McAfee, a security technology company, has published a new report that has revealed the astounding costs and impacts of cyber attacks on critical infrastructure such as electrical grids, oil and gas production, telecommunications and transportation networks.

 

The McAfee (News - Alert) commissioned report “In the Crossfire: Critical Infrastructure in the Age of Cyberwar,” which was authored by Center for Strategic and International Studies, also stated that the risk of cyber attacks is only increasing.

 

A survey of 600 IT security executives from critical infrastructure enterprises worldwide showed that more than half (54 percent) have already suffered large-scale attacks or stealthy infiltrations from organized crime gangs, terrorists or nation-states. It is also estimated that 40 percent of major critical infrastructure organizations expect major attacks in the next 12 months.

 

Critical infrastructures were built for reliability and availability and for security they relied on conventional choices like guards, gates and guns.

 

Now these infrastructures that people depend on every day, from public transportation, to energy to telecommunications are interconnected with the corporate world for to be accessed from anywhere in the world. An attack on any of these industries could cause widespread economic disruptions, environmental disasters, loss of property and even loss of life. So it is important that organizations prepare for the instability that cyber attacks on critical infrastructure can cause.

 

Dave DeWalt, president and CEO of McAfee, has said that the recently identified Operation Aurora was the largest and most sophisticated cyber attack targeted at specific corporations, but it could have just as easily targeted the world’s critical infrastructure. The attack announced by Google (News - Alert) and identified by McAfee was the most sophisticated threat seen in years making it a watershed moment in cyber security because of the targeted and coordinated nature of the attack.

 

The report found out that many officials believe that their sectors are under-prepared to handle a high profile attack by highly-efficient adversaries and the recent economic slowdown has also caused many of the companies to cutback spending on security. More than half (55 percent) believe that the laws in their country are inadequate in deterring potential cyber attacks and 45 percent don’t believe that the authorities are capable of preventing or deterring attacks.

 

Stewart Baker distinguished visiting fellow at CSIS and Lawyer at Steptoe and Johnson has added that governance issues are at the center of any discussion of security for critical infrastructure. The relationships between the governments and private sector organizations involved are complex but it is essential that each have faith in the others ability. The security industry will always strive to stay one step ahead, but in the absence of any technological silver bullet, regulation has a role to play in defending critical infrastructures around the world.

 

McAfee recently said a Microsoft (News - Alert) browser flaw exploited in China attacks and Facebook and McAfee partnered to make the Internet more secure.