UMAS (Unified Messaging Application Services) is a Schneider Electric (SE) proprietary protocol used to configure and monitor Schneider Electric programmable logic controllers (PLCs). While it is true that the protocol is related to this manufacturer, the use of the protocol is quite widespread in different sectors, especially the energy sector, as is obvious.
The article will focus on the technical breakdown of the protocol and the use of the protocol. The article will also show weaknesses, strengths and some technical vulnerabilities detected in this protocol.
Today, rail transport is a key strategic sector, both for the transport of people and goods of all kinds. It is also a sector in constant evolution and progress, which has adopted new technologies, from Wi-Fi zones for employees and customers, to new remote distributed control technologies, GPS and IoT.
While all applied technologies provide many advantages, they can also bring problems and introduce cybersecurity risks. The objective of this article will be to raise awareness of some of the most important cyber-attacks that have occurred in the industry and to contribute to the general awareness of the evolution of railway cybersecurity and cyber-attack protection measures available to the industry.
En la actualidad, el sector industrial se ha convertido en uno de los blancos más frecuentes de los ciberdelincuentes. Convirtiendo el cibercrimen en uno de los principales riesgos del sector, ya que el objetivo preferido en las redes industriales son los equipos críticos que desempeñan un papel fundamental en el sistema. Por tanto, en este artículo, exploraremos las distintas fases y formas de un ciberincidente en un entorno industrial, para entender el riesgo que representan y como prevenirlos.
In the electricity sector, it has always been necessary to use robust communications that allow proper communication, since a failure in this sector would cause a large number of losses, both economic and social.
In addition, with the technological advances, it is important also to have secure communications since the electricity sector is one of the sectors that currently suffers the most cyber-attacks. For this reason, in recent years different robust and secure protocols have been created.
One of these protocols is DNP3, created mainly for the use of substation automation and control systems, for the electric utility industry, although it has now also been used for other sectors.
Finally, in this article we want to explain in more depth the operation of this protocol and the benefits or disadvantages of using this protocol.
CAPEC (Common Attack Pattern Enumeration and Classification) is a project that focuses on enumerating and classifying common attack patterns on computer systems and providing a systematic approach to understanding and addressing the tactics used by attackers. Like CWE (Common Weakness Enumeration), CAPEC is an initiative of the computer security community and is maintained by the National Institute of Standards and Technology (NIST) in the United States. Recently in version 3.9, the project has incorporated a number of attack patterns related to the industrial world.
This article aims to show the reader the use of these codes, such as those used at the identifier level in CVEs, CWEs, etc., and which are related to many of the jobs that are carried out on a daily basis in the industrial cybersecurity sector.
Currently, industrial infrastructures are suffering more attacks than ever before, and it is expected that attacks on these types of infrastructures will continue to grow exponentially in the coming years. This is why, throughout this article, an analysis will be made of a group of cybercriminals and their standard attack, showing how information can be obtained on the modus operandi, when and by what tactics and techniques they managed to attack an industrial infrastructure
The industrial environment, especially the energy sector, is one of sectors that is suffering the most from cyber-attacks. This trend has been increasing in recent years, as this is one of the most information-sensitive sectors and can cause major problems, both economically and socially.
One of the best examples of malware attacks is BlackEnergy. This malware became known for being able to compromise several electricity distributors on 23 December 2015, causing households in the Ivano-Frankvisk region of Ukraine (a population of around 1.5 million) to be without electricity.
For this reason, due to seriousness of this type of cyberattacks, it is necessary to continue researching and investing in industrial cybersecurity, to reduce the damage caused by this type of cyber-attack in industrial environments.
The OPC UA (OPC unified architecture) communication protocol is the most modern standard presented by OPC Foundation. Currently, the OPC UA protocol is one of the most widely used in industrial environments, due to its ability to interconnect different devices, regardless of their base protocol and vendor.
Throughout this article, a technical assessment of the protocol will be conducted, explaining in detail the technical capabilities that allow a high level of cybersecurity to be implemented without causing performance losses in the devices.
The security gaps and issues that exist within industrial environments are sometimes unknown to many information consumers. This article aims to bring first hand some of the most interesting issues and attack trends in 2023 in the industrial sector. Different industrial cybersecurity incidents so far this year will be described at a high level and a comparison will be made with the trend presented at the beginning of the year.