Saturday, January 30, 2010

Corporations' cyber security under widespread attack, survey finds

A survey of IT executives at corporations in 14 countries finds that more than half have seen 'high-level' attacks on their firms' computer systems. Even so, budgets for cyber security and IT have been cut in recent years, two-thirds of the respondents say.

Aound the world, corporations' computer networks and control systems are under "repeated cyberattack, often from high-level adversaries like foreign nation-states," according to a new global survey of information technology executives.

The attacks include run-of-the-mill viruses and other "malware" that routinely strike corporate defenses, but also actions by "high-level" adversaries such as "organized crime, terrorists, or nation states," a first-time global survey by the Center for Strategic and International Studies (CSIS) in Washington has found. More than half of the 600 IT managers surveyed, who operate critical infrastructure in 14 countries, reported that their systems have been hit by such "high-level" attacks, the survey concludes.

A large majority, 59 percent, said they believed that foreign governments or their affiliates had already been involved in such attacks or in efforts to infiltrate important infrastructure – such as refineries, electric utilities, and banks – in their countries.

Such attacks, the survey said, include sophisticated denial-of-service attacks, in which an attacker tries to so overwhelm a corporate network with requests that the network grinds to a halt.

But they also include efforts to infiltrate a company. Fifty-four percent of the IT executives said their companies' networks had been targets of stealth attacks in which infiltration was the intent. In two-thirds of those cases, the IT managers surveyed said company operations had been harmed.

The IT managers also believed that these "stealthy" attacks were conducted by "nation states" targeting their proprietary data, says the survey's main author, CSIS fellow Stewart Baker, in a phone interview. Mr. Baker is a cybersecurity expert formerly with the Department of Homeland Security and National Security Agency.

"It's all the same kind of stuff – spear-phishing, malware, taking over the network and downloading-whatever-you-want kind of attack," he says. "Over half of these executives believe they've been attacked with the kind of sophistication you'd expect from a nation state." csmonitor

1 comment:

  1. Its great and knowledgeable site but if u want to know what In a complex world of Information Technology and “technology upheavals”, enterprises feel the need for aligning their business objectives with security for optimizing profits. The threat of information collapse for enterprises and ultimately the much intertwined destiny of survival are at stake. TechnoTera.Com offers enterprises a strategic mix of information security consulting services, web and programming solutions. Subscribing to TechnoTera.Com services platform is the difference between enterprise success and failure, innovation and mediocrity, security and threat, entity and non-entity, progression and regression, education and ignorance.for more information about network security, information security, internet security, firewall, IT security, penetration testing, hacking penetration testing, , software security, system security, internet security visit http://www.technotera.com.

    ReplyDelete