We consider a security problem for interconnected systems with linear, discrete, time-invariant, stochastic dynamics, where the objective is to detect exogenous attacks by processing measurements at different locations. We consider centralized and decentralized detectors, which differ primarily in their knowledge of the system model. In particular, a decentralized detector has a model of the dynamics of the isolated subsystems, but is unaware of the interconnection signals that are exchanged among subsystems. Instead, a centralized detector has a model of the entire dynamical system. We characterize the performance of the two detectors and show that, depending on the system and attack parameters, each of the detectors can outperform the other. Hence, it may be possible for the decentralized detector to outperform its centralized counterpart, despite having less information about the system dynamics, and this property is due to the nature of the considered attack detection problem (that is, a simple vs. composite hypothesis testing problem). Finally, we numerically validate our findings on a power system model.