LockerGoga: response and recovery actions

Posted on 01/06/2023, by
INCIBE (INCIBE)
Cover image LockerGoga: response and recovery actions
LockerGoga is  a ransomware-type malware, first discovered in 2019, that infects computer systems, encrypts your files, and demands a ransom in cryptocurrencies in order to recover them. Unlike others, LockerGoga focuses on attacking businesses and government organizations. This article describes what it is and explains the relevant methods to respond to this threat

Microcontrollers and their main protection measures

Posted on 25/05/2023, by
INCIBE (INCIBE)
Microcontrollers and their main protection measures
The physical protection of ports at hardware level within embedded systems allows control of the physical access interfaces, but what happens when these interfaces are necessary? Sometimes, access via JTAG or UART to systems is required for maintenance or modifications in different industrial processes. Thanks to these accesses, suppliers can access memory addresses to read or write, modify firmware, etc. Given the importance of these tasks, it is necessary to incorporate cybersecurity into the process and it is precisely on these measures that the subject of this article will focus.Protection against fault injections, encryption of some memory sections within microcontrollers, or simple write protection are some of the defences that can be implemented to avoid problems within an industrial infrastructure

Industrial control systems endpoints defence guide

Posted on 22/05/2023, by
INCIBE (INCIBE)
Cover image Industrial control systems endpoints defence guide
When talking about an endpoint device, we are talking about an end asset present at the network level. Among these devices we can find engineering stations (workstations), HMI, SCADA or PLC, among others. The evolution of industrial environments towards models in which these equipment are connected, both with corporate networks and remotely with suppliers, for maintenance purposes, exposes them to new threats. That is why industrial endpoints must be properly and individually protected and at multiple levels so that they cannot be compromised.   These end systems are key security hotspots because their vulnerabilities could affect other assets within the network.  

Vulnerabilidades

Vulnerabilidades

Vulnerabilidades

Información en castellano sobre las últimas vulnerabilidades documentadas y conocidas.

Guías y estudios

Guías y estudios

Seguridad en Protocolos Industriales – Smart Grid

Contenido práctico y teórico avanzado sobre ciberseguridad para técnicos.

Servicio para operadores

Servicio para operadores

Protocolos y seguridad de red en SCI

Conjunto de servicios que ofrecemos para operadores estratégicos.