Cyber attacks against key infra now frequent

Symantec Corp, a global data security provider, has said that cyber attacks against critical infrastructure providers in India were becoming more frequent and effective in the recent past.

The company, which came up with a survey comprising 1,580 companies in 15 countries, has also said cyber attacks were not only restricted to financial arena, but also have a political motive behind them.

“Critical infrastructure protection is not only limited to protecting government and defence infrastructure, but extends to both publicly and privately-run infrastructure such as telephone networks, power generation and distribution, oil refineries and gas pipelines among others,” Shantanu Ghosh, V-P, India product operations of Symantec said.

He also said that governments across the world would require a comprehensive and risk-based approach that would ensure security and disaster recovery.

As per the survey by Symantec, the volume of money involved in cyber crimes has surpassed drug trade across the world.

It also showed 53 per cent of companies suspected that they had experienced an attack waged with a political goal in mind. Similarly, 48 per cent expect cyber attacks next year.

“Cyber attacks are increasingly specific from generic threats along with signs of maturity,” Ghosh said.

He, however, said it was difficult to ascertain if there was any correlation between cyber attacks and political rivalry between nations.

Referring to this matter, Gulshan Rai, director general of Indian Computer Emergency Response Team, said, “Stuxnet, the first computer worm to impact critical infrastructure such as nuclear power plants, water treatment facilities among others, reaffirms that cyber attacks have evolved to extremely sophisticated activities capable of attacking and compromising utilities, government and private infrastructure, and corporate intellectual property.”

He also said Symantec was working closely with CERT-In to identify Stuxnet infected systems as well as their sanitisation.

According to the survey, governments should set aside resources to establish critical infrastructure programme.

It also recommended that the state agencies should partner industry associations and private information to raise awareness on cyber security.

“We have to develop and enforce IT policies, protect information, authenticate identities among others to protect our critical infrastructure from such attacks,” the survey said.