Recent reports that the US electrical grid has been penetrated by spies from China and Russia has prompted security experts from McAfee to issue a warning and advice to organizations tasked with protecting the nation’s critical infrastructures. Former national security officials have said that cyberspies penetrated the electrical grid and have left behind software programs that could disrupt the system.
The disclosure of electrical grid vulnerabilities confirms what McAfee experts have said for some time. Traditionally, critical networks have had little to no cyber protection, and have relied on physical protection from guards, gates and guns. Today these networks are being expanded to provide remote monitoring and management and are linked up to corporate networks, opening doors for attackers.
In a study released in November 2008, more than 50 percent of respondents said that utilities, oil and gas, transportation, telecommunications, chemical, emergency services and postal/shipping industries were not prepared for a cyberattack. The McAfee study surveyed 199 international security experts and other industry insiders from utilities, oil and gas, financial services, government, telecommunications, transportation and other critical infrastructure industries.
Organizations, particularly energy companies, need to establish multi-function task forces that include IT staff and security experts. McAfee recommends that critical infrastructure asset owners and operators take five steps towards greater cybersecurity:
- Performing ongoing vulnerability assessments
- Vigilant monitoring of network automation and control systems
- Sharing information about threats and attacks through the industry Information Sharing and Analysis Centers (ISACs) such as the electricity sector ISAC and up the chain of command within organizations
- Taking a proactive approach utilizing global threat intelligence and implementing reputation-based technology
- Thinking beyond regulatory compliance.