Cyber attacks on utilities tipped to soar

Report shows attackers growing in determination and preying on connected networks

Stewart Mitchell
8 Oct 2010

Cyber-attacks on physical systems such as electricity grids and hospitals are likely to increase in number and sophistication over the coming year, a report has said.

The Emerging Cyber Threats Report for 2011 from the Georgia Tech Information Security Center's said attackers were better funded and more determined than ever before and that it was inevitable some would succeed.

“In recent years, we have seen an emerg­ing environment of persistence on the part of attackers,” said David Batz, cyber and infrastructure security manager at the Edison Electric Institute.

“Whether it is a representative from a competing business, someone with strong philosophical or religious motives, or a representative of a nation-state, there are individuals out there with the determination and resources needed to make a concerted investment in launching whatever attacks they can to realise their objectives.”

The more proliferation there is of intelligent metering and energy usage, the more opportunities there are for attackers

Citing unconfirmed suspicions that last year's massive power failure in Brazil was the result of cyber attacks, Batz said grids would be increasingly targeted over the coming year as they became more reliant on smart metering systems.

This also applied, the report said, to water and gas systems, which are rolling out smart meters and advanced metering infrastructure. “The more proliferation there is of intelligent metering and energy usage, the more opportunities there are for attackers,” said Heath Thompson, CTO at metering company Landis+Gyr.

Hospitals also at risk

The report also claimed that hospital infrastructure could be caught in the crossfire - if not via a direct attack, then through unpatched software on critical systems.

“Hospitals and other medical facilities operate under a very dif­ferent regulatory framework than in other industries,” said GTISC researcher David Dagon.

“If an infected device is used in patient care, it may not be pos­sible to patch it the same way as other systems because the FDA may have specific guidelines for making changes to devices that interact with patients," he said. “Some facilities may choose not to patch known infected systems, which can cause a whole new set of issues.”

The researchers said they had already seen an upsurge in attacks hitting hospital hardware, including radiology systems.

According to security firm SecureWorks, hacker attacks launched against their healthcare clients nearly doubled during the last quarter of 2009, from an average of 6,587 a day per healthcare client earlier in the year to 13,379 attacks a day.

Read more about: