30 Jul 2014

Utilities told of cyber attack danger

8:07 am on 30 July 2014

A new survey indicates the majority of New Zealand and Australian organisations, responsible for providing critical infrastructure, aren't doing enough to prevent serious cyber attacks.

The global survey, conducted by Unisys, interviewed the executives of nearly 50 organizations responsible for the delivery of power, water and other critical functions, to see how they address cyber security threats.

Of those surveyed, 86 percent had suffered a security breach in the past year, and 67 percent expected to suffer one or more serious cyber attacks in the coming year.

Considering the risk, Unisys Asia Pacific director of security John Kendall said it was surprising that only 18 percent of the executives surveyed made security breaches one of their top five priorities.

He said in terms of utility companies and other critical infrastructure, the cyber infrastructure and physical infrastructure are basically merged together.

Mr Kendall said there was very little in today's organisations that did not have some cyber aspect, whether it was a power plant, refinery or water supply company.

"They all have exposure and dependance on the cyber side as well, so if we're seeing this level of attacks right now it means that the actual critical infrastructure right now is at risk - and not much is being done to protect it."

Mr Kendall said it was up the organisation itself to address it.

He said organisations which did not take the steps such as doing training and putting proper security measures in place they were very vulnerable and the impact could be severe and widespread.

"We've had attacks against power plants, against water supplies, against rail networks, against chemical plants, all of these have been through the cyber side, so the threat is very real."