Blog

Contenido Blog

Mitigating availability problems in the industry

Posted on 19/07/2018, by
INCIBE (INCIBE)
Problems in the industry
Given that availability is always a critical point to take into account for within industrial environments, it is necessary to prevent the attacks that denial of services cause and that affect these environments. The means of giving way to a denial of service can be diverse, much like the means of mitigating these problems. This article will review all of these points, as well as the way in which the risks derived from these attacks can be reduced.

Trends in the industry, improvements in cybersecurity

Posted on 12/07/2018, by
INCIBE (INCIBE)
Manufacturers have an essential role with regards improving the cybersecurity in their devices. These improvements will not only affect the devices, but rather they will also involve an improvement in the cybersecurity of industrial infrastructure where the new security provisions and functions that have the manufacturers' automation and control solutions (e.g. SCADA, PLC, etc.) are introduced.

Audits in Industrial Wireless Communication

Posted on 03/07/2018, by
INCIBE (INCIBE)
Industrial
The wireless protocols used in industrial environments for communication between devices are numerous are extensive, therefore ensuring these communications is vital for industrial process to function correctly. In this article, we'll look at the advantages of wireless communication audits and the disadvantages of not performing them.

Monitoring Networks and Events in SCIs: more Information, more Security

Posted on 28/06/2018, by
INCIBE (INCIBE)
decorative imageç
Advances in security within control systems have brought us many of the security tools and services offered in IT for this environment. Until now, protection was based on reactive measures, acting only where there was evidence of the attack, but this trend changed with deployment of monitoring and the proactive defensive actions that this can provide.

Zones and conduits, protecting our industrial network

Posted on 21/06/2018, by
INCIBE (INCIBE)
decorative image
The defence in depth and, especially, the definition of Zones and Conduits is a subject considered by many experts as a "theoretical" matter. However, with the help of this article, the user will understand its applicability by explaining the keys to approach the creation of Zones and Conduits, as well as the elements that come into play.
Etiquetas

Honeypot, a tool to know your enemy

Posted on 14/06/2018, by
INCIBE (INCIBE)
decorative image
Honeypots and their implementation in a network, known as a honeynet, are a powerful tool for defending your system and safely monitoring the attacks carried out against it. In this article we will detail what honeypots are, their implementation in OT environments, the advantages and disadvantages of their implementation in the system and the latest honeypots developed for industrial control systems.
Etiquetas

Understanding industrial network traffic, dissectors and Lua and Kaitai

Posted on 07/06/2018, by
INCIBE (INCIBE)
Understanding industrial network traffic, dissectors and Lua and Kaitai
Not only is the interpretation of network traffic crucial to analyse the safety and performance of a network structure, but also for other tasks, such as incident management, the optimisation of our network infrastructure or for didactic purposes. In order to do so, it is necessary to have dissectors that help separate each of the fields that make up a protocol, and allow them to be individually analysed.

Accessing Control Systems Securely: Two-Factor Authentication and Remote Access

Posted on 31/05/2018, by
INCIBE (INCIBE)
Accessing Control Systems Securely
From the point of view of cybersecurity, access to automation and industrial control systems is one of the most critical control points and that's why special care must be taken when it comes to applying access security and fortification policies. On occasions, it is necessary to carry out remote tasks such as, for example, maintenance, upgrading or device or application management work. Thus, external personnel outside our company may perform said tasks, including manufacturers, wholesalers or providers of services, making it necessary to protect these accesses from potential threats.
Etiquetas

You Report, They Act

Posted on 17/05/2018, by
INCIBE (INCIBE)
They Act
I have identified a vulnerability in a device within an industrial control system... Now what? This article provides the guidelines to be followed when a vulnerability within an industrial control system is detected, and the different phases of this process.