According to the latest Symantec Internet security threat report, the shifting virus threat landscape poses numerous challenges to power and energy companies. While past threats were designed to destroy data, today’s attacks are increasingly designed to surreptitiously steal data for profit without doing noticeable damage that would alert a user to its presence and to bring down systems, which is far more important for power and energy companies, says the report.
In addition to observing an increased volume of vulnerabilities, Symantec monitored the speed at which organisations were able to patch vulnerable systems. The report indicated that an average of 6.8 days elapsed between the announcement of a vulnerability and the release of associated exploit code. An average of 49 days elapsed between the disclosure of a vulnerability and the release of a vendor-supplied patch. That means organisations were susceptible to a potential attack for 42 days.
The most widespread attack detected by sensors deployed by the power and energy industry was the "possible incoming malicious attachment event". Detection of this generic attack indicates the possibility of suspicious email attachments, which may be associated with an attempt of a mass-mailing virus or worm to spread. Mass-mailing worms continue to be a problem for organisations and any infection by a worm can consume considerable system resources and require time and human resources to mitigate. Depending on the nature of the worm or virus, they may also disclose sensitive information. Some organisations could be required to halt business activities to deal with the infection, said the report. The emerging threats may compromise system information, cached logon credentials, or confidential files and documents.
In addition to observing an increased volume of vulnerabilities, Symantec monitored the speed at which organisations were able to patch vulnerable systems. The report indicated that an average of 6.8 days elapsed between the announcement of a vulnerability and the release of associated exploit code. An average of 49 days elapsed between the disclosure of a vulnerability and the release of a vendor-supplied patch. That means organisations were susceptible to a potential attack for 42 days.
The most widespread attack detected by sensors deployed by the power and energy industry was the "possible incoming malicious attachment event". Detection of this generic attack indicates the possibility of suspicious email attachments, which may be associated with an attempt of a mass-mailing virus or worm to spread. Mass-mailing worms continue to be a problem for organisations and any infection by a worm can consume considerable system resources and require time and human resources to mitigate. Depending on the nature of the worm or virus, they may also disclose sensitive information. Some organisations could be required to halt business activities to deal with the infection, said the report. The emerging threats may compromise system information, cached logon credentials, or confidential files and documents.