Stuxnet, which recently infected a power grid and an Air Traffic Control unit, is the dreaded name that is responsible for sleepless nights among IT departments in infrastructure sectors across the world, including India. That could be a suspect in the several attacks on government websites and networks recently, including railway and ticketing websites.
A recent trend shows that the nature of cyber crime has moved from espionage to sabotage, and the kingpin in that underworld is Stuxnet. Cyber criminals are now capable of critically compromising national security. So much so, the central government has prepared the national cyber security policy draft, which has been submitted to the Union ministry of IT and communication and several other departments for consideration. To be finalised this month, it is expected to be tabled in the parliament soon.
A survey conducted by e-security company Symantec also found that over two-thirds of critical infrastructure providers are experiencing an escalation of these attacks. Thirty seven of the respondents said attempts to manipulate physical equipment through the online network have succeeded. India ranks the third among the most affected countries.
Across the world, Supervisory Control and Data Acquisition (SCADA) systems, used to monitor and control industrial processes, smart grids and utility systems are worried about their evident vulnerability to attack. As in India, world infrastructure companies pay most of their attention to security of physical assets, while the virtual ones are practically waiting to be attacked. The worm looks for industrial control systems and changes their code to allow the attackers to take control of the system without the operators' knowledge. In other words, this threat is designed to allow hackers to manipulate real-world equipment, which makes it very dangerous. Providers of IT solutions advocate that infrastructure companies should use leading-edged traffic/network intelligence systems.