Every second critical infrastructure supplier has been a target of a cyberattack, a survey of security software firm McAfee showed on Thursday.
Hackers frequently succeed in attacking businesses, security experts say, but companies rarely disclose the breaches because they are afraid of damaging their reputations and encouraging criminals.
This made Google's statement of a highly sophisticated and targeted attack from China stand out earlier this month.
For the McAfee study the Center of Strategic and International Studies surveyed some 600 IT and security executives from the energy, transport, water and sewage, government, telecoms and financial sectors in 14 countries.
In most developed countries, critical infrastructure is connected to the Internet and can lack proper security functions, leaving these installations vulnerable, McAfee said.
Some 37 percent of firms believed the threat to critical infrastructure is growing, and two-fifths expect a major cyber security incident within the next year, the survey showed, while one out of five has been a victim of financial extortion.
Greg Day, McAfee's security analyst, said the biggest surprise in the study was the scale and scope of attacks.
It is happening at such a major scale and we will certainly see more and more sophisticated attacks, Day said. (Reporting by Tarmo Virki; Editing by Jon Loades-Carter)