Critical infrastructure systems needs better security, says survey

Critical infrastructure systems needs better security, says survey

Tags:    Center for Strategic and International Studies   CSIS   SCADA

By Robert Westervelt | Feb 1, 2010

The systems that run power plants, manage the distribution of hazardous chemicals and help monitor water treatment plants are in a dire need of stronger safeguards, according to a survey of more than 600 IT and security executives who work for many of the companies that run them.

Critical infrastructure facilities in the United States and other developed countries are connected to the Internet and their underlying management systems are threatened by a constant barrage of cyberattacks, according to a new report "In the Crossfire: Critical Infrastructure in the Age of Cyber War."

The report sums up the findings of a global survey of IT and security executives at more than 600 enterprises that own and operate critical infrastructure. It was released today by the Center for Strategic and International Studies (CSIS). The study was funded by security vendor McAfee Inc. and was released at the World Economic Forum in Davos, Switzerland.

The survey found that SCADA systems, the critical network and control systems that run dams, power plants, gas and oil refineries and other facilities are being attacked by a variety of methods, individuals and criminal gangs with various interests. Two-thirds of those surveyed (76%) said their SCADA systems were connected to an IP network or the Internet. About half of those said the connection created SCADA system security issues that aren't being addressed.

The kinds of attacks facing critical infrastructure facilities mirror those targeting government agencies and government contractors. It also reflects the wide variety of ongoing attacks targeting the private sector. The issues were highlighted recently in attacks that targeted employees at Google Inc., Adobe Systems Inc. and dozens of other firms exploiting a flaw in Microsoft Internet Explorer 6.

 
 
123 > >>
This article originally appeared on SearchSecurity

Similar

Related Articles

Add comment

Post a Comment

The content of this field is kept private and will not be shown publicly.
Verification Code
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
 

Similar

Related Articles

knowledge_central_tab

 
 
Knowledge Central
Trusted Mobility Index
The mobile ecosystem of devices, services and networks is at a critical inflection point.While the mobile revolution is unleashing massive opportunities in both emerging and mature economies, it is also increasing in complexity and confusion. The reality is the lightning-fast adoption of powerful, smart devices is outpacing society’s ability to secure them. Today, trust in mobility hangs in the balance.
The state of the Internet, Q4, 2011
Geography appears to play a role in frequency of observed attacks on specific ports. For example, Port 23 (Telnet) is a favorite target for attacks observed to be originating from South Korea and Turkey, where it accounted for more than five times the number of attacks targeting the next most popular port (445 in both countries). Other instances of geography-based port targeting include observed attacks centered on Port 1433 (Microsoft SQL Server) in China and on Port 80 (WWW/HTTP) in Indonesia.
 
 
 
HID Global deploys a centralized, web-based IP access control solution at Fuxi Power Plant
Unable to meet the needs for real-time monitoring with its traditional patrol system, China's Fuxi Power Plant has deployed HID Global's VertX V2000.
StubHub: How to spot fraud before it happens
Whenever a list of log-on credentials is dumped onto the Web, retailers get hit with waves of automated attacks. Here's how ticket marketplace StubHub fights the threat.