Cyber attacks on critical infrastructure systems rise

Security firm McAfee surveyed 200 IT executives working for utility companies in 14 countries, revealing that as many as eight out of 10 said their networks had been targeted by hackers during the past year.

The report also found that China was perceived as the most likely source of attacks, followed by Russia and the United States. The number of reported incidents represents an increase over 2009 attacks, when just over half of those asked said they had fallen victim to cyber attacks.

Most of the reported security breaches took the form of distributed denial of service (DDOS) attacks, the report said. These generally involve a network of computers, under the control of criminals, overwhelming en masse a company's internet-connected systems.

While such incidents have the potential to affect and shut down websites and corporate networks, researchers said it was unlikely they were intended to specifically cut off energy supplies.

However, according to former US national security advisor to President George W Bush Stewart Baker said that there remained a possibility that DDOS attacks could do more harm in future.

"That is one that causes severe loss of services for at least 24 hours, loss of life or personal injury or failure of a company. Three quarters thought it would happen within the next two years," he said.

The report also looked into a well known example of a cyber threat that could have serious and far-reaching consequences. Stuxnet, an internet ‘worm’ discovered in 2010, was found by analysts to have been specifically designed to take control of machinery in either Iran's Bushehr or Natanz nuclear facilities.

While it was known that the worm had spread more widely than its intended target, McAfee's research hinted at the full extend of its reach: among those utility companies that had carried out a search for Stuxnet on their computer systems, 40% found traces of it.

"It probably didn't result in any obvious interference with the systems, because it wasn't designed to do that," Baker remarked on the find.

"But the fact that it spread so widely and could have done so if it had been differently designed is very, very troubling if you are worried about cyber attacks by hostile nations or extortion attempts by well organised criminal gangs."

Respondents were also questioned about how much involvement they had with their governments on tackling cyber security issues – a question that found that Japan came out on top, along with China and the United Arab Emirates. The United Kingdom scored lowest of all those taking part in the study.