Using the Calera OT tool

Posted on 19/09/2024, by
INCIBE (INCIBE)
Using the Calera OT tool cover
MITRE Caldera OT stands out mainly for being an open-source tool that allows the simulation of different cyber-attacks in industrial environments. This tool was created by MITRE and CISA (US Cybersecurity and Infrastructures Security Agency), as the experts saw the need to be able to improve and understand cybersecurity in industrial environments without using a high number of resources.In addition, this tool is designed to be used by both the Red Team and the Blue Team, allowing both teams to collaborate with each other to improve the level of cyber security in these environments.

Fuxnet: the malware that paralyzed ICS systems

Updated on 26/09/2024, by
INCIBE (INCIBE)
Portada de blog Fuxnet: El malware que paralizó sistemas SCI
The increasing development of malware targeting the industrial world has not halted its momentum in the slightest. Several research groups have detected a new malware called Fuxnet and are currently investigating its scope. This malware has the capability to send specific requests at the serial level, via RS485/MBus, executing floods to more than 87.000 assets, including control systems and integrated sensors deployed across different sectors. Among the infrastructures compromised by this malware, we find hospitals, airports and other critical infrastructures that provide essential services to the population.

ICS risk analysis

Updated on 12/09/2024, by
INCIBE (INCIBE)
Blog image Análisis de riesgos en SCI
In the era of interconnection and digitization, industrial control systems (ICS) are increasingly exposed to cyber threats. These systems are vital for energy production, manufacturing and critical infrastructure management, and their protection has become an essential priority.Risk analysis is fundamental in this context, as it allows identifying, assessing and prioritizing the risks that can affect ICS. This process, ranges from technical vulnerabilities to emerging threats, and is crucial for developing effective mitigation and protection strategies.In this article, the challenges and solutions related to risk analysis in ICS will be explored, as well as the importance of the IEC 62443-3-2 standard in this critical process.

Vulnerabilities

Check our database with information in Spanish about the latest documented and known vulnerabilities.

Vulnerabilities

Guides and studies

Advanced practical and theoretical content on cybersecurity for technicians.

Guides and studies

Service for operators

Set of services we offer for strategic operators.

Service for operators