Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Attacks on critical infrastructure IT systems are widespread and growing in frequency, and could cost over US$6m (A$6.7m) a day on average, according to a detailed new report from security giant McAfee launched today.In the Crossfire: Critical Infrastructure in the Age of Cyberwar is one of the most in-depth reports of its kind in the security area. McAfee surveyed over 600 professionals responsible for critical infrastructure protection across seven sectors in 14 countries, and commissioned think-tank the Centre for Strategic and International Studies to conduct additional qualitative research to compile the report.Nearly 60 percent of respondents believe that foreign governments have been involved in cyber attacks against critical infrastructure in their country, while a third had actually suffered large-scale distributed denial-of-service attacks several times a month, most of which had an impact on operations.In addition, a third believe that the threat to critical infrastructures is growing, and two-fifths expect a major security incident within the next year. Infections with viruses or malware was the most commonly reported form of attack, while "theft-of-service" was perceived as the most common motivation for attack. The most common target is financial information.Yet many countries appear woefully unprepared for such attacks, according to the report. Over a third described their resources as 'inadequate' or 'somewhat adequate'.McAfee's chief technology officer, George Kurtz, said that much of the problem lies with the fact that most critical infrastructures are run by the private sector, so the motivation for securing them is not as high as it should be."The private sector is financially motivated, and governments are motivated by security and the national interest, and these two sides can't always be reconciled," he argued in an interview with V3.co.uk."One way of going forward is if the government could provide tax incentives to critical infrastructure companies to secure and upgrade their systems. Governments also need to hold these firms accountable and be prescriptive in the security measures they need to adopt. They need to find a way of clearly measuring security and risk equally across departments."The report comes just a fortnight after it was revealed that Google and at least 20 other firms had been hit by a sophisticated and possibly state-sponsored attack originating from China.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.