ENISA warns of further attacks targeted at critical infrastructure
The European Network and Information Security Agency, (ENISA) believes that the Stuxnet attacks represent a paradigm shift in attacks against major market resources. It warns of similar attacks in the near future involving investments of time and money in malware development comparable to that invested in Stuxnet. According to ENISA, Europe needs to rethink measures for protecting critical infrastructure.
The agency believes that one possible measure would be to formulate guidelines for decision-makers on dealing with possible effects. To achieve this ENISA is planning a November drill to practice cross-border critical infrastructure emergency plans. "CYBER EUROPE 2010" is, however, aimed only at improving the exchange of information between security organisations.
ENISA has published an analysis of Stuxnet, which promises detailed information and recommendations for dealing with the malware, but actually consists of just a few short paragraphs plus links to Symantec and Siemens reports on the malware. In response to an enquiry from The H's associates at heise Security ENISA spokesman Ulf Bergstrom proved evasive in explaining why it has taken ENISA three months to issue a press release and brief analysis following discovery of the malware and its potential for causing damage. Bergstrom told heise Security that the agency, which was created by the EU in 2004, sees itself as a centre of expertise which collects and analyses security-related information and promotes cooperation between a range of network security organisations. It's not, according to Bergstrom, an executive organ – the member states are responsible for implementing specific measures.
In 2011, ENISA plans to developed best practice guidelines which will set out how SCADA systems should be secured and how to analyse information and communications technology dependencies in critical areas.
See also these reports from The H on the Stuxnet infection:
- Stuxnet strikes China
- Stuxnet brings more new tricks to cyberwar
- Iran confirms Stuxnet cyber attack
- Vulnerability exploited by Stuxnet discovered more than a year ago
- Stuxnet also found at industrial plants in Germany
- Stuxnet worm can control industrial systems