Critical infrastructure companies targeted by malware
Companies in the critical infrastructure sector, such as oil, energy, and chemical industries, experienced a higher percentage of malware in 2009 than organizations in other sectors – much, much higher: more than 350 percent more than other industries
Organizations in the critical infrastructure sector, such as oil, energy, and chemical industries, experienced a higher percentage of malware in 2009 than organizations in other sectors. According to Web security firm ScanSafe, critical infrastructure companies experienced at least twice as much malware as other organizations.
According to ScanSafe’s Annual Global Threat Report 2009, the energy and oil industries suffered the largest amount of data-theft Trojans, experiencing more than 350 percent more than other industries. Other sectors with a significant amount of contact with Trojans include government, chemical, banking, and finance and pharmaceutical.
Mary Landesman, senior security researcher at ScanSafe, said “There is a misconception that cybercriminals are only intent on stealing data intended for credit card fraud and identity theft. In reality, cybercriminals are casting a much wider net. Consumer credit card details are child’s play compared to the value of infrastructure and intellectual data from these sensitive verticals. The message is clear — cyberwar is already here. The Web is the battlefield and the enterprise is on the frontlines,” she said.
Michael Cheek writes that the average company by the end of 2009 experienced nineteen encounters with malware per day and almost one quarter of the malware was zero-day, meaning it is undetectable by signature-based methodologies.
