, which exploits a hole in Windows systems and specific targets Siemens SCADA (supervisory control and data acquisition) program with sabotage. After surgery malware, experts say they believe it was written to target the nuclear facilities in Iran.
"Stuxnet change the game in our consciousness," says Phyllis Schneck, vice president and chief technology officer for the public sector at McAfee, in an interview. "The attack is being developed directly for the ability to create events on physical infrastructure."
About 70 percent of survey respondents said they often found the malware that is designed to sabotage their systems during 2010, and nearly half of those in the electricity industry say they find Stuxnet on their system. It was unknown whether one system is affected as a result of Stuxnet, but close to 60 percent say their company has launched a special security audits as malware.
The threat of sabotage, including smart electricity grid, which is being rapidly adopted without security measures in place adequate, according to the U.S. Government Accountability Office and independent security experts. Fifty-six percent of respondents that the company plans a new system of smart grid is also planning to connect to consumers via the Internet. But only two-thirds have adopted special security measures for smart grid control, the report said.
"We could end up with a grid connected to a public house 'which is not properly secured from cyber attacks," said Schneck. "If the system can be turned against itself, that is a disaster waiting to happen."
Another trend is happening with the company's critical infrastructure is blackmail. One in four survey respondents said they had been victims of extortion by a cyber attack or threat of attack with a number of companies subject to the extortion increased 25 percent over last year. India and Mexico have a very high level of extortion attempts, the report found.
"That could be an attempt to crash the network or it could be a denial-of-service," or threats to close the electrical network, said Stewart Baker, a fellow at CSIS.
Modest security fixes In general, this report shows increased levels of attacks and concerns about the attacks, but the modest improvement in security. About 40 percent of respondents said they believed that their increased vulnerability of the industry and nearly 30 percent said they did not think their company is prepared for cyber attacks.
"More than 40 percent of the executives we interviewed expect major cyberattack in the past 12 months - attack, ie, causing big losses for at least 24 hours of service, loss of life or personal injury, or failure of the company," the report said. Fears that the most stringent among executives from India, Mexico and China.
It has changed significantly from even a year ago. In 2009, nearly half of respondents said that they have never faced large-scale network intrusions or denial-of-service (DoS) attacks. Now, about 80 percent of respondents said their companies have been targeted by at least one major DoS attacks and 85 percent have seen a network disruption. A quarter reported daily or weekly DoS attacks and a quarter said they had been victims of extortion by a network attack or threat of attack.
Despite the increase in threats and concerns of the executives' about them, the company is not beefing up their security a lot. Energy companies, for example, increased adoption of security technology with only one percentage point, to 51 percent, and oil and gas company by three percentage points, to 48 percent. Brazil, France, and Mexico was left in response to their security, adopts a half just as many security measures as a leader in security - China, Italy, and Japan, according to the report.
China and Japan, who both report high levels of formal and informal interaction with their governments on security topics, are the countries with the highest confidence level that the law would prevent or deter attacks on their country. Meanwhile, respondents in the U.S., Spain and the UK report little or no contact with their governments on security. While all respondents Japanese companies have been audited by their government for security, only 6 percent of those in the UK has.
The company seems to have a relatively high level of distrust for foreign countries. About 60 percent of the nation state and the government blaming the other for being behind the attack. United States referred to as the country most concern for 2009, followed by China, the country called in an attack on Google last year. China took the top spot last year, according to the survey, conducted before reports began to surface late last year that connects the U.S. to Stuxnet.
Speculation that the U.S. is behind Stuxnet, with the help of Israel, supported by a report in The New York Times, including one who said Siemens give U.S. researchers the opportunity to identify holes in its software.
Summing up the conclusions the report, Baker of CSIS said he worried that the people tasked with making sure we have gas, water, and electricity in our homes and offices are not doing enough to protect that critical infrastructure.
all depends on how far you to anticipate problems.
0 komentar:
Posting Komentar