![Imagen de Avisos Imagen decorativa Avisos](/sites/default/files/contenidos/blog/portada_drdos_ard_0.jpg)
This post presents some lines of action that should be followed to deal with a DrDoS cyberattack based on the ARD protocol, describing in detail the prevention, identification and response phases to follow.
![Imagen de Avisos Imagen decorativa Avisos](/sites/default/files/contenidos/blog/ml_sci.jpg)
In recent years, the concept of machine learning has gained more prominence, mainly driven by advances in parallel computing capacity. More and more developments, applications and programs are using these algorithms to provide systems with greater security, intelligence and independence. However, it’s rarely used in industrial environments, although some recent tests and developments prove its effectiveness, including in the scope of detection and prediction of cyber attacks.
![Imagen de Avisos Imagen decorativa Avisos](/sites/default/files/contenidos/blog/portada_middlebox_ddos.jpg)
Weaknesses in TCP protocol implementation in middleboxes could provide a means to carry out distributed reflection denial-of-service (DrDoS) attacks against any target.
![Imagen de Avisos Imagen decorativa Avisos](/sites/default/files/blog/2023/Recuperar/imc_recuperar_portada.jpg)
It is necessary to protect the main business processes through a set of tasks that allow the organisation to recover from a major incident in a timeframe that does not compromise the continuity of its services. This ensures a planned response to any security breach.
![Imagen de Avisos Imagen decorativa Avisos](/sites/default/files/contenidos/blog/webinars.jpg)
With the aim of increasing cybersecurity knowledge, INCIBE-CERT has published a series of webinars in video format, so that, in a light and entertaining way, knowledge and technical aspects of cybersecurity can be expanded in various areas of interest, for both INCIBE-CERT's technical audience and anyone interested in cybersecurity.
![Imagen de Avisos Imagen decorativa Avisos](/sites/default/files/contenidos/blog/siem.jpg)
Today, it is common to find SIEM deployed in the IT infrastructures of all kinds of organisations, to be able to monitor and analyse security alerts in applications, systems, network devices, etc. However, though time and resources are being invested in industrial environments, it is still unresolved.
![Imagen de Avisos Imagen decorativa Avisos](/sites/default/files/contenidos/blog/monitorizando_sci.jpg)
Advances in security within control systems have brought us many of the security tools and services offered in IT for this environment. Until now, protection was based on reactive measures, acting only where there was evidence of the attack, but this trend changed with deployment of monitoring and the proactive defensive actions that this can provide.
![Imagen de Avisos Imagen decorativa Avisos](/sites/default/files/contenidos/blog/myd-224_img_blog_v1.png)
The IDS, IPS and SIEM are equipment originally designed for IT environments but whose adaptation to TO environments has been forced in recent years due to a proliferation of attacks on industrial environments.