The Simple Network Management Protocol or SNMP, used in most industrial devices, went from an information exchange protocol related to device configuration to an actual configuration control protocol. Manufacturers add far too many functionalities for SNMP in their devices. These functionalities are often unknown by operators so they do not pay much attention to the hardening of this protocol.
Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.
Post related to: Industrial Control System
The architecture of our industrial control systems is not as static as it was some years ago. The adapting of new standards, or simply trying to improve the security of our industrial networks, creates the need to introduce one or various firewalls within our network. Thinking about having to change a network's architecture, the IP of our devices, tests, etc. when introducing a new firewall often leads to the bad decision to not install it. But, do we know about transparent firewalls and how they can be installed with almost no impact in our network? These solutions have advanced a lot in the industry and may be a true plus to our security.
The evolution of industrial systems towards an almost complete automation entails new challenges in communications. New functionalities acquired by the process, such as the use of digital relays to manage emergency interruptions, are transmitted by the communications network and this cannot fail. Given this need for zero tolerance to any failure, the redundancy offered by the HSR and PRP protocols can be a key factor.
Industry 4.0 integrates a large amount of devices used to provide the industrial processes with more intelligence. Among said devices we can find many different types of equipment such as drones or robots that perform specific tasks or tasks requiring precision. The use of these devices –quite well known nowadays– has certain implications for the security of control systems.
Remote accesses to control devices from networks outside the company are a major problem but, what about direct accesses made thanks to the accessibility of the device? This article explains the concept of hardware hacking and the hazards for the industry.
Alarm bells ringing again –a new malware threats industrial networks. After the attack suffered in Ukraine with BlackEnergy and the failures occurred at the beginning of the year, other new malware is added to the list of attackers of industrial control systems started by Stuxnet
Carrying out an intrusion test or vulnerability analysis in a control system can prove complex due to availability. This is where testbeds come into play. They reproduce production environments and can be of great assistance to researchers and security analysts
Virtualization is a technology that sooner or later will settle in the control systems, as was the case with corporate systems. The moment the impact that it may cause on the process is minimum and a proper security level may be guaranteed, it will be time to implement the virtualization of control systems.
Credentials can be described as the basic information required to access any device. Sharing and using privileged credentials within control systems is a common task that must be controlled to minimise potential exposure or leakage of information.
The installation of security tools may be complex sometimes due to different reasons: the complexity of the tool itself, the environment in which it is installed, the necessary settings, etc. This post shows how to implement an IDS solution and how to manage events in a centralised manner by means of an event manager for industrial control systems.