Blog

Contenido Blog

Threat analysis study: Hive

Posted on 20/12/2021, by
INCIBE (INCIBE)
imagen de estudios de amenazas
The malicious code of the ransomware known as ‘Hive’ represents a threat to all users, as it implements encryption functionalities on the information in an infected computer, making simple recovery of the data impossible. This threat attempts to use extortion to recover the information, demanding a payment and threatening publication of part of the stolen information on a blog through the network Tor if the payment is not forthcoming.

EVOLVE: organisations’ capacity to adapt and improve their services after a cyberattack

Posted on 25/11/2021, by
INCIBE (INCIBE)
CII: evolve measurement
All organisations must be prepared so that, after the impact of a cyberattack, it may change, improve and adapt its processes and services. For this reason, it is necessary to protect the main business processes using a set of tasks that allow the organisation to evolve after a serious incident to redesign its strategies and minimise the possible impact of future cyberattacks

RECOVER: the capacity of organizations to restore their services following a cyber-attack

Posted on 07/10/2021, by
INCIBE (INCIBE)
CII recover goal
It is necessary to protect the main business processes through a set of tasks that allow the organisation to recover from a major incident in a timeframe that does not compromise the continuity of its services. This ensures a planned response to any security breach.

Threat analysis study: Anatsa

Posted on 05/07/2021, by
INCIBE (INCIBE)
image of threat studies
Anatsa is a banking Trojan designed for Android devices that has become particularly relevant since its discovery in January 2021. Throughout the study, a detailed technical analysis of the threat is carried out using a sample of the malicious code in question to show how this malware behaves and the possibilities it offers.

Control of multicast requests in the IEC 61850 standard

Posted on 27/05/2021, by
INCIBE (INCIBE)
control of multicast requests in the IEC 61850 standard
In previous articles an introduction was given to the 61850 regulation and the different protocols of which it consists. As explained in those articles, the GOOSE and SV (Sample Values) protocols, included in the standard, use multicast frames. Security is very difficult to implement in this type of frame, but there are a number of measures that make possible to raise the security level.