SlideShare a Scribd company logo

P04-AIDC-NAM-IDC04.pdf

S
ShyampratapSingh13

xxx

Law
1 of 33
Download to read offline
Cybersecurity Awareness Presentation www.cyberinflight.com • NAM/CAR AIDC • AIDC/NAM/ICD/4 ATM’s database cybersecurity By CyberInflight March 10, 2021 by Florent Rizzo florent.rizzo@cyberinflight.com Copyright © 2020 CyberInflight All rights reserved.
Cyber-threat landscape Copyright CyberInflight Market analysis Wrap ups & takeaways AIDC protocol and data security
About CyberInflight 3 Copyright CyberInflight About me • Founder of CyberInflight • Consultant & Market Analyst • Exp. French Civil Aviation (DGAC) • Exp. Inflight connectivity • Exp. Aerospace cybersecurity • A350 avionic development background • Involved in ANSPs protocol developments (RENAR-IP, FMTP, RWSL., space-based ADS-B… • Aerospace enthusiast ☺
The cyberthreat landscape Copyright CyberInflight
Global risk landscape 5 Copyright CyberInflight Global risk report 2020 from the World Economic Forum about the cyber-risks: Among the top-5 challenges for the world to face in the next 10-years Moving into the high impact/high likelihood quadrant Economic Environmental Geopolitical Societal Technological
Known date for the opening of data leak website or blog by the ransomware group Soar of darkweb blogs leaking corporate data 6 Copyright CyberInflight 2020 2019 Jan Jul Jan Jul CloP AKO Netwalker Maze Ragnar Sekhmet DoppelPaymer Nemty Snatch Revil/Sodinokibi Pisa Known date for starting operations by the ransomware group Acceleration in the creation of leak blogs by ransomware groups in the last 6 to 9 months
Example of unprotected aerospace databases (1/2) 7 Copyright CyberInflight 1. Web interface of a server from a stakeholder 2. The tick box allows to accept the Terms and Conditions 3. Ticking the box asks for a password. The website was recently secured in xxx 2020, for obvious reasons, as it was left open, without password before that date.
Example of unprotected aerospace databases (2/2) 8 Copyright CyberInflight 4. Display the code of the web page 5. Read the password in clear text ! 6. Use the password and the “continue” button appears
Cyberthreat on aerospace in 2019 9 Copyright CyberInflight Source EATM-CERT: based on 60 cases of cyber attacks perpetuated in 2019 (no data for November and December) CYBERATTACKS BY TARGET TYPE CYBERATTACKS BY REGION NUMBER OF CYBERATTACKS BY MONTH CYBERATTACKS BY TYPE OF ATTACK *Cyber-attack: no information is given to categorize the attack. It can results in data breach or disruption. * 60 publicly reported attacks in 2019
Cyberthreat on aerospace in 2020 1 0 Copyright CyberInflight Transavia data leak, Feb. 2020 Brussel Airline booking app. Hijacking, Mar. 2020 Cyberattack hits Alaskan airline RavnAir, Dec. 2019 New York Airport hit by cyber attack during Christmas, Dec. 2019 ST Engineering major ransomware attack, reported June 2020 Impersonation of aerospace companies on LinkedIn by a hacker group, June 2020 PAX information sold by Israeli flight attendant Reported: June 2020 San Francisco Airport data breach, Apr. 2020 Air transport and governments hits by cyberattacks, May 2020 Ransomware attack on NASA subcontractor, June 2020 Cyberattack on FlightRadar24, Sept. 2020 Iranian hackers aiming to steal aerospace satellite data Sept. 2020 Cyber attack grounds Transport Malta systems, Oct. 2020 Hackers attack Airport AWOS system. Sept 2020 Airlink international UAE leaked data. Oct 2020 United Airlines website flaw, Sept 2020 German IT company hit by ransomware. Sept. 2020 Cyberattack against Sarrebruck airport and the state holding company, Saar GmbH, Mar 2020 And others with indirectly related to aerospace… On the BLACK HAT side (public info.)
Copyright CyberInflight Cybercrime economy 12% CAGR Source Global Market Insights, Allied Market Research, Bromium Total airport revenues (2018) $161bn $821bn $1.5T CYBERCRIME DAMAGES TO THE WORLD ILLICIT PROFIT (2018) Source ACI, IATA $6T $3T 2015 2021 INDUSTRIES REVENUES IN PERPECTIVE Total airlines revenues (2018) Total cybercrime revenues (2018) 11
Cybersecurity principles to apply 100% SECURITY IS IMPOSSIBLE Security comes with a cost “The enemy knows the system” AN UNFAIR GAME Attacker has to win once Defenders always have to win PARETO’S LAW APPLIES Cost Protection level 20% of cybersecurity measures may cover 80% of cyberattacks KERCKHOFF’S PRINCIPLE A LAYERED APPROACH Security has to be set at different layers of a system A JEWEL WITH MANY FACTETS Financial Legal Regulatory Technical Organizational Cultural Cybersecurity is transversal and implies organizations at various levels Copyright CyberInflight 12
Trends from case-studies Based on case-studies of 19 cyberattacks Date: from 2014 to 2019 Victims: Airlines, airports, ANSPs, OEMs, suppliers Correlation between IMPACT and COMPLEXITY: - Low but existing correlation - Low and medium complexity attacks can trigger low, medium or high impact - High complexity attacks tends to trigger high impact Need to filter low complexity attacks with basic rules of cyber-hygiene. Correlation between IMPACT and PREPAREDNESS: - Strong correlation - The higher the level of preparedness the lower the impact - Investments in cybersecurity reduces the level of impact - Sophistication of cyberattacks is rising… Investments in cybersecurity are proving to be efficient. Copyright CyberInflight 13
APT groups interested in ANSP’s data Copyright CyberInflight 14 Suspected Attribution: Russia Aka: APT28, Sofacy Target: Aerospace, defense, energy, government, media Methods: Phishing messages and credential harvesting using spoofed websites. Registering domains that closely resemble domains of legitimate organizations. Suspected Attribution: Iran Aka: APT33, Elfin, Magnallium, Holmium Target: Espionage-oriented operations targeting nations and industries (aerospace, Defense, Energy, O&G) Methods: spoofing job postings for defense contractors, decoy job application, first taking an action (e.g. complete a CAPTCHA) that downloads additional PowerShell commands REFINED KITTEN HELIX KITTEN Suspected Attribution: Iran Target: organizations in the aerospace, energy, financial, government, hospitality and telecommunications Methods: thoroughly researched and structured spear-phishing messages, spear-phishing messages sent from compromised accounts of organizations to enhance credibility, backdoor implant, targeting telecommunications can also allow the adversary to be able to reroute communications to adversary-controlled infrastructure Suspected Iranian group targeting the aviation sector both military and commercial. Spear-phishing emails recruitment themed lures and contained links to malicious HTML Suspected Chinese group targeting Aerospace and Defense and Transportation companies. Adapted zero-day exploits for operations Suspected Chinese group targeting aerospace, and telecom firms, and governments. Spear phishing and access to victim’s networks through managed service providers. spear phishes have been relatively unsophisticated files with double extensions Source Fireeye, crowdstrike
Budget oriented approach Copyright CyberInflight
Evolution of airlines cybersecurity budget Copyright CyberInflight 16 bn IT BUDGET bn bn CYBERSECURITY BUDGET • Steady growth of global revenues • Significant growth of IT budget • Outstanding growth of cybersecurity budget Until the COVID crisis… • Catastrophic impact on global budget • IT and cybersecurity budget on hold Negative impact on companies’ cyberdefense mechanisms
Evolution of airports cybersecurity budget Copyright CyberInflight 17 EVOLUTION OF AIRPORTS REVENUES IT BUDGET CYBERSECURITY BUDGET • Airport revenues were more stable over the years than airline revenues • IT budget has been following a strong growth since 2016 • Seamless PAX experience • Automation • Cybersecurity budget have followed an outstanding growth rate: • CAGR of 35% since 2014
Evolution of airports cybersecurity budget Copyright CyberInflight 18 18 IT AND CYBER BUDGETS BUDGET RATIOS bn $1.5bn The cyber/IT ratio has reached almost 14% in 2019 Relatively good level of maturity from airport stakeholders
Phases in cybersecurity investment OBSERVED PHASES IN CYBERSECURITY INVESTMENTS • Similar to S-curves applied to cybersecurity investments from basics to consolidation to innovation. • Different items for cybersecurity investments: - Employee awareness and training - Regulatory compliance - Identity and access management - Network security - SOC - Threat intel. - Security framework - Cloud security - AI, blockchain, innovative technologies… Copyright CyberInflight 19
Cybersecurity budget split for airports Total $1.5bn CYBERSECURITY BUDGET SPLIT (2018 est.) • Airlines have started to seize the importance of cybersecurity training and awareness. Rightly the most important item in term of budget. • Regulatory compliance is one compulsory investment (for GDPR in particular). Regulations translates into increased spending to protect passenger data. Copyright CyberInflight 20
Airports’ budget forecast $m EVOLUTION OF CYBERSECURITY BUDGET • Airport cybersecurity spending is poised to grow in the next 10 years from $1.5bn in 2019 to more than $3.1bn in 2029, following a 7.6% CAGR • Cybersecurity already represents 12% of IT budgets in 2019 • Slower increase in cybersecurity budget compare to airline due to relatively higher maturity Copyright CyberInflight 21
AIDC protocol and data security Copyright CyberInflight
AIDC Protocol: ICAO Doc-4444 Copyright CyberInflight 23 The AIDC protocol allows to manage a wide range of key ATM data Aircraft related information Route related information Address, ID, type, SSR, COM NAV equipment, etc. ATS route info. , departure info., boundaries info., destination, flight level, distances, position, speed, type of flight, etc. The AIDC protocol uses specific message format and variable range The AIDC protocol was initially defined in the 9694 Manual released in 1999. The AIDC protocol uses specific operational sequences and states
AIDC Protocol: ICAO Doc-4444 Copyright CyberInflight 24 1.14 Regional adaptation of the AIDC application may be accomplished by mutual agreement. “It is not the intention that controllers see the messages, but their operational content is required to be displayed” In order to correctly link a response to an AIDC message with the original message, a reference to the original message is included in the response. 1.3.2 An AIDC message is composed of a message header and a sequence of fields of data. Each message shall contain all the mandatory fields and all relevant optional fields. 1.3.3 The message header contains a message identification, a time stamp (yyyymmddhhmmss) and a message sequence number. 1.12 The AIDC application will use the ATN to ensure that ATC data are exchanged in a reliable and timely manner between ATSUs.
AIDC Protocol: Ethical hacking approach for AIDC data Copyright CyberInflight 25 First reactions from an ethical hacking perspective may trigger the following reaction: - The protocol was initially defined in 1999. Although the ICAO documents are not related to the implementation of the protocol, there is no mention to any cybersecurity protection. - Operational content of the messages may be visible. A message modification could hinder the work of an air traffic controller. - A hacker could try to find flaws in AIDC operational sequences of messages (ex. of TCP sequence hacking and Man-in-the-middle attack) - The implementation of the protocol may be subject to regional adaptation with mutual agreement. This may result in disparities in the implementation of the protocol and various level of security. - Alternative attack could try to attempt to modify timestamps as the AIDC exchanges should happen in a timely manner. - The use of optional field is sometimes use by hackers to trigger potential flaws (ex. of attacks on the BCBP boarding pass protocol and usage of optional fields). Is there any checksum or any security related fields? The current context of cybersecurity threat would require to make sure these questions are answered.
General approach for database security Copyright CyberInflight 26 Every attack comes down to a loss of one or more of these factors Data security is based on the CIA tried Only authorized users and processes should be able to access or modify data Data should be maintained in a correct state and nobody should be able to improperly modify it, either accidentally or maliciously Authorized users should be able to access data whenever they need to do so Ex. of attack: data breach, leak, exfiltration, espionage, APT, eavesdropping, man-in- the-middle etc. Ex. of attack: interception, manipulation, data compromision, MITM, encryption, ransomware, etc. Ex. of attack: Denial of Service, DDOS (distributed), protocol sequence attack, NTP attack (timestamp),
Cybersecurity basics for databases (based on national security agency guidelines) Copyright CyberInflight 27 INFRASTRUCTURE ISOLATION ATM world is already used to isolation of sensitive information. The degree of isolation should be clearly defined. Keep in mind that air-gap networks can still get infected… Ex #1. of avionics equipment update Ex #2. ANSP data infected through finance or HR network Ex #3. Risk link to cloud infrastructure DATA MAPPING & TAGGING Identification and categorization of data. A mapping allows to have a clear view of your set of data and to know exactly how widely they can be spread. A technical inventory of accesses will help to draw potential attack scenarios. ENCRYPTION Encryption of data based on a set of parameters: sensitivity, usage, performance, volume, lifetime, spread etc. Encryption allows avoiding the publication of confidential data by ransomware groups on the Dark Web. Ex. Bombardier, Embraer, ST Engineering etc. BACKUP & LOGGING The simplest way to retrieve data encrypted by a ransomware. Frequency and scope of backups to be clearly defined. Efficient logs can allow to detect suspicious activities early. Among other solutions: Authentication, SOC, SIEM, threat intelligence, regulatory compliance, awareness & training, cloud security, AI, etc.
Defense Frameworks & Key Resources (1/2) Copyright CyberInflight 28 28 The NIST framework has been implemented by CANSO (cf. Cyber Security and Risk Assessment Guide) Developed by Lockheed Martin, the Cyber Kill Chain® framework is used to identify and prevent cyber intrusion activities. Swiss Cheese Model NIST Framework Frameworks for voluntary use, can be used by organizations in any sector or community regardless of size, degree of risk or sophistication To apply the principles and best practices of risk management Cyber Kill Chain MITRE Framework
Defense Frameworks & Key Resources (2/2) Copyright CyberInflight 29 Source CANSO The conversion of the combination of consequence and likelihood into a risk rating has been achieved by use of the following matrix. EXAMPLE OF CANSO CYBER SECURITY AND RISK ASSESSMENT GUIDE Perspective of the timeliness of the corrective action required. Consequence VS Likelihood Consequence VS Effort required to reduce risk A recently published guideline is the CANSO standard of Excellence in Cybersecurity report
Takeaways Copyright CyberInflight
Hats off to ICAO’s effort in cybersecurity Copyright CyberInflight 31 ICAO CYBERSECURITY INITIATIVES According to ICAO: • SARPS and guidance materials (Doc 8973) are considered high-level and there is an urgent need for more specific guidance that can be applied by States • Cybersecurity is a topic that should be included in the security culture through the training delivered to the staff of the air transport ecosystem • The establishment of a global trust framework would definitely improve safety and resilience of air traffic management and aircraft operations With the A40-10 resolution, ICAO has taken one of the most significant step toward a cybersecure airspace. Aviation Cybersecurity strategy Bucharest communique Declaration on cybersecurity in civil aviation ICAO Resolution A39-19 Mindmap of ICAO’s strategy available upon request
Information sharing remains key Copyright CyberInflight 32 CCTA (by French DGAC) Munich Airport Qatar CAA Airport Council DEFCON Aerospace Village Download full mind map at cyberinflight.com
Consulting & Strategic Advisory - Strategic partnership - Support to the CISO on cyber-strategy - Build communication supports for decision- makers - Market analysis of key topics and future trends - Go-to-market strategies analysis - Benchmarking of cybersecurity product - Interview campaigns, peers, identification of subject matter experts Would you be interested in a strategic report dedicated to the ATM ecosystem ? Topics tackled: trends, technology, budget, regulations, standards, insurance, threat intelligence, good practices, recommendations, geographical views & opinions etc. CyberInflight: How can we help you ? Our flagship strategic report Aerospace Cybersecurity Market Intelligence report, Edition 2020 Highly infographic and data oriented 127 pages contact me at florent.rizzo@cyberinflight.com Our Quarterly Digest Subscription Aerospace cybersecurity news Submit your topic of interest Get already published digests: cyber-insurance, dark web, regulatory landscape, retrospective of the year 2020 Awareness & training on aerospace cybersecurity Customized training for your staff Threat intelligence with aerospace case studies

Recommended

CYBER-THREAT-LANDSCAPE-2021.pdf
CYBER-THREAT-LANDSCAPE-2021.pdfCYBER-THREAT-LANDSCAPE-2021.pdf
CYBER-THREAT-LANDSCAPE-2021.pdfKrishna N
 
Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Vertex Holdings
 
Cybersecurity - Dominic Nessi, Former CIO, Los Angeles World Airports
Cybersecurity - Dominic Nessi, Former CIO, Los Angeles World AirportsCybersecurity - Dominic Nessi, Former CIO, Los Angeles World Airports
Cybersecurity - Dominic Nessi, Former CIO, Los Angeles World AirportsSITA
 
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptability
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and AdaptabilityPat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptability
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptabilityitnewsafrica
 
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationTop 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationPECB
 
Future Watch: Cybersecurity market in South Africa
Future Watch: Cybersecurity market in South Africa Future Watch: Cybersecurity market in South Africa
Future Watch: Cybersecurity market in South Africa Team Finland Future Watch
 
Cost of Cybercrime Study in Financial Services: 2019 Report
Cost of Cybercrime Study in Financial Services: 2019 ReportCost of Cybercrime Study in Financial Services: 2019 Report
Cost of Cybercrime Study in Financial Services: 2019 Reportaccenture
 
Meeting The Cyber Insurgency Threats From Neighbouring Countires01
Meeting The Cyber Insurgency Threats From Neighbouring Countires01Meeting The Cyber Insurgency Threats From Neighbouring Countires01
Meeting The Cyber Insurgency Threats From Neighbouring Countires01guest446b00
 

Recommended

CYBER-THREAT-LANDSCAPE-2021.pdf
CYBER-THREAT-LANDSCAPE-2021.pdfCYBER-THREAT-LANDSCAPE-2021.pdf
CYBER-THREAT-LANDSCAPE-2021.pdfKrishna N
 
Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Vertex Holdings
 
Cybersecurity - Dominic Nessi, Former CIO, Los Angeles World Airports
Cybersecurity - Dominic Nessi, Former CIO, Los Angeles World AirportsCybersecurity - Dominic Nessi, Former CIO, Los Angeles World Airports
Cybersecurity - Dominic Nessi, Former CIO, Los Angeles World AirportsSITA
 
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptability
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and AdaptabilityPat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptability
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptabilityitnewsafrica
 
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationTop 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationPECB
 
Future Watch: Cybersecurity market in South Africa
Future Watch: Cybersecurity market in South Africa Future Watch: Cybersecurity market in South Africa
Future Watch: Cybersecurity market in South Africa Team Finland Future Watch
 
Cost of Cybercrime Study in Financial Services: 2019 Report
Cost of Cybercrime Study in Financial Services: 2019 ReportCost of Cybercrime Study in Financial Services: 2019 Report
Cost of Cybercrime Study in Financial Services: 2019 Reportaccenture
 
Meeting The Cyber Insurgency Threats From Neighbouring Countires01
Meeting The Cyber Insurgency Threats From Neighbouring Countires01Meeting The Cyber Insurgency Threats From Neighbouring Countires01
Meeting The Cyber Insurgency Threats From Neighbouring Countires01guest446b00
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sectoritnewsafrica
 
Future of Cyber-security Economy
Future of Cyber-security EconomyFuture of Cyber-security Economy
Future of Cyber-security EconomyBehnaz Aria
 
2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEW2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEWSylvain Martinez
 
CII Whitepaper India Cyber Risk & Resilience Review 2018
CII Whitepaper India Cyber Risk & Resilience Review 2018CII Whitepaper India Cyber Risk & Resilience Review 2018
CII Whitepaper India Cyber Risk & Resilience Review 2018Confederation of Indian Industry
 
Whitepaper 2015 industry_drilldown_finance_en
Whitepaper 2015 industry_drilldown_finance_enWhitepaper 2015 industry_drilldown_finance_en
Whitepaper 2015 industry_drilldown_finance_enBankir_Ru
 
Ce hv8 module 13 hacking web applications
Ce hv8 module 13 hacking web applications Ce hv8 module 13 hacking web applications
Ce hv8 module 13 hacking web applications Mehrdad Jingoism
 
CSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew RosenquistCSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew RosenquistMatthew Rosenquist
 
Top 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew RosenquistTop 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew RosenquistMatthew Rosenquist
 
The 10 Fastest Growing Cyber Security Companies of 2017
The 10 Fastest Growing Cyber Security Companies of 2017The 10 Fastest Growing Cyber Security Companies of 2017
The 10 Fastest Growing Cyber Security Companies of 2017Insights success media and technology pvt ltd
 
0503 al achkar-jabbour_lebanese_univ_rev
0503 al achkar-jabbour_lebanese_univ_rev0503 al achkar-jabbour_lebanese_univ_rev
0503 al achkar-jabbour_lebanese_univ_revMona Al-achkar
 
The cyber insurance market in china report by daxue consulting asian risks
The cyber insurance market in china report by daxue consulting asian risksThe cyber insurance market in china report by daxue consulting asian risks
The cyber insurance market in china report by daxue consulting asian risksDaxue Consulting
 
Global Cyber Security Market: Insights & Forecast (2022-2026)
Global Cyber Security Market: Insights & Forecast (2022-2026)Global Cyber Security Market: Insights & Forecast (2022-2026)
Global Cyber Security Market: Insights & Forecast (2022-2026)Koncept Analytics
 
NETSCOUT Threat Intelligence Report 1H 2019: Cybercrime’s Innovation Machine
NETSCOUT Threat Intelligence Report 1H 2019: Cybercrime’s Innovation MachineNETSCOUT Threat Intelligence Report 1H 2019: Cybercrime’s Innovation Machine
NETSCOUT Threat Intelligence Report 1H 2019: Cybercrime’s Innovation MachineNETSCOUT
 
Commercial Real Estate - Cyber Risk 2020
Commercial Real Estate - Cyber Risk 2020Commercial Real Estate - Cyber Risk 2020
Commercial Real Estate - Cyber Risk 2020CBIZ, Inc.
 
IBM X-Force Threat Intelligence Index 2020
IBM X-Force Threat Intelligence Index 2020IBM X-Force Threat Intelligence Index 2020
IBM X-Force Threat Intelligence Index 2020mResearcher
 
As telcos go digital, cybersecurity risks intensify by pwc
As telcos go digital, cybersecurity risks intensify by pwcAs telcos go digital, cybersecurity risks intensify by pwc
As telcos go digital, cybersecurity risks intensify by pwcMert Akın
 
IRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET Journal
 
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...PECB
 
2022 Cybersecurity Predictions
2022 Cybersecurity Predictions2022 Cybersecurity Predictions
2022 Cybersecurity PredictionsMatthew Rosenquist
 
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT'sWSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT'sDr Lendy Spires
 
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书SD DS
 
POLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxPOLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxAbhishekchatterjee248859
 

More Related Content

Similar to P04-AIDC-NAM-IDC04.pdf

4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sectoritnewsafrica
 
Future of Cyber-security Economy
Future of Cyber-security EconomyFuture of Cyber-security Economy
Future of Cyber-security EconomyBehnaz Aria
 
2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEW2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEWSylvain Martinez
 
Whitepaper 2015 industry_drilldown_finance_en
Whitepaper 2015 industry_drilldown_finance_enWhitepaper 2015 industry_drilldown_finance_en
Whitepaper 2015 industry_drilldown_finance_enBankir_Ru
 
Ce hv8 module 13 hacking web applications
Ce hv8 module 13 hacking web applications Ce hv8 module 13 hacking web applications
Ce hv8 module 13 hacking web applications Mehrdad Jingoism
 
CSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew RosenquistCSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew RosenquistMatthew Rosenquist
 
Top 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew RosenquistTop 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew RosenquistMatthew Rosenquist
 
0503 al achkar-jabbour_lebanese_univ_rev
0503 al achkar-jabbour_lebanese_univ_rev0503 al achkar-jabbour_lebanese_univ_rev
0503 al achkar-jabbour_lebanese_univ_revMona Al-achkar
 
The cyber insurance market in china report by daxue consulting asian risks
The cyber insurance market in china report by daxue consulting asian risksThe cyber insurance market in china report by daxue consulting asian risks
The cyber insurance market in china report by daxue consulting asian risksDaxue Consulting
 
Global Cyber Security Market: Insights & Forecast (2022-2026)
Global Cyber Security Market: Insights & Forecast (2022-2026)Global Cyber Security Market: Insights & Forecast (2022-2026)
Global Cyber Security Market: Insights & Forecast (2022-2026)Koncept Analytics
 
NETSCOUT Threat Intelligence Report 1H 2019: Cybercrime’s Innovation Machine
NETSCOUT Threat Intelligence Report 1H 2019: Cybercrime’s Innovation MachineNETSCOUT Threat Intelligence Report 1H 2019: Cybercrime’s Innovation Machine
NETSCOUT Threat Intelligence Report 1H 2019: Cybercrime’s Innovation MachineNETSCOUT
 
Commercial Real Estate - Cyber Risk 2020
Commercial Real Estate - Cyber Risk 2020Commercial Real Estate - Cyber Risk 2020
Commercial Real Estate - Cyber Risk 2020CBIZ, Inc.
 
IBM X-Force Threat Intelligence Index 2020
IBM X-Force Threat Intelligence Index 2020IBM X-Force Threat Intelligence Index 2020
IBM X-Force Threat Intelligence Index 2020mResearcher
 
As telcos go digital, cybersecurity risks intensify by pwc
As telcos go digital, cybersecurity risks intensify by pwcAs telcos go digital, cybersecurity risks intensify by pwc
As telcos go digital, cybersecurity risks intensify by pwcMert Akın
 
IRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET Journal
 
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...PECB
 
2022 Cybersecurity Predictions
2022 Cybersecurity Predictions2022 Cybersecurity Predictions
2022 Cybersecurity PredictionsMatthew Rosenquist
 
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT'sWSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT'sDr Lendy Spires
 

Similar to P04-AIDC-NAM-IDC04.pdf (20)

4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
 
Future of Cyber-security Economy
Future of Cyber-security EconomyFuture of Cyber-security Economy
Future of Cyber-security Economy
 
2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEW2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEW
 
CII Whitepaper India Cyber Risk & Resilience Review 2018
CII Whitepaper India Cyber Risk & Resilience Review 2018CII Whitepaper India Cyber Risk & Resilience Review 2018
CII Whitepaper India Cyber Risk & Resilience Review 2018
 
Whitepaper 2015 industry_drilldown_finance_en
Whitepaper 2015 industry_drilldown_finance_enWhitepaper 2015 industry_drilldown_finance_en
Whitepaper 2015 industry_drilldown_finance_en
 
Ce hv8 module 13 hacking web applications
Ce hv8 module 13 hacking web applications Ce hv8 module 13 hacking web applications
Ce hv8 module 13 hacking web applications
 
CSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew RosenquistCSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew Rosenquist
 
Top 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew RosenquistTop 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew Rosenquist
 
The 10 Fastest Growing Cyber Security Companies of 2017
The 10 Fastest Growing Cyber Security Companies of 2017The 10 Fastest Growing Cyber Security Companies of 2017
The 10 Fastest Growing Cyber Security Companies of 2017
 
0503 al achkar-jabbour_lebanese_univ_rev
0503 al achkar-jabbour_lebanese_univ_rev0503 al achkar-jabbour_lebanese_univ_rev
0503 al achkar-jabbour_lebanese_univ_rev
 
The cyber insurance market in china report by daxue consulting asian risks
The cyber insurance market in china report by daxue consulting asian risksThe cyber insurance market in china report by daxue consulting asian risks
The cyber insurance market in china report by daxue consulting asian risks
 
Global Cyber Security Market: Insights & Forecast (2022-2026)
Global Cyber Security Market: Insights & Forecast (2022-2026)Global Cyber Security Market: Insights & Forecast (2022-2026)
Global Cyber Security Market: Insights & Forecast (2022-2026)
 
NETSCOUT Threat Intelligence Report 1H 2019: Cybercrime’s Innovation Machine
NETSCOUT Threat Intelligence Report 1H 2019: Cybercrime’s Innovation MachineNETSCOUT Threat Intelligence Report 1H 2019: Cybercrime’s Innovation Machine
NETSCOUT Threat Intelligence Report 1H 2019: Cybercrime’s Innovation Machine
 
Commercial Real Estate - Cyber Risk 2020
Commercial Real Estate - Cyber Risk 2020Commercial Real Estate - Cyber Risk 2020
Commercial Real Estate - Cyber Risk 2020
 
IBM X-Force Threat Intelligence Index 2020
IBM X-Force Threat Intelligence Index 2020IBM X-Force Threat Intelligence Index 2020
IBM X-Force Threat Intelligence Index 2020
 
As telcos go digital, cybersecurity risks intensify by pwc
As telcos go digital, cybersecurity risks intensify by pwcAs telcos go digital, cybersecurity risks intensify by pwc
As telcos go digital, cybersecurity risks intensify by pwc
 
IRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the Decade
 
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
 
2022 Cybersecurity Predictions
2022 Cybersecurity Predictions2022 Cybersecurity Predictions
2022 Cybersecurity Predictions
 
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT'sWSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
 

Recently uploaded

如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书SD DS
 
POLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxPOLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxAbhishekchatterjee248859
 
如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书 如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书Fir sss
 
如何办理澳洲南澳大学(UniSA)毕业证学位证书
如何办理澳洲南澳大学(UniSA)毕业证学位证书如何办理澳洲南澳大学(UniSA)毕业证学位证书
如何办理澳洲南澳大学(UniSA)毕业证学位证书Fir L
 
Arbitration, mediation and conciliation in India
Arbitration, mediation and conciliation in IndiaArbitration, mediation and conciliation in India
Arbitration, mediation and conciliation in IndiaNafiaNazim
 
如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书SD DS
 
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书Fs Las
 
如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书
如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书
如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书Fs Las
 
An Introduction guidance of the European Union Law 2020_EU Seminar 4.pptx
An Introduction guidance of the European Union Law 2020_EU Seminar 4.pptxAn Introduction guidance of the European Union Law 2020_EU Seminar 4.pptx
An Introduction guidance of the European Union Law 2020_EU Seminar 4.pptxKUHANARASARATNAM1
 
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书Fir L
 
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书FS LS
 
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书FS LS
 
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceLaw360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceMichael Cicero
 
Comparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesComparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesritwikv20
 
如何办理威斯康星大学密尔沃基分校毕业证学位证书
如何办理威斯康星大学密尔沃基分校毕业证学位证书 如何办理威斯康星大学密尔沃基分校毕业证学位证书
如何办理威斯康星大学密尔沃基分校毕业证学位证书Fir sss
 
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一st Las
 
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书SD DS
 
Key Factors That Influence Property Tax Rates
Key Factors That Influence Property Tax RatesKey Factors That Influence Property Tax Rates
Key Factors That Influence Property Tax RatesHome Tax Saver
 
Good Governance Practices for protection of Human Rights (Discuss Transparen...
Good Governance Practices for protection of Human Rights (Discuss Transparen...Good Governance Practices for protection of Human Rights (Discuss Transparen...
Good Governance Practices for protection of Human Rights (Discuss Transparen...shubhuc963
 

Recently uploaded (20)

如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
 
POLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxPOLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptx
 
如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书 如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书
 
如何办理澳洲南澳大学(UniSA)毕业证学位证书
如何办理澳洲南澳大学(UniSA)毕业证学位证书如何办理澳洲南澳大学(UniSA)毕业证学位证书
如何办理澳洲南澳大学(UniSA)毕业证学位证书
 
Arbitration, mediation and conciliation in India
Arbitration, mediation and conciliation in IndiaArbitration, mediation and conciliation in India
Arbitration, mediation and conciliation in India
 
如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书
 
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
 
如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书
如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书
如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书
 
An Introduction guidance of the European Union Law 2020_EU Seminar 4.pptx
An Introduction guidance of the European Union Law 2020_EU Seminar 4.pptxAn Introduction guidance of the European Union Law 2020_EU Seminar 4.pptx
An Introduction guidance of the European Union Law 2020_EU Seminar 4.pptx
 
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书
 
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书
 
Russian Call Girls Service Gomti Nagar \ 9548273370 Indian Call Girls Service...
Russian Call Girls Service Gomti Nagar \ 9548273370 Indian Call Girls Service...Russian Call Girls Service Gomti Nagar \ 9548273370 Indian Call Girls Service...
Russian Call Girls Service Gomti Nagar \ 9548273370 Indian Call Girls Service...
 
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书
 
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceLaw360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
 
Comparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesComparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use cases
 
如何办理威斯康星大学密尔沃基分校毕业证学位证书
如何办理威斯康星大学密尔沃基分校毕业证学位证书 如何办理威斯康星大学密尔沃基分校毕业证学位证书
如何办理威斯康星大学密尔沃基分校毕业证学位证书
 
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
 
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
 
Key Factors That Influence Property Tax Rates
Key Factors That Influence Property Tax RatesKey Factors That Influence Property Tax Rates
Key Factors That Influence Property Tax Rates
 
Good Governance Practices for protection of Human Rights (Discuss Transparen...
Good Governance Practices for protection of Human Rights (Discuss Transparen...Good Governance Practices for protection of Human Rights (Discuss Transparen...
Good Governance Practices for protection of Human Rights (Discuss Transparen...
 

P04-AIDC-NAM-IDC04.pdf

  • 1. Cybersecurity Awareness Presentation www.cyberinflight.com • NAM/CAR AIDC • AIDC/NAM/ICD/4 ATM’s database cybersecurity By CyberInflight March 10, 2021 by Florent Rizzo florent.rizzo@cyberinflight.com Copyright © 2020 CyberInflight All rights reserved.
  • 2. Cyber-threat landscape Copyright CyberInflight Market analysis Wrap ups & takeaways AIDC protocol and data security
  • 3. About CyberInflight 3 Copyright CyberInflight About me • Founder of CyberInflight • Consultant & Market Analyst • Exp. French Civil Aviation (DGAC) • Exp. Inflight connectivity • Exp. Aerospace cybersecurity • A350 avionic development background • Involved in ANSPs protocol developments (RENAR-IP, FMTP, RWSL., space-based ADS-B… • Aerospace enthusiast ☺
  • 5. Global risk landscape 5 Copyright CyberInflight Global risk report 2020 from the World Economic Forum about the cyber-risks: Among the top-5 challenges for the world to face in the next 10-years Moving into the high impact/high likelihood quadrant Economic Environmental Geopolitical Societal Technological
  • 6. Known date for the opening of data leak website or blog by the ransomware group Soar of darkweb blogs leaking corporate data 6 Copyright CyberInflight 2020 2019 Jan Jul Jan Jul CloP AKO Netwalker Maze Ragnar Sekhmet DoppelPaymer Nemty Snatch Revil/Sodinokibi Pisa Known date for starting operations by the ransomware group Acceleration in the creation of leak blogs by ransomware groups in the last 6 to 9 months
  • 7. Example of unprotected aerospace databases (1/2) 7 Copyright CyberInflight 1. Web interface of a server from a stakeholder 2. The tick box allows to accept the Terms and Conditions 3. Ticking the box asks for a password. The website was recently secured in xxx 2020, for obvious reasons, as it was left open, without password before that date.
  • 8. Example of unprotected aerospace databases (2/2) 8 Copyright CyberInflight 4. Display the code of the web page 5. Read the password in clear text ! 6. Use the password and the “continue” button appears
  • 9. Cyberthreat on aerospace in 2019 9 Copyright CyberInflight Source EATM-CERT: based on 60 cases of cyber attacks perpetuated in 2019 (no data for November and December) CYBERATTACKS BY TARGET TYPE CYBERATTACKS BY REGION NUMBER OF CYBERATTACKS BY MONTH CYBERATTACKS BY TYPE OF ATTACK *Cyber-attack: no information is given to categorize the attack. It can results in data breach or disruption. * 60 publicly reported attacks in 2019
  • 10. Cyberthreat on aerospace in 2020 1 0 Copyright CyberInflight Transavia data leak, Feb. 2020 Brussel Airline booking app. Hijacking, Mar. 2020 Cyberattack hits Alaskan airline RavnAir, Dec. 2019 New York Airport hit by cyber attack during Christmas, Dec. 2019 ST Engineering major ransomware attack, reported June 2020 Impersonation of aerospace companies on LinkedIn by a hacker group, June 2020 PAX information sold by Israeli flight attendant Reported: June 2020 San Francisco Airport data breach, Apr. 2020 Air transport and governments hits by cyberattacks, May 2020 Ransomware attack on NASA subcontractor, June 2020 Cyberattack on FlightRadar24, Sept. 2020 Iranian hackers aiming to steal aerospace satellite data Sept. 2020 Cyber attack grounds Transport Malta systems, Oct. 2020 Hackers attack Airport AWOS system. Sept 2020 Airlink international UAE leaked data. Oct 2020 United Airlines website flaw, Sept 2020 German IT company hit by ransomware. Sept. 2020 Cyberattack against Sarrebruck airport and the state holding company, Saar GmbH, Mar 2020 And others with indirectly related to aerospace… On the BLACK HAT side (public info.)
  • 11. Copyright CyberInflight Cybercrime economy 12% CAGR Source Global Market Insights, Allied Market Research, Bromium Total airport revenues (2018) $161bn $821bn $1.5T CYBERCRIME DAMAGES TO THE WORLD ILLICIT PROFIT (2018) Source ACI, IATA $6T $3T 2015 2021 INDUSTRIES REVENUES IN PERPECTIVE Total airlines revenues (2018) Total cybercrime revenues (2018) 11
  • 12. Cybersecurity principles to apply 100% SECURITY IS IMPOSSIBLE Security comes with a cost “The enemy knows the system” AN UNFAIR GAME Attacker has to win once Defenders always have to win PARETO’S LAW APPLIES Cost Protection level 20% of cybersecurity measures may cover 80% of cyberattacks KERCKHOFF’S PRINCIPLE A LAYERED APPROACH Security has to be set at different layers of a system A JEWEL WITH MANY FACTETS Financial Legal Regulatory Technical Organizational Cultural Cybersecurity is transversal and implies organizations at various levels Copyright CyberInflight 12
  • 13. Trends from case-studies Based on case-studies of 19 cyberattacks Date: from 2014 to 2019 Victims: Airlines, airports, ANSPs, OEMs, suppliers Correlation between IMPACT and COMPLEXITY: - Low but existing correlation - Low and medium complexity attacks can trigger low, medium or high impact - High complexity attacks tends to trigger high impact Need to filter low complexity attacks with basic rules of cyber-hygiene. Correlation between IMPACT and PREPAREDNESS: - Strong correlation - The higher the level of preparedness the lower the impact - Investments in cybersecurity reduces the level of impact - Sophistication of cyberattacks is rising… Investments in cybersecurity are proving to be efficient. Copyright CyberInflight 13
  • 14. APT groups interested in ANSP’s data Copyright CyberInflight 14 Suspected Attribution: Russia Aka: APT28, Sofacy Target: Aerospace, defense, energy, government, media Methods: Phishing messages and credential harvesting using spoofed websites. Registering domains that closely resemble domains of legitimate organizations. Suspected Attribution: Iran Aka: APT33, Elfin, Magnallium, Holmium Target: Espionage-oriented operations targeting nations and industries (aerospace, Defense, Energy, O&G) Methods: spoofing job postings for defense contractors, decoy job application, first taking an action (e.g. complete a CAPTCHA) that downloads additional PowerShell commands REFINED KITTEN HELIX KITTEN Suspected Attribution: Iran Target: organizations in the aerospace, energy, financial, government, hospitality and telecommunications Methods: thoroughly researched and structured spear-phishing messages, spear-phishing messages sent from compromised accounts of organizations to enhance credibility, backdoor implant, targeting telecommunications can also allow the adversary to be able to reroute communications to adversary-controlled infrastructure Suspected Iranian group targeting the aviation sector both military and commercial. Spear-phishing emails recruitment themed lures and contained links to malicious HTML Suspected Chinese group targeting Aerospace and Defense and Transportation companies. Adapted zero-day exploits for operations Suspected Chinese group targeting aerospace, and telecom firms, and governments. Spear phishing and access to victim’s networks through managed service providers. spear phishes have been relatively unsophisticated files with double extensions Source Fireeye, crowdstrike
  • 16. Evolution of airlines cybersecurity budget Copyright CyberInflight 16 bn IT BUDGET bn bn CYBERSECURITY BUDGET • Steady growth of global revenues • Significant growth of IT budget • Outstanding growth of cybersecurity budget Until the COVID crisis… • Catastrophic impact on global budget • IT and cybersecurity budget on hold Negative impact on companies’ cyberdefense mechanisms
  • 17. Evolution of airports cybersecurity budget Copyright CyberInflight 17 EVOLUTION OF AIRPORTS REVENUES IT BUDGET CYBERSECURITY BUDGET • Airport revenues were more stable over the years than airline revenues • IT budget has been following a strong growth since 2016 • Seamless PAX experience • Automation • Cybersecurity budget have followed an outstanding growth rate: • CAGR of 35% since 2014
  • 18. Evolution of airports cybersecurity budget Copyright CyberInflight 18 18 IT AND CYBER BUDGETS BUDGET RATIOS bn $1.5bn The cyber/IT ratio has reached almost 14% in 2019 Relatively good level of maturity from airport stakeholders
  • 19. Phases in cybersecurity investment OBSERVED PHASES IN CYBERSECURITY INVESTMENTS • Similar to S-curves applied to cybersecurity investments from basics to consolidation to innovation. • Different items for cybersecurity investments: - Employee awareness and training - Regulatory compliance - Identity and access management - Network security - SOC - Threat intel. - Security framework - Cloud security - AI, blockchain, innovative technologies… Copyright CyberInflight 19
  • 20. Cybersecurity budget split for airports Total $1.5bn CYBERSECURITY BUDGET SPLIT (2018 est.) • Airlines have started to seize the importance of cybersecurity training and awareness. Rightly the most important item in term of budget. • Regulatory compliance is one compulsory investment (for GDPR in particular). Regulations translates into increased spending to protect passenger data. Copyright CyberInflight 20
  • 21. Airports’ budget forecast $m EVOLUTION OF CYBERSECURITY BUDGET • Airport cybersecurity spending is poised to grow in the next 10 years from $1.5bn in 2019 to more than $3.1bn in 2029, following a 7.6% CAGR • Cybersecurity already represents 12% of IT budgets in 2019 • Slower increase in cybersecurity budget compare to airline due to relatively higher maturity Copyright CyberInflight 21
  • 22. AIDC protocol and data security Copyright CyberInflight
  • 23. AIDC Protocol: ICAO Doc-4444 Copyright CyberInflight 23 The AIDC protocol allows to manage a wide range of key ATM data Aircraft related information Route related information Address, ID, type, SSR, COM NAV equipment, etc. ATS route info. , departure info., boundaries info., destination, flight level, distances, position, speed, type of flight, etc. The AIDC protocol uses specific message format and variable range The AIDC protocol was initially defined in the 9694 Manual released in 1999. The AIDC protocol uses specific operational sequences and states
  • 24. AIDC Protocol: ICAO Doc-4444 Copyright CyberInflight 24 1.14 Regional adaptation of the AIDC application may be accomplished by mutual agreement. “It is not the intention that controllers see the messages, but their operational content is required to be displayed” In order to correctly link a response to an AIDC message with the original message, a reference to the original message is included in the response. 1.3.2 An AIDC message is composed of a message header and a sequence of fields of data. Each message shall contain all the mandatory fields and all relevant optional fields. 1.3.3 The message header contains a message identification, a time stamp (yyyymmddhhmmss) and a message sequence number. 1.12 The AIDC application will use the ATN to ensure that ATC data are exchanged in a reliable and timely manner between ATSUs.
  • 25. AIDC Protocol: Ethical hacking approach for AIDC data Copyright CyberInflight 25 First reactions from an ethical hacking perspective may trigger the following reaction: - The protocol was initially defined in 1999. Although the ICAO documents are not related to the implementation of the protocol, there is no mention to any cybersecurity protection. - Operational content of the messages may be visible. A message modification could hinder the work of an air traffic controller. - A hacker could try to find flaws in AIDC operational sequences of messages (ex. of TCP sequence hacking and Man-in-the-middle attack) - The implementation of the protocol may be subject to regional adaptation with mutual agreement. This may result in disparities in the implementation of the protocol and various level of security. - Alternative attack could try to attempt to modify timestamps as the AIDC exchanges should happen in a timely manner. - The use of optional field is sometimes use by hackers to trigger potential flaws (ex. of attacks on the BCBP boarding pass protocol and usage of optional fields). Is there any checksum or any security related fields? The current context of cybersecurity threat would require to make sure these questions are answered.
  • 26. General approach for database security Copyright CyberInflight 26 Every attack comes down to a loss of one or more of these factors Data security is based on the CIA tried Only authorized users and processes should be able to access or modify data Data should be maintained in a correct state and nobody should be able to improperly modify it, either accidentally or maliciously Authorized users should be able to access data whenever they need to do so Ex. of attack: data breach, leak, exfiltration, espionage, APT, eavesdropping, man-in- the-middle etc. Ex. of attack: interception, manipulation, data compromision, MITM, encryption, ransomware, etc. Ex. of attack: Denial of Service, DDOS (distributed), protocol sequence attack, NTP attack (timestamp),
  • 27. Cybersecurity basics for databases (based on national security agency guidelines) Copyright CyberInflight 27 INFRASTRUCTURE ISOLATION ATM world is already used to isolation of sensitive information. The degree of isolation should be clearly defined. Keep in mind that air-gap networks can still get infected… Ex #1. of avionics equipment update Ex #2. ANSP data infected through finance or HR network Ex #3. Risk link to cloud infrastructure DATA MAPPING & TAGGING Identification and categorization of data. A mapping allows to have a clear view of your set of data and to know exactly how widely they can be spread. A technical inventory of accesses will help to draw potential attack scenarios. ENCRYPTION Encryption of data based on a set of parameters: sensitivity, usage, performance, volume, lifetime, spread etc. Encryption allows avoiding the publication of confidential data by ransomware groups on the Dark Web. Ex. Bombardier, Embraer, ST Engineering etc. BACKUP & LOGGING The simplest way to retrieve data encrypted by a ransomware. Frequency and scope of backups to be clearly defined. Efficient logs can allow to detect suspicious activities early. Among other solutions: Authentication, SOC, SIEM, threat intelligence, regulatory compliance, awareness & training, cloud security, AI, etc.
  • 28. Defense Frameworks & Key Resources (1/2) Copyright CyberInflight 28 28 The NIST framework has been implemented by CANSO (cf. Cyber Security and Risk Assessment Guide) Developed by Lockheed Martin, the Cyber Kill Chain® framework is used to identify and prevent cyber intrusion activities. Swiss Cheese Model NIST Framework Frameworks for voluntary use, can be used by organizations in any sector or community regardless of size, degree of risk or sophistication To apply the principles and best practices of risk management Cyber Kill Chain MITRE Framework
  • 29. Defense Frameworks & Key Resources (2/2) Copyright CyberInflight 29 Source CANSO The conversion of the combination of consequence and likelihood into a risk rating has been achieved by use of the following matrix. EXAMPLE OF CANSO CYBER SECURITY AND RISK ASSESSMENT GUIDE Perspective of the timeliness of the corrective action required. Consequence VS Likelihood Consequence VS Effort required to reduce risk A recently published guideline is the CANSO standard of Excellence in Cybersecurity report
  • 31. Hats off to ICAO’s effort in cybersecurity Copyright CyberInflight 31 ICAO CYBERSECURITY INITIATIVES According to ICAO: • SARPS and guidance materials (Doc 8973) are considered high-level and there is an urgent need for more specific guidance that can be applied by States • Cybersecurity is a topic that should be included in the security culture through the training delivered to the staff of the air transport ecosystem • The establishment of a global trust framework would definitely improve safety and resilience of air traffic management and aircraft operations With the A40-10 resolution, ICAO has taken one of the most significant step toward a cybersecure airspace. Aviation Cybersecurity strategy Bucharest communique Declaration on cybersecurity in civil aviation ICAO Resolution A39-19 Mindmap of ICAO’s strategy available upon request
  • 32. Information sharing remains key Copyright CyberInflight 32 CCTA (by French DGAC) Munich Airport Qatar CAA Airport Council DEFCON Aerospace Village Download full mind map at cyberinflight.com
  • 33. Consulting & Strategic Advisory - Strategic partnership - Support to the CISO on cyber-strategy - Build communication supports for decision- makers - Market analysis of key topics and future trends - Go-to-market strategies analysis - Benchmarking of cybersecurity product - Interview campaigns, peers, identification of subject matter experts Would you be interested in a strategic report dedicated to the ATM ecosystem ? Topics tackled: trends, technology, budget, regulations, standards, insurance, threat intelligence, good practices, recommendations, geographical views & opinions etc. CyberInflight: How can we help you ? Our flagship strategic report Aerospace Cybersecurity Market Intelligence report, Edition 2020 Highly infographic and data oriented 127 pages contact me at florent.rizzo@cyberinflight.com Our Quarterly Digest Subscription Aerospace cybersecurity news Submit your topic of interest Get already published digests: cyber-insurance, dark web, regulatory landscape, retrospective of the year 2020 Awareness & training on aerospace cybersecurity Customized training for your staff Threat intelligence with aerospace case studies