Security CXO

Massive cyberattack on US critical infrastructure will hit within 2 years, say 60% of security pros

New Black Hat Research suggests that a major breach on US infrastructure could be imminent, and government agencies won't be able to react appropriately.

Video: Researchers predict large-scale cyberattack against US infrastructure in the next two years

A "major breach" of the US government's critical infrastructure is coming, sometime in the next two years, and defense agencies won't be able to stop it. That startling prediction was made by 60% of cybersecurity professionals, surveyed by Black Hat for its Portrait of an Imminent Cyber Threat report, published on Thursday.

For the report, Black Hat surveyed almost 600 cybersecurity professionals who had attended the yearly Black Hat security conference. The survey respondents also provided feedback on issues such as impending cyber threats, US cyber policy under president Donald Trump, and risks in the enterprise.

Regarding emerging threats, half of the respondents said that phishing attacks were the biggest problem. Sophisticated, targeted attacks were cited by 45% of respondents, and 36% said that the growth of ransomware is the biggest threat currently.

SEE: Information Security Management Fundamentals (TechRepublic Academy)

What's worse is that these leaders don't believe their organizations have the tools they need to fight these threats. Almost 70% said they lack the headcount to adequately protect themselves, and 60% said they don't have a big enough budget.

The survey respondents also lacked confidence is the US government's ability to fend off a breach. A mere 26% were confident that the US government would be able to respond appropriately to an attack. In terms of President Trump's impact on cyber security in the US, 47% said the administration will have a negative impact, 27% said it would be neutral, and 26% said there would be a positive impact.

Much of the dwindling confidence in the US government infrastructure came in light of talks about foreign interference with US elections, cyberspying on US companies, and the impact of ransomware like WannaCry. Roughly 70% said that "recent activity from Russia and China has made U.S. enterprise data less secure," a press release for the report said. An additional 60% said that corporations need to develop their own, specialized way to defend their data from foreign attacks.

Enterprise operation are also being impacted by revelation shared through WikiLeaks, according to more than 60% of survey respondents. More than 30% said they oppose WikiLeaks, 37% are neutral to it, and 31% favor it.

In addition to a breach impacting the US government, respondents also feared a breach at their organization as well. Almost 70% of respondents expressed concern about a potential breach hitting their systems sometime within the next year. As such, the report said, more initiatives must be taken by government and enterprise professionals to secure their data and systems.

The 3 big takeaways for TechRepublic readers

  1. Some 60% of cybersecurity professionals, surveyed by Black Hat, believe that a breach will hit the critical infrastructure of the US government in two years, and the US won't respond appropriately.
  2. Respondents are predicting that their organization will be victim to an attack, but most feel that they lack enough employee and a proper budget to respond correctly.
  3. Only 26% of respondents were confident that the US government, under president Trump, would be able to react correctly to a major breach.

Also see

Image: iStockphoto/HYWARDS
Visit TechRepublic