Imagen decorativa Avisos
Blog posted on 21/03/2024

Currently, industrial infrastructures are suffering more attacks than ever before, and it is expected that attacks on these types of infrastructures will continue to grow exponentially in the coming years. This is why, throughout this article, an analysis will be made of a group of cybercriminals and their standard attack, showing how information can be obtained on the modus operandi, when and by what tactics and techniques they managed to attack an industrial infrastructure

Imagen decorativa Avisos
Blog posted on 15/02/2024

The industrial environment, especially the energy sector, is one of sectors that is suffering the most from cyber-attacks. This trend has been increasing in recent years, as this is one of the most information-sensitive sectors and can cause major problems, both economically and socially.

One of the best examples of malware attacks is BlackEnergy. This malware became known for being able to compromise several electricity distributors on 23 December 2015, causing households in the Ivano-Frankvisk region of Ukraine (a population of around 1.5 million) to be without electricity.

For this reason, due to seriousness of this type of cyberattacks, it is necessary to continue researching and investing in industrial cybersecurity, to reduce the damage caused by this type of cyber-attack in industrial environments.

Imagen decorativa Avisos
Blog posted on 08/02/2024

IoT networks are very useful for everyday life, but their use is not limited only to this type of environment; there are industrial environments where this type of networks can benefit connectivity between industrial devices and provide capabilities that other types of networks could not. The 3rd Generation Partnership Project or 3GPP developed the NB-IoT protocol, a protocol for when networks with higher performance, higher speed and high interconnectivity capacity between devices are required. This protocol can work both in IoT devices and in IoT devices in the industrial environment (IIoT).

Imagen decorativa Avisos
Blog posted on 11/01/2024

The OPC UA (OPC unified architecture) communication protocol is the most modern standard presented by OPC Foundation. Currently, the OPC UA protocol is one of the most widely used in industrial environments, due to its ability to interconnect different devices, regardless of their base protocol and vendor.

Throughout this article, a technical assessment of the protocol will be conducted, explaining in detail the technical capabilities that allow a high level of cybersecurity to be implemented without causing performance losses in the devices.
 

Imagen decorativa Avisos
Blog posted on 28/12/2023

Second part of the Top 20 mitigations for industrial environments. This part will focus on mitigations related to network architecture, industrial protocols, network configuration and vulnerability scanning.

Imagen decorativa Avisos
Blog posted on 21/12/2023

In the industrial world, there are a large number of systems, equipment, networks, areas, ducts, cloud environments, IT-OT environments, etc. In recent years, the number of attacks on industrial environments has been growing exponentially, and not only on purely industrial environments, but also on corporate environments that are connected to industrial environments. These IT environments being access points for attackers due to this IT/OT connectivity.

Imagen decorativa Avisos
Blog posted on 02/11/2023

The automotive sector is currently moving towards electric consumption, as society is becoming more and more aware of the problems that environmental pollution can cause.

One of the big challenges of this trend is how to charge electric vehicles, for which charging points are currently used.

But like most of today's technological devices, they will also need to have access to an Internet connection in order to be able to monitor in real time the use of the station, the customer's banking information, etc.

For this reason, in this article we want to talk about the different risks or cyber-attacks that these charging points may suffer and the problems they may cause, as this is a very important sector for society and one that is capable of managing very sensitive information
 

Imagen decorativa Avisos
Blog posted on 19/10/2023

The arrival of the new version of CVSS (Common Vulnerability Scoring System) covers some deficiencies related to the assessment of vulnerabilities in the industrial world. The introduction of changes in the way of scoring different vulnerabilities, the incorporation of new metrics for elements of the industrial world such as "Safety" or the service recovery of a device, are some of the new features introduced in version 4 of the CVSS.

This article will analyze the new features brought by version 4.0 and its increased accuracy when assessing vulnerabilities in industrial environments for a better adequacy of the scores given.

 

Imagen decorativa Avisos
Blog posted on 28/09/2023

In recent decades, the need to control processes remotely to improve efficiency, productivity and accelerate decision making on industrial systems has led to the interconnection of operation technologies (OT) with information technologies (IT). This interconnection has given rise to a number of security risks in industrial control systems, and to meet these challenges, specific tools and technologies have been developed and adapted to help ensure cybersecurity in industrial environments. One such tool is the Security Operations Center (SOC).

In this article we will focus on the importance of advanced monitoring in a SOC OT.
 

Go top