Blog

Botnet

White channel and black channel

Although the use of black channel is associated with physical safety, it is also part of logical safety. Here we can see how the black channel intervenes in communications, its contribution, advantages, use cases and the differences between it and the white channel.

Tags:

Industrial protocol

PLC

Services deployment

Machine learning in ICS

In recent years, the concept of machine learning has gained more prominence, mainly driven by advances in parallel computing capacity. More and more developments, applications and programs are using these algorithms to provide systems with greater security, intelligence and independence. However, it’s rarely used in industrial environments, although some recent tests and developments prove its effectiveness, including in the scope of detection and prediction of cyber attacks.

Tags:

IDS/IPS

Safe development

SCADA

Threat analysis study: Grandoreiro

Grandoreiro, also known as Delephant, is a banking trojan from South America, which has spread its operations to other regions, especially Europe, including Spain and Portugal. According to ESET researchers, it has been active since 2015, affecting countries in Latin America, mainly Brazil, where it was developed.

New DDoS attack vector: TCP Middlebox Reflection

TCP Middlebox Reflection: new DDoS attack vector

Weaknesses in TCP protocol implementation in middleboxes could provide a means to carry out distributed reflection denial-of-service (DrDoS) attacks against any target.

Tags:

Threats

Standard IEC 62443-4-2, the need to secure ISC components

IEC 62443-4-2, the need to secure components

The security of control systems can be threatened from different aspects, with the end device being the most important attack vector. With this in mind, the IEC, within the 62443 standard, wanted to emphasise devices by preparing a document exclusively concerning their security: IEC62443-4-2. This document contains different technical requirements to improve the security of the types of assets that can be found in a control system.

Tags:

Incident

DrDoS cyberattacks based on the SNMP protocol

This post presents some lines of action that should be followed to deal with a DrDoS cyberattack based on the SNMP protocol, describing in detail the prevention, identification and response phases to follow.

Tags:

Botnet

FAT and SAT tests on industrial devices

The continuity of the production process in businesses that require industrial automation depends more and more on the proper functioning, safety and reliability of the system of that composes it. Therefore, conducting tests of acceptance of its operation prior to its commissioning, is vital to ensure that the systems acquired meet the requirements set out in the contract between the company and the manufacturer.

Tags:

Cybersecurity measures from a global perspective

An adequate level of cybersecurity and cyberresilience is essential to keep assets safe from possible cyberattacks. This is why INCIBE-CERT has listed a set of measures and good practices that are valid for any need that affects cybersecurity.

Security level according to IEC 62443-3-3 in control systems

Security level according to IEC 62443-3-3 in Industrial Control Systems

Standard 62443 arose as a development the ISA 99 standard to fully cover security within control systems. Divided into several parts, each refers to different aspects related to security. The IEC 62443-3-3 standard refers to system security requirements and security levels.

Tags:

Incident