Critical infrastructure systems needs better security, says survey

By Robert Westervelt | Feb 1, 2010

0 comments

Facebook

LinkedIn

Digg

The systems that run power plants, manage the distribution of hazardous chemicals and help monitor water treatment plants are in a dire need of stronger safeguards, according to a survey of more than 600 IT and security executives who work for many of the companies that run them.

Critical infrastructure facilities in the United States and other developed countries are connected to the Internet and their underlying management systems are threatened by a constant barrage of cyberattacks, according to a new report "In the Crossfire: Critical Infrastructure in the Age of Cyber War."

The report sums up the findings of a global survey of IT and security executives at more than 600 enterprises that own and operate critical infrastructure. It was released today by the Center for Strategic and International Studies (CSIS). The study was funded by security vendor McAfee Inc. and was released at the World Economic Forum in Davos, Switzerland.

The survey found that SCADA systems, the critical network and control systems that run dams, power plants, gas and oil refineries and other facilities are being attacked by a variety of methods, individuals and criminal gangs with various interests. Two-thirds of those surveyed (76%) said their SCADA systems were connected to an IP network or the Internet. About half of those said the connection created SCADA system security issues that aren't being addressed.

The kinds of attacks facing critical infrastructure facilities mirror those targeting government agencies and government contractors. It also reflects the wide variety of ongoing attacks targeting the private sector. The issues were highlighted recently in attacks that targeted employees at Google Inc., Adobe Systems Inc. and dozens of other firms exploiting a flaw in Microsoft Internet Explorer 6.

0 comments

Facebook

LinkedIn

Digg