The Modbus protocol, in its TCP version, was not developed with cybersecurity capabilities in its communications. For this reason, many researchers have studied the different possibilities that could be undertaken at the technical level to incorporate a security layer in it, giving rise to a new version of Modbus/TCP called secure Modbus/TCP, which will gradually begin to be implemented in industrial communications.
Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.
Post related to: Industrial Control System
Throughout the year 2019, we have worked on the detection, treatment and preparation of notices related to cybersecurity in industrial environments, classifying them based on the sector, manufacturer, criticality, etc. This article summarises this work and makes a brief prediction of the events that will take place in 2020.
Electric charging stations are increasingly used in urban furniture in cities. Electric cars and their need to be charged are a reality. Because of this, there is an increase in supply points that depend on specific protocols and communications for these stations.
Wireless networks are constantly evolving. As a result, 5G technology is born, continuing the roll-out of mobile phones and other associated services. This new technology is in an advanced stage of development and is already included in a multitude of next-generation devices. In fact, its deployment applied to mobile networks is already being done in numerous major cities in our country.
Today, it is common to find SIEM deployed in the IT infrastructures of all kinds of organisations, to be able to monitor and analyse security alerts in applications, systems, network devices, etc. However, though time and resources are being invested in industrial environments, it is still unresolved.
Perhaps, given the many important cybersecurity leaks and intrusions in recent years involving everything from social media accounts to critical infrastructure and classified military secrets, the attention paid to the Aurora vulnerability has not been proportional to its seriousness and systems affected. This is because it affects almost every electrical system in the world, and potentially any rotating equipment, whether it generates energy or is essential for an industrial or commercial installation. If the threat is so widespread, why isn’t the industry more worried and actively looking for solutions? From this article various possible reasons for this are given.
The main security standards and best practice guidelines in industrial cybersecurity include as a requirement the need for a user authentication system. The options involve implementations in each device of this system or being integrated into a centralised user authentication system. One of the most-used options is the use of the LDAP protocol, but there are a number of points to consider in the design phase, which are key when implementing a specific centralised user management system for industrial control systems, under LDAP.
In recent years there has been an increase in interconnectivity between devices thanks to the Internet of Things (IoT). This has affected all sectors, including industry, which has been involved in an era of connectivity of industrial devices. This concept is known as the Industrial Internet of Things (IIoT).
A BusyBox is software or a program that combines several functionalities in a small executable. This small tool was created for use in integrated operating systems with very limited resources, and they are usually used in control systems. But, as in all tools, you have to know what security level they have and if it can be improved.