Eighty Percent Experienced a Large-Scale Attack while 25 Percent Have Been Victims of Extortion Attempts
Santa Clara, Calif., London and Washington, D.C. - April 19 - McAfee and the Center for Strategic and International Studies (CSIS) today revealed the findings from a report that reflects the cost and impact of cyberattacks on critical infrastructure such as power grids, oil, gas and water. The survey of 200 IT security executives from critical electricity infrastructure enterprises in 14 countries found that 40 percent of executives believed that their industry’s vulnerability had increased. Nearly 30 percent believed their company was not prepared for a cyberattack and more than 40 percent expect a major cyberattack within the next year.
The report “In the Dark: Crucial Industries Confront Cyberattacks,” was commissioned by McAfee and produced by CSIS. “We found that the adoption of security measures in important civilian industries badly trailed the increase in threats over the last year,” said Stewart Baker, who led the study for CSIS. Industry executives made modest progress over the past year in securing their networks, as the energy sector increased its adoption of security technologies by only a single percentage point (51 percent), and oil and gas industries increased only by three percentage points (48 percent).
“Ninety to 95 percent of the people working on the smart grid are not concerned about security and only see it as a last box they have to check,” said Jim Woolsey, former United States Director of Central Intelligence.
The report is a follow-up to a report released in 2010 called “In the Crossfire: Critical Infrastructure in the Age of Cyberwar,” that found that many of the world’s critical infrastructures lacked protection of their computer networks, and revealed the staggering cost and impact of cyberattacks on these networks. The new study reveals that while the threat level to these infrastructures has accelerated, the response level has not, even after the majority of respondents frequently found malware designed to sabotage their systems (nearly 70 percent), and nearly half of respondents in the electric industry sector reported that they found Stuxnet on their systems. This threat to infrastructures also includes electrical smart grids, which are growing in adoption and expected to have exceeded $45 billion in global spending in 2015.
“What we are learning is the smart grid is not so smart,” said Dr. Phyllis Schneck, vice president and chief technology officer for public sector, McAfee. “In the past year, we’ve seen arguably one of the most sophisticated forms of malware in Stuxnet, which was specifically designed to sabotage IT systems of critical infrastructures. The fact is that most critical infrastructure systems are not designed with cybersecurity in mind, and organizations need to implement stronger network controls, to avoid being vulnerable to cyberattacks.”
Other key report findings from this year’s report include the following:
About the report:
McAfee commissioned Vanson Bourne, a specialist research-based technology marketing consultancy, to survey more than 200 IT executives in the energy, oil/gas and water sectors, responsible for information technology security, general security and industrial control systems in 14 countries (Australia, Brazil, China, France, Germany, India, Italy, Japan, Mexico, Russia, Spain, the United Arab Emirates/Dubai, the United Kingdom and the United States). CSIS then analyzed the quantitative results, conducted additional research and authored the report.
To download “In the Dark: Crucial Industries Confront Cyberattacks,” please visit www.mcafee.com/cip_report
McAfee, a wholly owned subsidiary of Intel Corporation (NASDAQ:INTC), is the world's largest dedicated security technology company. McAfee delivers proactive and proven solutions and services that help secure systems, networks, and mobile devices around the world, allowing users to safely connect to the Internet, browse and shop the Web more securely. Backed by its unrivaled Global Threat Intelligence, McAfee creates innovative products that empower home users, businesses, the public sector and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. McAfee is relentlessly focused on constantly finding new ways to keep our customers safe. http://www.mcafee.com
The Center for Strategic and International Studies (CSIS) is a bipartisan, non-profit organization founded in 1962 and headquartered in Washington, D.C. It seeks to advance global security and prosperity by providing strategic insights and policy solutions to decision makers.
NOTE: McAfee is a registered trademark or trademark of McAfee or its subsidiaries in the United States and other countries. Other marks may be claimed as the property of others.