APT in ICS

Updated on 25/07/2024, by
INCIBE (INCIBE)
APT en SCI portada
In the industrial environment, the interconnection of industrial equipment for maintenance via the Internet is becoming increasingly common. However, this has also opened the door to a new and dangerous landscape of threats. This article reviews one of the most representative threats within this current new paradigm, APTs, how concern about this type of threat is increasing, and how they operate during an industrial attack.

Enhancing Internet security with IRR: protection against incorrect route advertisements

Posted on 04/07/2024, by
INCIBE (INCIBE)
In the complex web of network infrastructure, the Internet Routing Registry (IRR) stands out as an essential component, playing an important role in the coordination and security of routing policies. Its benefits are significant in building a cyberspace free of spoofing-type attacks. Knowing how to create and maintain objects in the IRR is essential for operators of Internet infrastructures. This article presents its fundamental elements and the tools that help in its life cycle

Mapping between NIST FW and IEC 62443 2-1

Updated on 18/07/2024, by
INCIBE (INCIBE)
Cover blog NIST FW
There are currently many standards and regulations in the industrial sector. A wide variety of them allow industrial organizations to check their level of maturity, such as IEC 62443, or to improve the security level of the organization through the application of a series of guidelines, good practices or guides, as in the case of the NIST Framework.Given the growth of the industrial sector, and the increase in capabilities, both in production and connectivity, thanks to the consolidation of Industry 4.0 and the emergence of Industry 5.0, industrial environments are in the focus, not only of technological improvements, but also of cyber-attacks.The application and implementation of the IEC 62443 family, in combination with the NIST Framework, will enable organizations to reduce, mitigate and control the possibility of suffering a cyber-attack by implementing the controls and best practices defined in both standards.

UMAS and the cybersecurity of this communications

Updated on 11/07/2024, by
INCIBE (INCIBE)
Cover UMAS
UMAS (Unified Messaging Application Services) is a Schneider Electric (SE) proprietary protocol used to configure and monitor Schneider Electric programmable logic controllers (PLCs). While it is true that the protocol is related to this manufacturer, the use of the protocol is quite widespread in different sectors, especially the energy sector, as is obvious.The article will focus on the technical breakdown of the protocol and the use of the protocol. The article will also show weaknesses, strengths and some technical vulnerabilities detected in this protocol.

Protocols and architectures in IIoT environments

Updated on 27/06/2024, by
INCIBE (INCIBE)
Portada blog IIoT
In today's business landscape, the digital revolution has led to an unprecedented transformation, and at the epicenter of this evolution are Industrial Internet of Things devices (IIoT). These devices, skilled in collecting and transmitting data in real-time, have emerged as fundamental pillars, that drive operational efficiency and decision-making in industrial environments.From advanved sensors to smart sctuators, the network of IIoT devices implemented in the industrial fabric is improving the frontiers of connectivity, impacting the way companies design, implement, and manage their operations.In this article, we will learn about the role of these devices within Industry 4.0, analyzing how different types of architectures are implemented and how their communications protocols shape the future of the industry. 

New 2024 cybersecurity regulations for vehicles

Posted on 13/06/2024, by
INCIBE (INCIBE)
cybersecurity regulations for vehicles study cover
The UN R155 and UN R156 regulations are of vital importance for vehicle cybersecurity. From July 2022, all car manufacturers that want to be type-approved must comply with both regulations, but from July 2024 this requirement will be extended to all new vehicles sold in the European Union, regardless of when the manufacturer obtained type-approval. One of the most important aspects of compliance with both regulations is the completion of a cybersecurity risk assessment of the vehicle, including all integrated components of the vehicle's supply chain. On the other hand, it also specifies how to incorporate cybersecurity from design, how to detect and respond to incidents, how to securely update vehicle software, etc. 

Gateways between ICS and cloud environments

Updated on 20/06/2024, by
INCIBE (INCIBE)
Cover Gateways between ICS and cloud
En la actualidad, el crecimiento de las plantas industriales ha provocado una incesante búsqueda en la mejora de la productividad de los procesos industriales. Esto ha llevado a la evolución de los dispositivos IIoT y, con ello, la emergencia de las pasarelas ICS. Estas se han postulado como puentes tecnológicos, tendiendo vínculos, puentes, entre los dispositivos instalados y la inmensidad de los entornos cloud. En este artículo descubrirás el papel central de estas pasarelas, descubriendo su función como facilitadoras esenciales en la convergencia de la ingeniería tradicional y la innovación en la nube.