Microsoft Subnet An independent Microsoft community View more

Over 70% of energy and financial firms say cyberattacks coming within 12 months

ThreatTrack Security released a study claiming US energy companies and financial service firms expect to be attacked within the next 12 months, saying it is a certainty or highly likely they will be a target of a sophisticated cyber-espionage tactic.

A blind survey of 200 IT security managers and admins, 100 in the energy sector and 100 in the financial service sector, revealed that "72% of energy and financial service firms believe there's a cyberattack in their near future."

Energy companies and financial service firms are both industries that are highly targeted by cybercriminals. According to the study commissioned by ThreatTrack Security, both industries "are confident that their organization will be the target of an Advanced Persistent Threat (APT), targeted malware attack or other sophisticated cybercrime or cyber-espionage tactic in the next 12 months." 44% of surveyed energy companies and 31% in finance said it is either a "certainty" or "highly likely."

"Have your endpoints been infected by malware that evaded detection by traditional signature-based defenses such as antivirus, email security or firewalls?" 37% in the energy sector and 31% in the finance sector said "yes."

While 34% of energy companies believe hacktivists are the top cyber threat, 36% of financial services believe organized cybercrime syndicates are their top cyber adversary.

61% of energy firms say email is the biggest threat vector for malware, but 42% of financial service firms say it's the web; however, 39% of financial services also named email. Only 3% of respondents say mobile is the biggest threat vector they are facing; ThreatTrack Security thinks that might indicate that many in the energy and financial service industries could be overlooking a growing source of malware delivery.

Besides a cool infographic, ThreatTrack released these key findings:

70% of respondents from companies with security budgets between $500,000 and $1 million had been infected at least once.

Less than 10% of energy firms or financial service companies fear the insider threat.

12% of energy firms fear attacks from foreign governments.

According to Julian Waits, president and CEO of ThreatTrack Security, the two easiest and quickest steps to improve smart grid cybersecurity are:

  1. First and foremost, legacy software must be updated, and fast. It's no secret that IT infrastructure at energy companies is often out of date. The vulnerabilities are clear, and they need to be identified.
  2. Second, the attacks on energy companies are typically customized in nature, so the malware samples used may be brand new and not found in an AV list of known malware. Tools that can identify unknown malware samples, and direct security administrators to clean them from the network, can prevent catastrophe from occurring.

ThreatTrack financial and energy firms in cyberware crosshairs
Last year, ICS-CERT, short for Industrial Control Systems Cyber Emergency Response Team, reported (pdf) that "In fiscal year 2012, ICS-CERT responded to 198 cyber incidents across all critical infrastructure sectors. Of these, 41% were in the energy sector compared to all other sectors." But in the first half of fiscal year 2013, (October 1, 2012-May 2013), ICS-CERT "responded to over 200 incidents across all critical infrastructure sectors. The highest percentage of incidents reported to ICS-CERT occurred in the energy sector at 53%."

In January, FINRA, or Financial Industry Regulatory Authority, reported (pdf) that cybersecurity remained a top priority for the financial services industry. "In recent years, many of the nation's largest financial institutions were targeted for disruptions through a range of different types of attacks. The frequency and sophistication of these attacks appears to be increasing. In light of this ongoing threat, FINRA continues to be concerned about the integrity of firms' infrastructure and the safety and security of sensitive customer data. Our primary focus is the integrity of firms' policies, procedures and controls to protect sensitive customer data. FINRA's evaluation of such controls may take the form of examinations and targeted investigations. "

Why are attacks against both industries so hard to stop? The answers, according to ThreatTrack Security's study, are as follows:

About half of all organizations surveyed say they plan to train existing IT staff on new technologies and cybersecurity strategies. More than one-third plan to implement new policies like limiting network access privileges and educating employees. 34% will invest in advanced malware detection technology. 

Like this? Here's more posts:

Follow me on Twitter @PrivacyFanatic

To comment on this article and other Network World content, visit our Facebook page or our Twitter stream.
Must read: Hidden Cause of Slow Internet and how to fix it
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.