Cyber attacks on critical infrastructures such as electrical grids and oil and gas production are widespread and increasing and cost up to $6.3m a day, warns McAfee.
More than half of the IT security execs from 600 global critical infrastructure firms surveyed by McAfee said they’d already suffered large-scale attacks from organised gangs, terrorists or nation-states.
More than third (37%) believed their sector had become more vulnerable to attack over the last year, and many anticipated a major incident over the next 12 months.
Although built for reliability and availability, most of the world’s critical infrastructures were not built with cyber protection in mind. But the interconnectedness of today’s IT world means that these areas are now vulnerable.
“They are subject to attack and don’t always have the best security. These systems are in the bowels of organisations and the biggest thing is impacting availability, so companies don’t want to touch it because they are worried if they touch it, they will lose the grid,” said George Kurtz, chief technology officer at McAfee.
One in five critical infrastructure entities, particularly in the power and oil and gas sectors, reported that they had been victims of extortion through cyber attack or threatened attack, but most went unreported.
Almost 60% of respondents thought that foreign governments had been involved in network attacks on their sector. The report, In the crossfire: Critical infrastructure in the age of cyber war, comes a few weeks after Google and other firms in what some people believe was a sanctioned attack by Chinese authorities.