Eighty per cent of critical infrastructure organisations, including oil, gas, water and power companies, have been hit by a denial-of-service attack in the past year, while extortion has jumped by a quarter, but few are adopting appropriate security measures, according to McAfee.
The security firm's latest Critical National Infrastructure (CNI) report, In the Dark: Crucial Industries Confront Cyberattacks, found that critical infrastructure companies still lag behind when it comes to cyber security, despite the growing threat levels.
Some 40 per cent of executives surveyed believed that their industry's vulnerability had increased, nearly 30 per cent said that their company is not prepared for a cyber attack, and over 40 per cent expect a major cyber attack within the next year.
Yet despite this, only a quarter have tools to monitor network activity, while around the same number use those tools to detect anomalies.
CNI firms are increasingly on the radar of cyber criminals keen to exploit the relative lack of up-to-date security on vital supervisory control and data acquisition (Scada) systems.
The Stuxnet worm discovered in 2010 was targeted specifically at Scada systems, and appears to have been a watershed moment for the CNI firms and the cyber criminals.
Just last week, a report from Q1 Labs found that two-thirds of global energy companies are potentially exposed to a Stuxnet-like attack because they do not employ state-of-the-art Scada security.
Worryingly, nearly half of respondents in the electricity sector reported to McAfee that they had found Stuxnet on their systems.
Much of the problem seems to be energy firms adopting new technologies, including smart grids, but failing properly to mitigate the risks with the appropriate technologies and policies, according to McAfee senior director Sal Viveros.
"Everyone seems to be moving to smart grids, but what we have found is that smart grids aren't so smart," he said. "They are opening up a big hole for attacks on these companies."
Extortion attempts, in particular, have jumped by 25 per cent in the past year, according to the report. Anecdotal evidence suggests that recent power black outs in Brazil were down to cyber criminals interfering with IT systems, added Viveros.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago