protocolo industrial

Contenido protocolo industrial

Blog posted on 28/12/2023

Second part of the Top 20 mitigations for industrial environments. This part will focus on mitigations related to network architecture, industrial protocols, network configuration and vulnerability scanning.

Blog posted on 21/12/2023

In the industrial world, there are a large number of systems, equipment, networks, areas, ducts, cloud environments, IT-OT environments, etc. In recent years, the number of attacks on industrial environments has been growing exponentially, and not only on purely industrial environments, but also on corporate environments that are connected to industrial environments. These IT environments being access points for attackers due to this IT/OT connectivity.

Blog posted on 02/11/2023

The automotive sector is currently moving towards electric consumption, as society is becoming more and more aware of the problems that environmental pollution can cause.

One of the big challenges of this trend is how to charge electric vehicles, for which charging points are currently used.

But like most of today's technological devices, they will also need to have access to an Internet connection in order to be able to monitor in real time the use of the station, the customer's banking information, etc.

For this reason, in this article we want to talk about the different risks or cyber-attacks that these charging points may suffer and the problems they may cause, as this is a very important sector for society and one that is capable of managing very sensitive information
 

Blog posted on 19/10/2023

The arrival of the new version of CVSS (Common Vulnerability Scoring System) covers some deficiencies related to the assessment of vulnerabilities in the industrial world. The introduction of changes in the way of scoring different vulnerabilities, the incorporation of new metrics for elements of the industrial world such as "Safety" or the service recovery of a device, are some of the new features introduced in version 4 of the CVSS.

This article will analyze the new features brought by version 4.0 and its increased accuracy when assessing vulnerabilities in industrial environments for a better adequacy of the scores given.

 

Blog posted on 28/09/2023

In recent decades, the need to control processes remotely to improve efficiency, productivity and accelerate decision making on industrial systems has led to the interconnection of operation technologies (OT) with information technologies (IT). This interconnection has given rise to a number of security risks in industrial control systems, and to meet these challenges, specific tools and technologies have been developed and adapted to help ensure cybersecurity in industrial environments. One such tool is the Security Operations Center (SOC).

In this article we will focus on the importance of advanced monitoring in a SOC OT.
 

Blog posted on 20/07/2023

When a security incident occurs in an ICS (Industrial Control System), depending on the severity of the incident, it can generate a serious problem, both at a productive and economic level, as well as in the security of the people working in the industrial system.
Therefore, in this article following the one entitled "Good practices for the recovery of industrial systems (I)", response plans will be discussed from a point of view oriented to current regulations, as well as their applications and necessity in critical industrial environments, such as the energy sector. 

Blog posted on 13/07/2023

When a security incident occurs in an ICS (Industrial Control System), depending on its severity, it can generate a serious problem, both at a productive and economic level, as well as in the security of the people working in the industrial system.
Therefore, in this first article of a series on this subject, we will explain precisely the recovery plans, some general guidelines for their development and some conclusions on the use and applicability of these plans.

Blog posted on 29/06/2023

In recent years, the constant technological evolution has made possible a large number of advances that would have been unthinkable years ago. In industrial environments, one of the latest developments that promises to stand out and is here to stay are virtual PLC.
The virtualization of these controllers will make it possible to decouple the hardware from the software, i.e. the software will be installed in the engineering stations, while the hardware will remain in another area outside the production area.

Blog posted on 15/06/2023

The Industrial Internet of Things (IIoT) has experienced considerable growth in recent years, providing crucial improvements. However, it also has some limitations in terms of consumption, security, cost or scalability. In this blog, we will see how the appearance of LoRaWAN in this area can solve part of those limitations.

Blog posted on 08/06/2023

A high percentage of devices developed for the industrial world have physical interfaces that allow secondary communications to be established. These communications allow the execution of important tasks such as the management of the devices themselves or changing the way they interact with industrial processes. Although in most cases it is necessary to have physical access to the device in order to use these interfaces, manipulation of the device through these interfaces allows attackers to manipulate the operation of the system without leaving any trace if there are no mechanisms to protect the asset from hardware hacking.
This article aims to show the most widespread physical interfaces in industrial devices and embedded systems in general. On the other hand, we want to show some attacks executed throughout history in the industrial world. These attacks, thanks to the physical manipulation of a device, have allowed attackers to achieve a great impact on the targeted industrial process