/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsBANGALORE, INDIA: Symantec Corp has confirmed that manycritical infrastructures had been infected by the Stuxnet worm.
Indian is among the countries if not the biggest victim of the Stuxnet worm. The infections include critical infrastructures and we have already shared the data with Government agencies in this regard and working to sanitize the systems, said Shantanu Ghosh, vice president, India Product Operations, Symantec.
He said Symantec is also working with Indian Computer Emergency Response Team(CERT IN) to identify Stuxnet infected systems as well as their sanitizations.
Shanttanu Ghosh who released the India findings of its 2010 Critical Infrastructure Protection (CIP) Survey, which highlights that attacks against critical infrastructure providers in India have become more frequent and increasingly effective . Critical infrastructure providers come from industries that are of such importance either to a nation’s economy or society that if their cyber networks were successfully attacked and disabled, it would have a significant societal impact and potentially even threat national security.
“Critical Infrastructure Protection is not limited to protecting government and defense infrastructure, but extends to both publicly and privately run infrastructure such as telephone networks, power generation and distribution, oil refineries and gas pipelines,” said Shantanu Ghosh, vice president, India Product Operations, Symantec. “Today’s advanced threats require a comprehensive and risk-based approach that encompasses security, and disaster recovery, along with information management technology to maintain true network resiliency.”
Also read: What is Stuxnet?
India Highlights:
Targeted attacks are increasing in effectiveness and frequency: 43 per cent of Indian companies said attempts to shutdown or degrade their computer network were effective, and 37 per cent said attempts to manipulate physical equipment through network were somewhat effective. Furthermore, more than two-thirds of critical infrastructure providers said these attacks were staying the same or increasing.
Indian industry is positive towards government initiatives to protect critical infrastructure: Nearly 80 per cent of Indian providers are enthusiastic, appreciative or accepting of the government’s plans to protect critical infrastructure. One in five respondents are also engaged with the government on these plans.
Room for readiness improvement: Just more than half of Indian respondents are prepared for attacks carried out with political intentions, including attempts to steal electronic information, manipulate physical equipment through the network, shut down or degrade networks and alter or destroy electronic information. Respondents cited security training, response, audits and disaster recovery planning as safeguards that needed the most improvement. In fact, nearly half (42 per cent) said lack of trained resources within industry sectors is a challenge.
Global Highlights:
· Fifty-three percent of companies suspected they had experienced an attack waged with a specific political goal in mind, with companies being attacked 10 times on average in the past five years.
· Forty-eight percent expect attacks in the next year and 80 percent believe the frequency of such attacks is increasing.
· The average cost of these attacks was $850,000.
· Two-thirds have positive attitudes about programs and are willing to cooperate with their government on CIP.
· Only one-third of critical infrastructure providers feel extremely prepared against all types of attacks.
Recommendations to ensure resiliency against critical infrastructure cyber attacks:
§ Develop and enforce IT policies and automate compliance processes. By prioritizing risks and defining policies that span across all locations, organizations can enforce policies through built-in automation and workflow and not only identify threats but remediate incidents as they occur or anticipate them before they happen.
{#PageBreak#}
§ Protect information proactively by taking an information-centric approach. Taking a content-aware approach to protecting information is key in knowing who owns the information, where sensitive information resides, who has access, and how to protect it as it is coming in or leaving your organization. Utilize encryption to secure sensitive information and prohibit access by unauthorized individuals.
§ Authenticate identities by leveraging solutions that allow businesses to ensure only authorized personnel have access to systems. Authentication also enables organizations to protect public facing assets by ensuring the true identity of a device, system, or application is authentic. This prevents individuals from accidentally disclosing credentials to an attack site and from attaching unauthorized devices to the infrastructure.
§ Manage systems by implementing secure operating environments, distributing and enforcing patch levels, automating processes to streamline efficiency, and monitoring and reporting on system status.
§ Protect the infrastructure by securing endpoints, messaging and Web environments. In addition, defending critical internal servers and implementing the ability to back up and recover data should be priorities. Organizations also need the visibility and security intelligence to respond to threats rapidly.
§ Ensure 24x7 availability. Organizations should implement testing methods that are non-disruptive and they can reduce complexity by automating failover. Virtual environments should be treated the same as a physical environment, showing the need for organizations to adopt more cross-platform and cross-environment tools, or standardize on fewer platforms.
§ Develop an information management strategy that includes an information retention plan and policies. Organizations need to stop using backup for archiving and legal holds, implement deduplication everywhere to free resources, use a full-featured archive system and deploy data loss prevention technologies.
Recommendations for government to promote critical infrastructure protection:
Government should continue to put forth the resources to establish critical infrastructure programs. The majority of critical infrastructure providers confirm that they are aware of critical infrastructure programs. Furthermore, a majority of critical infrastructure providers support efforts by the government to develop protection programs.
Governments should partner with industry associations and private enterprise groups to disseminate information to raise awareness of CIP organizations and plans. Specific information should include how a response would work in the face of a national cyber attack, what the roles of government would be, who the specific contacts are for various industries at a regional and national level, and how government and private business would share information in the event of an emergency.