http://www.darkreading.com/insiderthreat/security/attacks/showArticle.jhtml?articleID=227500817 By Kelly Jackson Higgins DarkReading Sept 27, 2010 While the Stuxnet worm attack has raised the bar for targeted attacks on the critical infrastructure, it's not the first time the power grid has been in the bull's eye. Attacks against these systems are actually quite common -- it's just that they are mostly kept under wraps and rarely face public scrutiny like Stuxnet has. Nearly 60 percent of critical infrastructure providers worldwide, including oil and gas, electric, and telecommunications, say they have been targeted by "representatives" of foreign governments, according to a study published earlier this year by The Center for Strategic and International Studies and commissioned by McAfee. More than half of the respondents had experienced a targeted, stealthy attack akin to the Aurora attacks that hit Google, Adobe, and nearly 30 other companies earlier this year. In addition, nearly 90 percent of the respondents said their networks had been infected with malware, and more than 70 percent had been hit with low-level DDoS attacks and vandalism, insider threats, leakage of sensitive data, and phishing or pharming. As reported last week, Stuxnet has shed light on just how vulnerable their control systems really are, and as the first known malware attack to target power plant and factory floor systems, it has been a wake-up call for the potential damage that could be inflicted on a power plant and the potential consequences to the physical world. Though no one knows for sure who created and launched it (speculation has pointed to nation-state sponsorship) or what the endgame really was, the concentration of infections has mostly been in Iran and India. Nearly 60 percent of Stuxnet infections were located in Iran, according to Symantec. Speculation that the worm was specifically gunning for Iran's nuclear power plant gained a bit more traction in the past couple of days: Iran's official news agency reported over the weekend that Stuxnet had infected employee machines at the plant, according to an AP report. And some 30,000 IP addresses had been across Iran, according to other reports. [...] _______________________________________________________ Subscribe to InfoSec News - www.infosecnews.org http://www.infosecnews.org/mailman/listinfo/isnReceived on Tue Sep 28 2010 - 00:18:26 PDT
This archive was generated by hypermail 2.2.0 : Tue Sep 28 2010 - 00:24:22 PDT