Home / Segmented / Audit and consulting

Audit and consulting

This section provides content of interest to professionals who understand and audit legal and regulatory compliance in cybersecurity, risk management, internal policies management and compliance, or are responsible for internal training in cybersecurity.

Decorative image the great robotic crusade

The great robotic crusade

Posted on 03/27/2023, by INCIBE
Within the industrial world, there are some sectors such as robotics, which has evolver considerably. This has led to the need to update all the regulations and standards, both in terms of physical (safety) and cybersecurity. (security). Given that the robotics sector is and will increasingly become a highly technical sector with exponential growth, the need to update all documentation has been promoted by a large group of companies in the sector, which, above all, have focused their concerns on the cybersecurity of the industrial robotics world.
Tags: 
APT
Bastioning procedures
Cybercrime
Data protection
IIoT
Incident
Threats
Vulnerability
Imagen decorativa estudios de amenazas

Threat analysis study: LockBit

Posted on 03/23/2023, by INCIBE
En este estudio, se expone brevemente el origen y evolución de la amenaza ransomware LockBit 3.0, a través del análisis de varias muestras maliciosa, con el objetivo de facilitar la información necesaria para poder identificar las características propias de este malware, su comportamiento y técnicas empleadas, permitiendo así una mejor identificación y respuesta ante ella.
Tags: 
Antiforensic
Antivirus
Botnet
Cryptography
Cybercrime
DFIR
Forensics
Incident
Linux
Malware
Networking
Pentesting
Phishing
Reversing
Safe development
Social engineering
Studies & stats
Threat intelligence
Threats
Vulnerability
Windows
space satellite

ICS’S future is in the space

Posted on 03/20/2023, by INCIBE
There are areas where the deployment of an industrial plant requires satellite communications such as those provided by VSAT (Very-Small-Aperture Terminal) technology. This technology allows the exchange of information through an antenna made up of different terminals, installed in remote locations with the connection capacity of a central hub, thanks to a satellite. Obviously, this technology has a cost that not all companies can afford, but it covers coverage needs in places where there are no other communication options. This type of communications is not only widespread in the industry, but its also sometimes used by banks to perform banking transactions at ATM’s. These communications are not so well known by many experts in the industrial sector, and it can be a good opportunity to bridge the knowledge gap so that readers can learn more about the advantages and disadvantages of VSAT communications.
Tags: 
Critical infrastructures
Industrial Control System
Networking
Services deployment
Hacked screen detected

Tactics and techniques of the bad guys in SCI

Posted on 03/07/2023, by INCIBE
Industrial Control Systems (ICS) were initially designed to work in sealed environments and as stand-alone systems, interconnections between systems were scarce, as were safety protections. The constant evolutions in the field of ICS, including the inclusion of a large number of communication protocols, IIoT devices, the expansion of interconnections, an incessant search for interoperability between systems and the inclusion of these architectures in critical systems, has meant that the networks on which these industrial control systems, has meant that the networks on which these industrial control systems are built, also known as control networks, have increased their security exponentially.
Tags: 
Antiforensic
Best practices
Critical infrastructures
Cybercrime
DevOps
Incident
Industrial Control System
Malware
Phishing
Social engineering
Studies & stats
Threat intelligence
Threats
Virtualization
Windows
Decorative image red team sports

Red Team in mysterious waters

Posted on 02/16/2023, by INCIBE
The proliferation of cybersecurity incidents in industrial environments has given rise to a huge concern in the various existing sectors. Some of them, such us the energy sector, are choosing the path taking in the banking sector with the TIBER-EU framework. In addition, many governments are allocating large sums of money to their government agencies to develop strategic plans in which that exercises are included
Tags: 
APT
Bug hunting
Continuity
Critical infrastructures
Cybercrime
Data protection
Incident
Industrial protocol
Networking
Pentesting
Threat intelligence
Threats
Vulnerability
Factory drawing

Industroyer2, the ampere strikes back

Posted on 02/09/2023, by INCIBE
Confrontations between countries no longer only take place in the physical world, in this new decade, these confrontations also move to the cyber world. The conflict between Russia and Ukraine is one of the clearest examples. Among the events that have taken place is the security incident known as Industroyer2, which affected an electrical supplier in Ukraine. The Industroyer2 is the evolution of its predecessor, the malware known as Industroyer, which was able to affect multiple protocols of industrial control systems during its execution. This new variant of the malware focuses on a particular communications protocol, IEC-104, which is widely used in Europe and the Middle East to monitor and control the power system via the TCP/IP communications protocol.
Tags: 
APT
Bastioning procedures
Best practices
Continuity
Critical infrastructures
Cybercrime
Embedded systems
IIoT
Industrial protocol
SCADA
Smart Grid
Threats
Vulnerability
Windows
Image of a programmable logic controller

Secure programming techniques for PLC

Posted on 02/02/2023, by INCIBE
The programming of PLCs is a fundamental part of the initial phases when building and designing industrial plants. About that environment, the company will base all its operations in that environment making the configuration of these controllers a critical element. When it comes to programming these devices there are a series of steps and best practices that take advantage of the native functionalities available and that involve little or no need to resort to a PLC programmer, protecting the device in a simple way with minimum spend on resource.
Tags: 
Best practices
Firewall
HMI
IDS/IPS
IIoT
Industrial Control System
Industrial protocol
IoT
Policies
Safe development
SCADA
Services deployment
SIEM
Studies & stats
Threats
Virtualization
Vulnerability
Wireless
decorative image

Web-based virtual radars

Posted on 11/11/2022, by Víctor Rivero Díez (INCIBE)
Es tanta la información que se encuentra actualmente accesible para los usuarios en Internet, que aquella ofrecida por ciertas páginas web o aplicaciones en tiempo real puede resultar de especial preocupación en cuanto a su confidencialidad para ciertos sectores, dado que podría ser utilizada con fines malintencionados.
Tags: 
Critical infrastructures
Data protection
IIoT
IoT
Networking
OSINT
Threats
Context in the measurement of cyberresilience at the national level

Context in the measurement of cyberresilience indicators at the national level

Posted on 10/27/2022, by INCIBE
Organisations are exposed to the consequences of cyber threats, and may be ill-prepared to face and manage cyber incidents, whether provoked or unprovoked. For this reason, in 2014 INCIBE launched its Indicators for the Improvement of Cyber Resilience (IMC) model, with the aim of improving and understanding the state of cyber resilience in organisations.
Tags: 
Bastioning procedures
Best practices
Continuity
Critical infrastructures
Data protection
Policies
Safe development
Studies & stats
Threats
decorative image

Attacks on analog sensors in OT

Posted on 10/06/2022, by INCIBE
In order to increase security levels in OT networks, there are now solutions that monitor networks, devices and configurations, actively looking for anomalies and possible security flaws and intrusions that could take place. However, there are other types of attacks on ICS that are carried out on a completely different plane, where anomaly analysis systems can’t reach. These are attacks on analog sensors.
Tags: 
Critical infrastructures
HMI
IIoT
Industrial Control System
IoT
PLC
Services deployment
Threats

Pages