Imagen decorativa Avisos

Currently, industrial infrastructures are suffering more attacks than ever before, and it is expected that attacks on these types of infrastructures will continue to grow exponentially in the coming years. This is why, throughout this article, an analysis will be made of a group of cybercriminals and their standard attack, showing how information can be obtained on the modus operandi, when and by what tactics and techniques they managed to attack an industrial infrastructure

Imagen decorativa Avisos
Blog posted on 15/02/2024

The industrial environment, especially the energy sector, is one of sectors that is suffering the most from cyber-attacks. This trend has been increasing in recent years, as this is one of the most information-sensitive sectors and can cause major problems, both economically and socially.

One of the best examples of malware attacks is BlackEnergy. This malware became known for being able to compromise several electricity distributors on 23 December 2015, causing households in the Ivano-Frankvisk region of Ukraine (a population of around 1.5 million) to be without electricity.

For this reason, due to seriousness of this type of cyberattacks, it is necessary to continue researching and investing in industrial cybersecurity, to reduce the damage caused by this type of cyber-attack in industrial environments.

Imagen decorativa Avisos

In recent decades, the need to control processes remotely to improve efficiency, productivity and accelerate decision making on industrial systems has led to the interconnection of operation technologies (OT) with information technologies (IT). This interconnection has given rise to a number of security risks in industrial control systems, and to meet these challenges, specific tools and technologies have been developed and adapted to help ensure cybersecurity in industrial environments. One such tool is the Security Operations Center (SOC).

In this article we will focus on the importance of advanced monitoring in a SOC OT.
 

Imagen decorativa Avisos

When talking about an endpoint device, we are talking about an end asset present at the network level. Among these devices we can find engineering stations (workstations), HMI, SCADA or PLC, among others.

 The evolution of industrial environments towards models in which these equipment are connected, both with corporate networks and remotely with suppliers, for maintenance purposes, exposes them to new threats. That is why industrial endpoints must be properly and individually protected and at multiple levels so that they cannot be compromised.   These end systems are key security hotspots because their vulnerabilities could affect other assets within the network. 

 

Imagen decorativa Avisos
Blog posted on 27/03/2023

Within the industrial world, there are some sectors such as robotics, which has evolver considerably. This has led to the need to update all the regulations and standards, both in terms of physical (safety) and cybersecurity. (security). Given that the robotics sector is and will increasingly become a highly technical sector with exponential growth, the need to update all documentation has been promoted by a large group of companies in the sector, which, above all, have focused their concerns on the cybersecurity of the industrial robotics world.

Imagen decorativa Avisos
Blog posted on 02/03/2023

Knowing the resources available when performing tasks of hardening a system, will allow us to optimize the time necessary to obtain a safer system. In addition, we have the possibility of using tools capable of auditing the system that identifies those configurations that are considered safe and which ones we could implement.

Imagen decorativa Avisos
Blog posted on 02/02/2023

The programming of PLCs is a fundamental part of the initial phases when building and designing industrial plants. About that environment, the company will base all its operations in that environment making the configuration of these controllers a critical element. When it comes to programming these devices there are a series of steps and best practices that take advantage of the native functionalities available and that involve little or no need to resort to a PLC programmer, protecting the device in a simple way with minimum spend on resource.

Imagen decorativa Avisos

This post presents some lines of action that should be followed to deal with a DrDoS cyberattack based on the ARD protocol, describing in detail the prevention, identification and response phases to follow.