The year 2016 has come to an end and once again we have witnessed an increase in the number of vulnerabilities published affecting control systems. Fortunately, companies are making greater efforts to prevent attacks and mitigate risks. The scenario for 2017 is similar to that of the past year.
Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.
Post related to: Industrial Control System
In the same way that a known character or image is reflected within an industry by feigning a happy face, advanced persistent threats exist and are often camouflaged through the phenomenon of pareidolia (they resemble something else) within industrial networks. But how can we spot these threats? And, above all, is it possible to pre-empt their malicious intentions?
The process of fulfilling an attack implies many previous stages before arriving to the visible stage of the attack, that is, to the moment when the security of a system, company or industry is compromised. The cyber kill chain describes all those previous stages and establishes preventive actions for each of them.
Today there is not a mobile phone on the planet that does not feature Bluetooth technology to connect to other wireless devices. To add to this, the emergence of the Industrial Internet of Things (IIoT) has generated multiple vectors of attack through this technology.
Wireless protocols are very easy to use in specific situations since they do not need a cable for communication. They often do not need one for power either as they work with batteries, but this also makes them the object of other attacks.
As Francis Bacon famously states: "knowledge is power," but what if, in addition to possessing an abundance of information, it could also be analysed quickly and efficiently? This will be one of the challenges facing Industrial Control Systems, where the processing of information in real time can provide major advantages.