When talking about an endpoint device, we are talking about an end asset present at the network level. Among these devices we can find engineering stations (workstations), HMI, SCADA or PLC, among others.
The evolution of industrial environments towards models in which these equipment are connected, both with corporate networks and remotely with suppliers, for maintenance purposes, exposes them to new threats. That is why industrial endpoints must be properly and individually protected and at multiple levels so that they cannot be compromised. These end systems are key security hotspots because their vulnerabilities could affect other assets within the network.
This post presents some lines of action that should be followed to deal with a DrDoS cyberattack based on the ARD protocol, describing in detail the prevention, identification and response phases to follow.
In recent years, the concept of machine learning has gained more prominence, mainly driven by advances in parallel computing capacity. More and more developments, applications and programs are using these algorithms to provide systems with greater security, intelligence and independence. However, it’s rarely used in industrial environments, although some recent tests and developments prove its effectiveness, including in the scope of detection and prediction of cyber attacks.