Critical infrastructure providers such as energy suppliers have admitted to being pounded by distributed denial of service attacks, a McAfee report has shown.
The report showed the scale of attacks: 29 percent of providers said they were being hit by “large scale” DDoS attacks many times a month.
Almost two-thirds said such strikes had hit operations “in some way”, indicating the severity of the problem.
“In the 21st century, everyone is a target,” said Raj Samani, chief technology officer at McAfee.
“There is always the potential of an inciden. Do we expect our privately regulated energy industries to be enforced and tied to government regulation to ensure these things don’t happen? That’s a big question we need to ask ourselves.”
Samani said the industry needs “to get away from the motive and focus on the impact” of DDoS attacks on critical infrastructure.
Providers must understand the importance of security by design, he said. The report showed most of those looking to connect to the smart grid had no plans to implement additional security measures to cover that process.
“Many organisations do recognise the fact they are a target, but what our results suggest is they all need to understand the potential impact of not implementing security by design,” Samani added.
As for competition in providing security solutions, Samani said McAfee was more concerned about beating the cyber criminals than with what other vendors were doing.
“Vendors aren’t our competition. The bad guys are,” he added.
Stuxnet was listed as the most significant threat affecting CIPs to date - something which has proven doubters wrong about the possibilities of cyber attacks, Samani said.