Ciaran Martin, CEO of the U.K.’s National Cyber Security Centre (NCSC) mentioned that hostile states present a significant cyber threat to the country’s critical infrastructure security.
“I can confirm that Russian interference, seen by the National Cyber Security Centre, has included attacks on the U.K. media, telecommunications and energy sector,” Martin mentioned.
“That is clearly a cause for concern — Russia is seeking to undermine the international system,” he added.
As per the survey by Tripwire, forty seven percent said that water, electricity and gas utilities are the most likely entities to be attacked.
“Before the Internet brought almost universal connectivity, industrial security was very different from what it is today,” Tripwire chief research officer David Meltzer said in a statement. “Traditional industrial and critical infrastructure organizations had no Internet as we know it today. Perimeter defense typically meant physical security — gates, fences, barriers and guards. Nowadays, these systems are Internet-connected, more virtualized in many cases, and more remotely accessible than ever before.”
“There is no dispute that connectivity provides many business advantages, such as centralized management and control, remote engineering access and resource consolidation,” Meltzer added. “However, it’s important to remember that it also brings with it a large number of additional risks, mainly increased attack vectors, exposure of inherently insecure and sometimes obsolete IT systems, and the opportunity for attackers to exploit vulnerabilities that have not been patched.”
Survey conducted by a Ponemon Institute of 377 U.S. professionals shows that there is cyber security issue for oil and gas operations. Only thirty five percent believe that their companies are well equipped.
“The fact that nearly 70 percent of oil and gas companies were hacked in the past year must serve as a call to action,” Siemens USA CEO Judy Marks said in a statement. “As oil and gas producers use digitalization to become safer and more efficient, there is a clear need to bulk up defenses for operational technology, which is even more vulnerable to attacks than the IT environment.”
Nozomi Networks founder and chief product officer Andrea Carcano mentioned that energy sector companies are prone to attack 24/7. “It is essential that critical infrastructure operators take steps to increase the visibility into their ICS networks and deploy new innovations that enable early detection of advanced persistent threats, whoever is making them,” he said.
____________________________________________________________________________________________
AlertSec ACCESS is a patent pending technology. It is designed to enforce that devices are encrypted before access to a network is granted. Encrypted devices secure your data in case a device is lost or stolen.