Segmentados Administración sistemas y redes TI

The evolution of communications in society is also having an impact on the industrial world. With the arrival of 5G, many industrial companies have considered migrating some of their communications to take advantage of the characteristics of this new mobile communications band, such as the reduction of latency times, the increase in connection speed or the exponential increase in the number of devices that can be connected to the network. These characteristics fit perfectly with the industrial mentality, where there are a multitude of interconnected devices between which there cannot be a communication cut due to the criticality of the processes they implement. This article aims to comment, in addition to all the advantages that 5G provides to the industry, the different uses that can be given currently and the complexity of implementing these communications in some devices for subsequent deployment in the industry. Also, to specify possible vulnerabilities in communications using 5G networks.

External access provides great convenience to workers, as it allows them to access any industrial equipment deployed in the field from the office or even further away. However, this type of access can pose a number of security problems for the company. This article reviews the main problems and how to solve them.

Within the industrial world, systems can be detected that do not have all their cybersecurity capabilities activated. This can occur for a variety of reasons, but if detected, each case must be analyzed to get the most out of each device. The ability to robustly configure programs, services or other nuances within industrial systems is called bastioning and allows, among other things, to prevent assets from having a large exposure to the network or the solutions deployed in the system from having vulnerabilities resulting from misconfiguration.In this article, we will begin by explaining what hardening is and how to apply it to our industrial network, along with some good practices to follow.

The Purple Teams are exercises in which three very well differentiated teams participate: a Red Team, a Blue Team and a Purple Team. The Red Team will be in charge of carrying out attacks on the defined structure, the Blue Team will be the team in charge of defending that structure and the inclusion of the Purple Team allows the two previous teams to communicate with each other and be organized correctly thanks to the work of the purple team. This is why the Purple Teams allow a great number of advantages to be obtained with respect to carrying out the exercises separately and without coordination between them.This article presents all these advantages and much more about Purple Teams.

When a security incident occurs in an ICS (Industrial Control System), depending on the severity of the incident, it can generate a serious problem, both at a productive and economic level, as well as in the security of the people working in the industrial system.Therefore, in this article following the one entitled "Good practices for the recovery of industrial systems (I)", response plans will be discussed from a point of view oriented to current regulations, as well as their applications and necessity in critical industrial environments, such as the energy sector. 

When a security incident occurs in an ICS (Industrial Control System), depending on its severity, it can generate a serious problem, both at a productive and economic level, as well as in the security of the people working in the industrial system.Therefore, in this first article of a series on this subject, we will explain precisely the recovery plans, some general guidelines for their development and some conclusions on the use and applicability of these plans.

In recent years, the constant technological evolution has made possible a large number of advances that would have been unthinkable years ago. In industrial environments, one of the latest developments that promises to stand out and is here to stay are virtual PLC.The virtualization of these controllers will make it possible to decouple the hardware from the software, i.e. the software will be installed in the engineering stations, while the hardware will remain in another area outside the production area.

IDSs are passive elements that are in our network to ensure its security, but what would happen if all our communications were encrypted, or would this protection measure be enough to ensure that my network is protected? These questions and more will be discussed in the following article to provide solutions and advice focused on industrial environments.

The Industrial Internet of Things (IIoT) has experienced considerable growth in recent years, providing crucial improvements. However, it also has some limitations in terms of consumption, security, cost or scalability. In this blog, we will see how the appearance of LoRaWAN in this area can solve part of those limitations.

A high percentage of devices developed for the industrial world have physical interfaces that allow secondary communications to be established. These communications allow the execution of important tasks such as the management of the devices themselves or changing the way they interact with industrial processes. Although in most cases it is necessary to have physical access to the device in order to use these interfaces, manipulation of the device through these interfaces allows attackers to manipulate the operation of the system without leaving any trace if there are no mechanisms to protect the asset from hardware hacking.This article aims to show the most widespread physical interfaces in industrial devices and embedded systems in general. On the other hand, we want to show some attacks executed throughout history in the industrial world. These attacks, thanks to the physical manipulation of a device, have allowed attackers to achieve a great impact on the targeted industrial process

The physical protection of ports at hardware level within embedded systems allows control of the physical access interfaces, but what happens when these interfaces are necessary? Sometimes, access via JTAG or UART to systems is required for maintenance or modifications in different industrial processes. Thanks to these accesses, suppliers can access memory addresses to read or write, modify firmware, etc. Given the importance of these tasks, it is necessary to incorporate cybersecurity into the process and it is precisely on these measures that the subject of this article will focus.Protection against fault injections, encryption of some memory sections within microcontrollers, or simple write protection are some of the defences that can be implemented to avoid problems within an industrial infrastructure

When talking about an endpoint device, we are talking about an end asset present at the network level. Among these devices we can find engineering stations (workstations), HMI, SCADA or PLC, among others. The evolution of industrial environments towards models in which these equipment are connected, both with corporate networks and remotely with suppliers, for maintenance purposes, exposes them to new threats. That is why industrial endpoints must be properly and individually protected and at multiple levels so that they cannot be compromised.   These end systems are key security hotspots because their vulnerabilities could affect other assets within the network.