cyber security - nbaa · automated tools search for exploits in a network. used for launching...

Satcom Direct, Inc ©2015 All Rights Reserved.

Cyber security

Mark Mata – Training DirectorJosh Wheeler – Entry Into Service Director


Percent of CIO’s have beenattacked or expect one.

Percent of Millennials who haveviolated IT software policy.

Ransomware attacks in 2016.

Dollars in global ransomware damage projected for 2017.

Dollar cost of each stolen record.

Percent of professionals who identified phishing and socialengineering as the biggest security threat their organization.

Network Security

Data stealing or disruption of network systems is a critical issue.

Costs money, downtime and possible embarrassment to a company.

Some methods for stealing include:

Social engineering attacks

Theft of passwords and credentials

Spam

Malware


Network Security

Measures must be taken within all environments for data to be secure

Remote locations must follow the same policies set forth by a company

Users have a responsibility to help secure data

Being educated

Following policies

Knowledge of what you are connecting to.


Network Security

https://databreachcalculator.mybluemix.net/



What is a cyber-attack?


Attack

Intentional malicious action taken to exploit

vulnerabilities in computer applications or

network hardware without authorization.



Threat

An intentional or unintentional lurking event or action that could result in the violation of a security

policy, or procedures.


Network Security Risks

Vulnerabilities

Improperly configured or installed hardware or software.

Bugs in software or operating systems.

Poorly designed networks.

Poor physical security.

Insecure passwords.



Malware

Malware

Malware

Intentionally harmful software.

Can perform any level of negative or harmful functions.

Annoying pop-up ads, displaying distracting, harmless ads or jokes.

Silent observer capturing and sending confidential information to a hacker.

Fatal system corruption.

Almost any odd system behavior you notice could be attributable to malware.


Malware

Denial of Service (DoS)

Constant bombarding attacks on all device types to gain network access.

Automated tools

Search for exploits in a network.

Used for launching phishing emails.


Malware

Malware

Computer viruses

Malicious software which replicates itself.

Intent is to cause harm - delete files, steals resources, steals information.

Imbedded in files, software and email attachments.

Computer worms

Stand alone virus – not imbedded.

Spreads on the network or through email.


Malware

Malware

Trojans

Specifically meant to extract sensitive data.

Allows command and control via back door

access.

Spyware

Infects web browsers to record web behavior

and usage patterns.

Disguises as legitimate software.


Malware

Malware

Ransomware

Encrypts files until demand for payment is met.

Expensive and NO guarantee or decryption


Malware

Malware mitigation - Usage

End users should be familiar with the basic functions of their

devices.

Recognize strange behavior.

Ensure software need outweigh the risks.

Malware mitigation – Awareness

Verify URL’s before clicking.

Ensure email, USB drives, and applications are from trusted

sources.

Software may ask to install third-party software from untrusted

sources.



Social Engineering

Social Engineering

A psychological ploy intended to trick people to gain access or information.

Plays off people’s compassionate, trusting and pleasing nature.

Social engineering is the weakest link in all data security.

Reliance for security is on people to make smart decisions.

Attacks are made via several avenues

Phone

Internet

Email

In person


Social Engineering

The key to an attack is deception.

Most common method used for network intrusion.

Social engineering attackers attempts to trick victims into an abnormal act.

Divulge passwords.

Grant access to a secure area.


Social Engineering

Social engineers present themselves as a person of authority, trusted individual.

Keep you focused on their story to keep you from identifying warning signs.

Con Artists

Social engineering message lead users to believe they are useful or important.

Attackers take advantage of:

Fear

Greed

Sense of urgency

Desire to be helpful


Social Engineering

Intent of social engineering

Data theft

Usernames, passwords, credit card information, sensitive company data.

Data destruction

Focused on punishing or crippling infrastructure or records.

Financial gain

Political gain

“Fake news”, fabricated documents to destabilize, disrupt or sway.

Revenge

Reputation destruction


Social Engineering

Common types of social engineering attacks

Email – Phishing

Tailgating


Phone – Vishing

Social Engineering

Common types of social engineering attacks

Dumpster diving


Shoulder surfing

Whaling

Social Engineering

Vishing attack

Pushing her own story

Urgency

Person of authority


Social Engineering

Awareness

Be suspicious

Questions asked by people.

Sense of urgency, pressure, threat, hurried, confused

Surroundings

Do people belong?

Be aware of strangers.

Be aware of badges and require them.

Don’t fall for “I forgot my badge”.

Always close locked doors or gates behind you.

Be aware of who is over your shoulder.



Security Threats

Security Threats

Common types of network threats

Evil Twin/Rogue Access Points - Setup

a fake wireless network to capture data

Spear Phishing - Increased exposure

due to limited controls

Command and Control - Reduced

controls allows tools to call home

Advanced Persistent Threats (APT)


Security Threats

Secure Passwords


Security Threats

https://www.my1login.com/resources/password-strength-test/


An email which appears to be from a known

individual or business but is not

Typically targets a specific organization or group

Intent is to get credit card, bank account numbers,

passwords, trade secrets, etc. typically by clicking a link

to enter information

Increased exposure due to limited controls

End user (employee) can decide to click the rouge link

Security ThreatsS P E A R P H I S H I N G


Security ThreatsE V I L T W I N / R O G U E A C C E S S P O I N T S


A user may unknowingly associate with a rouge or fake wireless access point which has the same name

as the legitimate access point

The intent is to capture/steal data passing through the rouge access point

Security ThreatsC O M M A N D A N D C O N T R O L M A LW A R E


Malware gets unknowingly installed

Conducts a “call-home” to fetch updated and instructions from the Command and Control

servers.

Sends back stolen information

Security Threats

Example

Web browser add-ons are

inherently trusted by users and are

being targeted as vehicles for

installation of malware


Network Security RisksA D VA N C E D P E R S I S T E N T T H R E AT S ( A P T )

APT: a network attack in which a person gains

access to a network (through a variety of sources)

and resides undetected for an extended period of

time

Goal: steal data undetected vs. cause damage to the

network

Target: high-value sectors, such as national defense,

manufacturing and finance



SD Security Solutions

SD Security Solutions


Secure Network Solutions

Cyber Security Assessments

Secure Hosting Services

Professional Services

Security training – end user.

SD Security SolutionsS E C U R E N E T W O R K S O L U T I O N S


IT/Security groups treat the airborne Internet as P.I.

P.I. = Public Internet

Public = Untrusted

Why?

Lack of visibility

Lack of control

Harder to support

Not traditional IT

Fear

Untrusted = Insecure Trusted = Secure

www

SD Security SolutionsD E V I C E B A S E D V P N


A standard solution for Public Internet

Provides excellent security when used properly

Automatic or manual?

Can it be disabled?

What about mobile devices?

What about other devices?

The airplane router still uses a Public IP Address

Device VPNs secure the devices, not the cabin network

The cabin network is still on the Internet



Provide a secure network solution for the entire cabin including all devices.

Do not advertise the router IP address on the Internet.

Give IT/SEC ability to monitor and control all traffic similar to a branch office.

Be adaptable to meet corporate governance and compliance objectives.

Shift security responsibility from flight department/passenger to IT/SEC.



Highly redundant global network

SDR on the airplane

The SD Data Center

Professional Services

Industry leading support



Provides a platform to enable customer security.

Every solution is designed to meet requirements.

Flexible enough to meet specific demands.

Removes router from Public Internet.

All secure passenger traffic is routed privately to SD Data Center and/or customer Data Center.

Airplane cabin network can be classified as Trusted.



Corporate Security departments are overloaded

Most Cyber companies have no aviation experience

Identify risks and provide remediation

Evaluate internal cabin networks

Test external perspective

Review flight department applications

Investigate flight department network and hardware

Deliver actionable plan to improve security posture



Purpose-built data center with fully redundant systems

185 MPH wind rated structure

Ability to run long term on backup generator power

100% uptime since opening

On-site, in-house engineering staff

Multi-carrier Internet service

100% uptime since opening

SD Security SolutionsS D D ATA C E N T E R


SD Security SolutionsS D D ATA C E N T E R


Secure Colocation Services

Private Suites, Cages, Cabinets, Partial Cabinets

Secure Network Services

Interconnects, Firewalls, Monitoring, Logging

Secure Cloud Services

Private Cloud, Hybrid Cloud, Self or Fully Managed



SD has extensive expertise and experience in all areas of airborne and terrestrial

connectivity and IT

Gather and define requirements, solution design, implementation and support

Application installations and migrations

Migration of in-house applications to cloud hosting

Project based

Desktop support

SD Security SolutionsT R A I N I N G


CyberSAFE

End-user security training.

Identify and avoid threats.

Malware

Social engineering

Safe internet browsing.

Email

Social networking

Cloud services

Physical and network security.

cyber security - nbaa · automated tools search for exploits in a network. used for launching...

Documents