System hardening: the case of Linux

Posted on 02/03/2023, by
INCIBE (INCIBE)
System hardening: the case of Linux Cover
Knowing the resources available when performing tasks of hardening a system, will allow us to optimize the time necessary to obtain a safer system. In addition, we have the possibility of using tools capable of auditing the system that identifies those configurations that are considered safe and which ones we could implement.

The importance of radio frequencies in industry

Posted on 23/02/2023, by
INCIBE (INCIBE)
Hands with a controller
In industrial environments there are a multitude of technologies, manufacturers, communications, etc. This article will reflect a small part of the protocols that use radio frequency (RF) communications. Thanks to these wireless communications, operators in the industrial world can send a simple order to obtain information on the status of a sensor or execute control orders in the industrial environment. The importance of a good implementation, in terms of cybersecurity of these communications, is quite high since, on occasions, some of the attacks that have been investigated have an impact on the physical world, giving rise to incidents that can even result in fatalities.

Red Team in mysterious waters

Posted on 16/02/2023, by
INCIBE (INCIBE)
Decorative image red team sports
The proliferation of cybersecurity incidents in industrial environments has given rise to a huge concern in the various existing sectors. Some of them, such us the energy sector, are choosing the path taking in the banking sector with the TIBER-EU framework. In addition, many governments are allocating large sums of money to their government agencies to develop strategic plans in which that exercises are included

Industroyer2, the ampere strikes back

Posted on 09/02/2023, by
INCIBE (INCIBE)
Factory drawing
Confrontations between countries no longer only take place in the physical world, in this new decade, these confrontations also move to the cyber world. The conflict between Russia and Ukraine is one of the clearest examples. Among the events that have taken place is the security incident known as Industroyer2, which affected an electrical supplier in Ukraine. The Industroyer2 is the evolution of its predecessor, the malware known as Industroyer, which was able to affect multiple protocols of industrial control systems during its execution. This new variant of the malware focuses on a particular communications protocol, IEC-104, which is widely used in Europe and the Middle East to monitor and control the power system via the TCP/IP communications protocol.

Secure programming techniques for PLC

Posted on 02/02/2023, by
INCIBE (INCIBE)
Image of a programmable logic controller
The programming of PLCs is a fundamental part of the initial phases when building and designing industrial plants. About that environment, the company will base all its operations in that environment making the configuration of these controllers a critical element. When it comes to programming these devices there are a series of steps and best practices that take advantage of the native functionalities available and that involve little or no need to resort to a PLC programmer, protecting the device in a simple way with minimum spend on resource.

What to expect from the industrial cybersecurity in 2023?

Posted on 26/01/2023, by
INCIBE (INCIBE)
Crystal ball 2023
In the year 2022 and as is reflected in the article “Industrial Security 2022 in numbers”, cyberattacks in all industrial sectors have increased by around 30 % in the third quarter of 2022 and it is estimated that the number of organizations or industrial manufacturers victims of a cyberattack was around 40% in the last year. Especially in the industrial sector, the number of attacks has grown exponentially due to the massive introduction of IoT devices (it is expected to go from 13.5 to 21.5 million connected devices in three years) or more specifically about IIoT devices, which have been the main gateway for attacks as manufacturers have prioritized features and mass-production of devices over the security. In addition, this is compounded by planned obsolescence planned (increasingly present in this type of devices), increased interoperability and connectivity and the appearance of new types of malware and exploits which are much more effective.

Edge computing the future in computation

Posted on 11/01/2023, by
INCIBE (INCIBE)
hand edge computing
After the establishment of the cloud technology in industrial environments to provide processes a greater intelligence, new technological challenges arise that give rise to technical implementation solutions such as edge computing. This strategy makes it possible to extend cloud environments to different locations for processing collected data from the environment locally and immediately. An example of this new technological paradigm can be seen in modern manufacturing plants where sensors (IIoT) generate a constant flow of data to prevent breakdowns, improve operations, etc. Given that amount of data that can be generated, it is faster and more profitable to process the data in a close position from the equipment rather than transmitting It to a remote data center.
Etiquetas

Go top