Home / Blog / Filter / Blog
Subscribe to CERTSI - Blog RSS

Blog

Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.
Post related to: Critical infrastructures
dangers of drones in industrial settings

Dangers of drones in industrial settings

Posted on 01/21/2021, by INCIBE
The attacks on the Saudi Aramco oil refinery have highlighted the vulnerabilities of these plants against physical attacks using drones. There’s a wide variety of physical and cyber attacks that use drones, from launching explosives, to capturing images, invasion of privacy or taking screenshots of Wi-Fi traffic, so companies should take new defense measures in order to protect their assets
Sweyntooth: Bluetooth in the spotlight

SweynTooth: Bluetooth in the spotlight

Posted on 12/17/2020, by INCIBE
Wireless communications encompass a set of protocols that are widely used in some industrial sectors. In particular, building automation is based on these protocols, mainly using the BACNET and Lontalks protocols, but also making use of new ZigBee and Bluetooth based devices for IIoT. This article will provide information on SweynTooth, a set of vulnerabilities that affect Bluetooth technology.
cyberchallenges to security in industrial robotics

Cyberchallenges to security in industrial robotics

Posted on 11/19/2020, by INCIBE
Around 4 million robots are expected to be introduced in the area of industry over the next five years. This is on top of the evolution towards industry 4.0, in which industrial robotics is crucial, and which is now consolidated in any industrial process, from the manufacturing industry to any large-area warehouse. In that industrial transformation, barriers must be applied to ensure the integrity of the components and to prevent incidents in plants.
GOOSE

Security in the GOOSE protocol

Posted on 08/06/2020, by INCIBE
After the articles “IEC 61850 Standard, all for one and one for all” and “Multicast security in IEC 61850”, it is useful to add more information about the cybersecurity guidelines set out in the IEC 62351 standard with respect to the GOOSE protocol. An explanation will be made of the operation of the protocol, the weaknesses it presents and the appropriate security measures to protect it against possible attackers.
Spoofing jamming GNSS

Spoofing and jamming over GNSS

Posted on 07/09/2020, by Victor Rivero Díez (INCIBE)
GNSS (Global Navigation Satellite System) technology is deeply integrated into society to meet geolocation and time measurement needs; it is considered one of the most reliable and it is a critical element for certain industrial sectors. However, due to the advancement of the technology and its widespread use, GNSS are being compromised by cybercriminals.

Pages