Escudo de la República de Colombia Escudo de la República de Colombia
Periódico UNAL

Resultados de Búsqueda:

Periódico UNAL
Software “bridge” could protect companies from cyberattacks

The crisis produced by the pandemic triggered a considerable increase of cyberattacks in the world and the manner as they are carried out. CyberEdge’s eighth-annual Cyberthreat Defense Report showed that in 2020, 86% of the organizations endured a successful attack.

Also, AV-Test, an independent IT-Security institute that assesses and qualifies software antiviruses says that up to November of 2020 there were close to 113 million cyberthreats, or close to 309.000 a day.

14 years ago, a research projects headed by Universidad de Maryland A. James Clark School of Engineering Assistant Professor Michel Cukier, was one of the first to assess that cybercriminals or computer crackers attack computer and networks every 39 second on average.

UNal Manufacturing, Automatization, and Mechatronic Lab (DIMA-UN) Professor Gabriel José Mañana Guichón, says “most attacks are not made public because they draw attention to company protection policies, impacting their standing”.

According to these organizations, theft, data kidnapping or ransomware, extorsion were the main actions carried out by cybercriminals. One of the most prominent cases was the attack on British finance software company Finastra that services 90 to 100 of the most important banks in the world. Instead of paying ransom for data kidnapping, they decided to unregister thousands of servers and stop the attack from getting greater.

Read more The digital gap, the reflection of social inequality in the “Intelligent Bogotá” program.

Colombia among the countries with more cyberattacks

Although few cases get to the media, they are often to renown multinational companies, as Colombian companies are not exempt from cyberattacks.

In Augusts past, cybersecurity solutions and services company Kaspersky published the report, “Threat scenario in Latin America 2021 showed a 24% rise in cyberattacks in the region during the first eight months of the year compared to the same period of 2020.

“Home office and hacking are the main types of attacks both for consumers as for companies,” claims the report, which takes into account 20 most malicious programs and that are 728 million targeted attempts in the region, or close to 35 attacks per second.

Colombia is the firth Latin American country with more attacks (87 per minute), after Brazil, which leads the region with more than 1,390 infection attempts per minute, Mexico (299 per minute), Peru (96 per minute), and Ecuador (89 per minute).

It also showed an increase in targeted threats to companies. Comparing the first eight months of 2021 with the same period of the previous year, there was an increase in 78% of these types of attacks. Colombia holds second place with 1.8 million attempts after Brazil with 5 million attempts.

Professor Mañana emphasizes that, “although the attacks are carried out by people, they are not done manually, they are performed by malicious software with the purpose of finding cracks to penetrate the security of software systems.

“These software programs do not see of a company is large or small, if it is in Bogotá, Mumbai, or New York, or if it’s a car, ice cream or NASA, an embassy or the IRS, if it finds a hole it will penetrate and decide what to do with the vulnerability encountered,” he added.

Mañana heads of team of researchers that designed a new communication model or protocol that could offer greater security to companies that use automatic control over internet for process development. It is a system and procedure for the cell supervision and remote control in real time, patented by the SIC.

There system may be used in applications that require implementing processes such as home and building automation (domotics), management of autonomous human being transportation systems or remote medicine, where security is a crucial.

Equipment-tools shielded against cyberattacks

The expert says that in manufacturing plants people did all the operations, “one person drilled, another milled and yet another used a lathe…”; later they added a computer to make the machines work, so, “this was ‘secure’ because they managed it on a local network, isolated from the internet.”

Control and supervision processes of machine -tools are currently carried out through the internet. “Currently many machines are set to manufacture products or parts, drugs or complex aircraft or satellite components through the internet,” said the researcher.

This concept is known as “flexible manufacturing cell” which allows setting different actions with the same machines. However, as the control and supervision processes are carried out through the internet, they are vulnerable to cyberattacks, “if I want to send commands to a machine-tool it needs to be linked through a public IP address; therefore, I want to control this machine through the internet, I do not want other people to do it, and this is the solution we offer through our patent”.

 Architecture based on microservices

The proposed DIMA-UN architecture for supervision and control is based on implementing a set of microservices that work as an interface for any device (or service) part of your network: an IoT (Internet of Things) sensor (moisture, temperature, proximity, a robot in a production cell or a local database.)


The communication model works as a sort of intermediary or bridge, where both customers work with a private network and therefore cannot be targeted. This works thanks to the convergence of technologies such as WebSocket and databases in real time that allow implementing bidirectional faster and secure communication channels.

“General security of the system is increased significantly as this new communications model allows running servers with private IP addresses (non-routable.) This turns them into anonymous services, not publicly seen on the web and therefore non susceptible of being attacked”.

The model has been proved and validated at the DIMA UN flexible manufacturing cell laboratory. The manufacturing cell is comprised by a SCARA robot for controlling machine trajectories, a multi-axis machine-tool, a Gantry robot for moving and positioning parts, Motoman MH6 6° robotic arm, and tow AGV type mobile robots.

Speed data transmission measurement between an external client and the University campus and different machines of the manufacturing cell was carried out as s technological test showing that the system works effectively, allowing sending commands and receiving operation parameters from the involved machines.

Consejo Editorial