Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Governments will be slow to respond to a rise in Stuxnet-like attacks coming in 2011, a security firm has warned.
Taking inspiration from Stuxnet, increasing numbers of threats will target critical infrastructure next year, Symantec said.
However, it is unlikely governments across the world will implement new legislation around critical infrastructure protection (CIP) in that year, the firm claimed.
The US in particular will most likely fail to issue new laws, Symantec’s Kevin Haley suggested in a blog.
“It’s unlikely that the US government will pass CIP legislation in 2011. Evidence of this is the widespread changeover that recently happened in the US Congress and the current presidential administration’s lack of indication that it will be making CIP a priority,” Haley said.
“CIP legislation and government initiatives in other countries face similar challenges.”
While legislation may not be too quick in coming to deal with critical infrastructure threats, providers will move to improve their security, Symantec claimed.
“Expect to see these providers move forward with cyber security precautions,” Haley explained.
“These precautions will focus not only on simply combating an attack, but on resiliency to survive an attack. This will include backup and recovery, encryption, storage and information management initiatives.”
Stuxnet, believed to be the most sophisticated piece of malware ever seen, emerged earlier this year and similar threats will appear in greater numbers in 2011, Symantec suggested.
“We expect them to take the lessons learned from Stuxnet - the most significant example to date of a computer virus designed expressly to modify the behavior of hardware systems to create a physical, real-world impact - and launch additional attacks targeting critical infrastructure over the course of 2011,” Haley added.
“Though slower to start, expect the frequency of these types of attacks to increase as well.”
Earlier this week, Symantec announced a breakthrough in its Stuxnet research.
The firm discovered the malware was targeting frequency converters, which can be found in industrial control systems and are used to control motors in industrial plants.
In particular, Stuxnet was found to target very high frequencies, which very few industries use – one of them being uranium enrichment.
This article originally appeared at itpro.co.uk
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.