Blog

The increase in industrial control systems and the shortcomings of those systems in cybersecurity measures have made such systems a preferred target of attacks. The number of tools designed to pose a threat to the OT sector has increased, and the use of the Incontroller tool is especially concerning.

PLCs, or Programmable Logic Controllers, have been part of industrial environments since the birth of automation. Given their evolution over time, thanks to greater intelligence, they have become a target of interest for potential attackers.

Es tanta la información que se encuentra actualmente accesible para los usuarios en Internet, que aquella ofrecida por ciertas páginas web o aplicaciones en tiempo real puede resultar de especial preocupación en cuanto a su confidencialidad para ciertos sectores, dado que podría ser utilizada con fines malintencionados.

Organisations are exposed to the consequences of cyber threats, and may be ill-prepared to face and manage cyber incidents, whether provoked or unprovoked. For this reason, in 2014 INCIBE launched its Indicators for the Improvement of Cyber Resilience (IMC) model, with the aim of improving and understanding the state of cyber resilience in organisations.

In order to increase security levels in OT networks, there are now solutions that monitor networks, devices and configurations, actively looking for anomalies and possible security flaws and intrusions that could take place. However, there are other types of attacks on ICS that are carried out on a completely different plane, where anomaly analysis systems can’t reach. These are attacks on analog sensors.

Nobelium es la denominación de Microsoft para un grupo de atacantes que, según la atribución llevada a cabo por la Agencia de Seguridad de Infraestructura y Ciberseguridad (CISA) de Estados Unidos, pertenecen al Servicio de Inteligencia Exterior (SRV) de Rusia. Este grupo criminal es conocido por el ataque a la cadena de suministro de SolarWinds, y una campaña masiva de phishing haciéndose pasar por una empresa de desarrollo estadounidense.

Demilitarized zones, also known as DMZs (demilitarized zones), are used for the secure exchange of information between computers on a network that we want to protect and an external network that needs to access those computers. DMZs are widely used in the IT sector and also in the OT sector, but the equipment and services they host are not exactly the same.

This post presents some lines of action that should be followed to deal with a DrDoS cyberattack based on the ARD protocol, describing in detail the prevention, identification and response phases to follow.

Although the use of black channel is associated with physical safety, it is also part of logical safety. Here we can see how the black channel intervenes in communications, its contribution, advantages, use cases and the differences between it and the white channel.