The security of control systems can be threatened from different aspects, with the end device being the most important attack vector. With this in mind, the IEC, within the 62443 standard, wanted to emphasise devices by preparing a document exclusively concerning their security: IEC62443-4-2. This document contains different technical requirements to improve the security of the types of assets that can be found in a control system.
This post presents some lines of action that should be followed to deal with a DrDoS cyberattack based on the SNMP protocol, describing in detail the prevention, identification and response phases to follow.
This post will analyse the vulnerabilities associated with Log4Shell, detected in the library Log4j, which is found in infinite software products both in technical and industrial fields. Although there have been other instances of more sophisticated vulnerabilities, the problem with this one is area of exposure.
All organisations must be prepared so that, after the impact of a cyberattack, it may change, improve and adapt its processes and services. For this reason, it is necessary to protect the main business processes using a set of tasks that allow the organisation to evolve after a serious incident to redesign its strategies and minimise the possible impact of future cyberattacks
It is necessary to protect the main business processes through a set of tasks that allow the organisation to recover from a major incident in a timeframe that does not compromise the continuity of its services. This ensures a planned response to any security breach.
This post presents some lines of action that should be followed to deal with a DrDoS cyberattack based on the Memcached protocol, describing in detail the prevention, identification and response phases to follow.
This post sets out some lines of action that must be followed to deal with a DrDoS cyberattack based on the mDNS protocol; it describes in detail the prevention, identification and response phases that must be undertaken.
This post sets out some lines of action that must be followed to deal with a DrDoS cyberattack based on the TFTP protocol; it describes in detail the prevention, identification and response phases that must be undertaken.
This post sets out some lines of action that must be followed to deal with a DrDoS cyberattack based on the NTP protocol; it describes in detail the prevention, identification and response phases that must be undertaken.
This post sets out some lines of action that must be followed to deal with a DrDoS cyberattack based on the DNS protocol; it describes in detail the prevention, identification and response phases that must be followed.