The security gaps and issues that exist within industrial environments are sometimes unknown to many information consumers. This article aims to bring first hand some of the most interesting issues and attack trends in 2023 in the industrial sector. Different industrial cybersecurity incidents so far this year will be described at a high level and a comparison will be made with the trend presented at the beginning of the year.
The Border Gateway Protocol (BGP) is fundamental to the functioning of the Internet as we know it, as it serves to route data flows along the optimal routes, through several different hops (or IPs). However, it was not designed with security by design, which opens the door to hijacking BGP-type threats.
Through these types of attacks, malicious actors can redirect traffic, causing data loss, such as in Man-in-the-Middle, among others. This article explores in depth these types of attacks, their impact, and the countermeasures available through mechanisms such as RPKI, IRR, and ROA.