the cyber attack surface of the
play

The cyber attack surface of the aerospace industry Andy Davis, - PowerPoint PPT Presentation

Jul 08, 2023 •10 likes •310 views

The cyber attack surface of the aerospace industry Andy Davis, Transport Assurance Practice Director Global experts in cyber security & risk mitigation Agenda Space attack surface overview Attacks against terrestrial assets

  1. The cyber attack surface of the aerospace industry Andy Davis, Transport Assurance Practice Director

  2. Global experts in cyber security & risk mitigation

  3. Agenda • Space attack surface overview • Attacks against terrestrial assets • RF attacks • Using COTS products • Supply Chain attacks • Reducing the risks • Q&A

  4. Space Attack Surface Overview

  6. Attacks – Terrestrial Assets

  7. Ground Stations • Phishing attacks against employees • Access to workstations controlling satellites • Physical and network attacks: • March 2011: The theft of an unencrypted NASA notebook computer resulted in the loss of the algorithms used to command and control the International Space Station • By far the easiest way to attack space-based assets

  8. Attacks – DoS, Eavesdrop, Hijack, Spoof & Remote Control

  9. Denial of Service (jamming) • Preventing or degrading satellite services • Requirements: • Directed antenna • Target frequency knowledge • Appropriate transmit power level • Potential targets: • Satellite receiving an uplink • Ground station • User terminal receiving a downlink • Jamming the uplink requires more skill and power but the disruption can be significantly greater • “Smart” jamming could involve attacks against software-based radio technologies

  10. Real-world jamming attacks

  11. Eavesdrop (interception) • Intercepting data communicated via satellite • Attacks only require low cost COTS products: • Unauthorised satellite television viewing • Intercept satellite telephone conversations • Intercept Internet traffic • Unauthorised satellite imagery viewing • Data is often not even encrypted • Encrypting satellite signals can cause performance degradation

  12. Real-world Eavesdrop attacks

  13. Hijack (re-purpose) • Unauthorised use of a satellite to transmit the attacker’s signal, potentially manipulating legitimate traffic. • COTS products used for eavesdropping attacks can also potentially be used for hijacking. • Similar types of attack in the enterprise world: • Wi-Fi theft • Web page defacement • DNS cache poisoning

  14. Real-world Hijack attacks

  15. Spoofing – e.g. GPS • Virtual Teleportation • Spoof location – subtly or to extremes • Virtual Time Machine • Spoof date and time • Y2038 bug: 03:14:07 UTC on Tuesday, 19 January 2038 • Intelligent Jamming • Malformed ephemeris/almanac data • DoS attacks

  16. Real-world Spoofing attacks

  17. Control (manipulate) • Take control of the satellite to manipulate its systems, orientation or orbit • To control a satellite the attacker must breach the TT&C (Tracking, Telemetry and Control) links • Requires significant knowledge / skill level to achieve

  18. Real-world Control attacks

  19. The use of Commercial Off-The-Shelf (COTS) products

  20. Why COTS products? • Primarily cost - “I worked on a couple of what NASA considered small satellites costing 10 –200 million dollars. They’re not necessarily physically small, but they’re small in cost because normal satellites cost half a billion or billions of dollars.” - Will Marshall, CEO Planet Labs • COTS devices are attractive due to their relatively low power consumption and high processing performance • Plenty of available knowledge and expertise around the use of COTS products for systems development • Trade-off: Cost vs Reliability – depends on mission – fault tolerance through use of redundant components

  21. Brief history of COTS in space • 1970s: A group of highly-skilled aerospace researchers working at the University of Surrey, decided to experiment by creating a satellite using COTS components • 1980s: The University of Surrey launched UoSat-1 in 1981 with the help of NASA and the mission was a great success, outliving its planned three year life by more than five years. • 1990s: California Polytechnic State University (Cal Poly) and Stanford University developed the CubeSat specifications • 2000s: 386-based on-board computers running QNX used on the University of Surrey’s UoSat -12 • 2010s: “We’re seeing a lot of electronics – imaging technologies, radio technologies, navigation and GPS receivers, and other things we take for granted in our cellphones – moving into space designs.” - Aaron Q. Rogers, Johns Hopkins University Applied Physics Lab

  22. Automotive cyber security comparisons • Automotive COTS components now being used in satellites • Operating Systems such as QNX and Linux used for both applications • CAN Bus technology used in satellites • Attacker skillset well established in many technology areas already implemented in automotive

  23. COTS Operating Systems in space • In the 2018 CVE “Top 50”, Ubuntu Linux is number 3 (with only Android and Debian Linux higher) • With the rise of IoT attackers are looking for more interesting targets – embedded systems • Embedded systems mind-set: Security through obscurity • Increased risk of malware on-board satellites – incident response significantly more tricky!

  24. Supply Chain

  25. Supply chain attacks • Attacker Tools and Techniques • Chip-Off • Leaked Software/Tools/Schematics/Data • Third Party Tools • Open Source Research • Jailbreaking Community • Stolen Network Access • Vulnerabilities and Exploits • Common Components

  26. Risk Reduction

  27. SDL: Secure Development Lifecycle 1. Consider security in the design Secure Design Review / Advice 2. Understand what needs to be protected Threat Modelling 3. Model potential threats and risk assess 4. Ensure appropriate countermeasures Risk Assessment Don’t try to re -invent the wheel 5. Penetration Testing 6. Post implementation assessment & Code review Incident Response 7. Plan for security incidents in the future Planning Technical and Training at all stages Management Training

  28. Threat Modelling • Identify threats to a design • Examine interfaces and trust boundaries • Understand associated risks • Prioritise risks NCC Group Automotive Threat Modelling Template • Inform security test plans

  29. Reducing the risks - summary • An awareness of the risks needs to be raised with the right stakeholders • Satellite cyber security standards need to be developed with input from experts • Satellite manufacturers and their whole supply chain need to develop-in security from day one (Secure Development Lifecycle) – bolt-on solutions are never as effective and often very costly • Satellite technology must be independently security assessed to ensure that vulnerabilities haven’t been introduced during development or integration

  30. Questions? Europe +44 (0)161 209 5200 North America • Manchester - Head Office • Atlanta • Madrid TransportSecurity@nccgroup.trust • • Amsterdam Austin • Malmö www.nccgroup.trust/transport • • Basingstoke Boston • Milton Keynes • • Cambridge Chicago • Munich A global practice offering the full range of Cyber • • Cheltenham New York • Security and Assurance services to the Transport industry Vilnius • • Copenhagen San Francisco • Wetherby • • Edinburgh Seattle • Zurich Automotive • • Glasgow Sunnyvale Maritime Australia • Leatherhead • Sydney Canada • Leeds • Waterloo • London Asia • Aerospace Luxembourg • Singapore Middle East Rail • Dubai

Recommend

Current Trends in Cyber Security Course on Cyber Attack Detection & Mitigation Techniques

Current Trends in Cyber Security Course on Cyber Attack Detection & Mitigation Techniques

Current Trends in Cyber Security Course on Cyber Attack Detection & Mitigation Techniques (NIT-K) S. K. Pal Defence Research & Development Organization (DRDO) SAG, Metcalfe House, Delhi 27-Jul-2020 1 What is Cyberspace? Refers to

766 views • 17 slides
Attack on Traffic Systems These attack examples have happened in the past. We will take an

Attack on Traffic Systems These attack examples have happened in the past. We will take an

From start to finish how a cyber attack would be performed on traffic system, we will go over first day >> exploitation of the device >> the real-world aftermath. Mission Secure, Inc. Attack on Traffic Systems These attack examples

556 views • 18 slides
CYBER ATTACK ON YOUR UMBILICALS SUT YES CYBER SECURITY EVENT Andrea Kesterson | Change Manager

CYBER ATTACK ON YOUR UMBILICALS SUT YES CYBER SECURITY EVENT Andrea Kesterson | Change Manager

CYBER ATTACK ON YOUR UMBILICALS SUT YES CYBER SECURITY EVENT Andrea Kesterson | Change Manager Loai Khalayli | Operational Technology Engineer 25 May 2017 Disclaimer and important notice Outline Current, real and ever increasing threat

152 views • 11 slides
Important Examples of Cyber-Physical Systems Cyber-Physical Systems under Attack Models,

Important Examples of Cyber-Physical Systems Cyber-Physical Systems under Attack Models,

Important Examples of Cyber-Physical Systems Cyber-Physical Systems under Attack Models, Fundamental Limitations, and Monitor Design Fabio Pasqualetti Florian D orfler Francesco Bullo Center for Control, Dynamical systems and Computation

994 views • 11 slides
Wargames in the 5th Domain The next Pearl Harbor could very well be a cyber attack. - Leon

Wargames in the 5th Domain The next Pearl Harbor could very well be a cyber attack. - Leon

Wargames in the 5th Domain The next Pearl Harbor could very well be a cyber attack. - Leon Panetta, US Secretary of Defense The United States is fighting a cyber-war today, and we are losing. - Mike McConnell, former Director of

298 views • 28 slides
Cyber: Protect yourselves against the growing reality of a cyber- attack Dibble Clark M: +44

Cyber: Protect yourselves against the growing reality of a cyber- attack Dibble Clark M: +44

Cyber: Protect yourselves against the growing reality of a cyber- attack Dibble Clark M: +44 17917 623 068 T: +44 1684 878178 F: +44 1684 878171 dibble.clark@3sdl.com What is Cyber? Commercial in Confidence Policy in Action Commercial in

275 views • 25 slides
TCPDB.DAT case Archive file signatures Attack surface Attack vectors Defense Conclusions P A

TCPDB.DAT case Archive file signatures Attack surface Attack vectors Defense Conclusions P A

Introduction Motivation SAP compression algorithms Archive file programs SAP archive file formats CAR SAR v2.00 SAR v2.01 Relative/absolute paths TCPDB.DAT case Archive file signatures Attack surface Attack vectors

913 views • 49 slides
BinRec: Attack Surface Reduction Through Dynamic Binary Recovery Taddeus Kroes, Anil Altinay,

BinRec: Attack Surface Reduction Through Dynamic Binary Recovery Taddeus Kroes, Anil Altinay,

BinRec: Attack Surface Reduction Through Dynamic Binary Recovery Taddeus Kroes, Anil Altinay, Joseph Nash, Yeoul Na, Stijn Volckaert, Herbert Bos, Michael Franz, Cristiano Giuffrida October 19, 2018 Attack Surface Reduction x =

2.55k views • 62 slides
Identifying Attack Vectors Professor Larry Heimann Web Application Security Information Systems

Identifying Attack Vectors Professor Larry Heimann Web Application Security Information Systems

Identifying Attack Vectors Professor Larry Heimann Web Application Security Information Systems Nothing is in isolation Attack surface An attack surface is the total number of possible attack vectors Think of a house, with the

309 views • 15 slides
Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber

Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber

Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber Dependent crime examples of these offences are Distributed Denial of Service attack (DDOS), Account Compromise (hacking), Malware (virus) and

237 views • 7 slides
Cyber(space) Incidents 1 IS TV4 attack TV5Monde went black (2015)

Cyber(space) Incidents 1 IS TV4 attack TV5Monde went black (2015)

Cyber(space) Incidents 1 IS TV4 attack TV5Monde went black (2015) Heartbleed: Wikileaks Revelations worst vulnerability ever secret hacking tools: IoT (2014; in open SSL) (democratic control?, 2017)

715 views • 42 slides
Protecting UK Critical National Infrastructure from Cyber Attack Kevin T National Cyber Security

Protecting UK Critical National Infrastructure from Cyber Attack Kevin T National Cyber Security

Protecting UK Critical National Infrastructure from Cyber Attack Kevin T National Cyber Security Centre (NCSC) This information is exempt under the Freedom of Information Act 2000 (FOIA) and may be exempt under other UK information legislation.

197 views • 8 slides
Verify what? Navigating the Attack Surface Mark S. Miller, Google Formal Methods meets JavaScript

Verify what? Navigating the Attack Surface Mark S. Miller, Google Formal Methods meets JavaScript

Verify what? Navigating the Attack Surface Mark S. Miller, Google Formal Methods meets JavaScript Imperial College, March 2018 Risk as Attack Surface a Expected Risk: likelihood * damage Potential damage Likelihood of exploitable

592 views • 48 slides
AFIIA 2017 Cyber Attack Demonstration Overview of Information Security Information Security

AFIIA 2017 Cyber Attack Demonstration Overview of Information Security Information Security

5/30/2017 Presentation Outline Cyber Security - Safeguarding your IT Environment Cyber Attack Demonstration Overview of Information Security Situational Analysis of Current Attacks Wednesday, May 17, 2017 @ AFIIA Conference, 2017

498 views • 5 slides
Improving Cyber Resiliency using Intelligence-led Attack Simulations Vincent Yiu Who am I?

Improving Cyber Resiliency using Intelligence-led Attack Simulations Vincent Yiu Who am I?

Improving Cyber Resiliency using Intelligence-led Attack Simulations Vincent Yiu Who am I? @vysecurity Vincent Yiu vincent.yiu@syonsecurity.com Founder of SYON Security Offensive Operations including Adversary Simulaton and Penetration

344 views • 33 slides
Exploring the IoT attack surface Breaking || Liberating the brave new IoT world. doc.dr.sc.

Exploring the IoT attack surface Breaking || Liberating the brave new IoT world. doc.dr.sc.

Exploring the IoT attack surface Breaking || Liberating the brave new IoT world. doc.dr.sc. Tonimir Kiasondi Sponsored by http://iot.foi.hr Why should i listen to you and not go out for coffee? Well, IoT is the next big hotness

725 views • 55 slides
1 11/05/2016 18:35 Strong recovery in Q4 post cyber attack Lowest ever churn Flat net

1 11/05/2016 18:35 Strong recovery in Q4 post cyber attack Lowest ever churn Flat net

1 11/05/2016 18:35 Strong recovery in Q4 post cyber attack Lowest ever churn Flat net adds Strongest quarter of RGU growth +148k FY EBITDA 260m in line with guidance; material step up in H2 margin to 18.4% Reiterating FY17

651 views • 43 slides
Windows Metafiles An Analysis of the EMF Attack Surface & Recent Vulnerabilities Mateusz

Windows Metafiles An Analysis of the EMF Attack Surface & Recent Vulnerabilities Mateusz

Windows Metafiles An Analysis of the EMF Attack Surface & Recent Vulnerabilities Mateusz j00ru Jurczyk PacSec, Tokyo 2016 PS> whoami Project Zero @ Google Low-level security researcher with interest in all sorts of

1.62k views • 150 slides
on Cyber Security Presentation by Control Risks James Owen Partner, Cyber, EMEA William Brown

on Cyber Security Presentation by Control Risks James Owen Partner, Cyber, EMEA William Brown

The impact of Covid-19 on Cyber Security Presentation by Control Risks James Owen Partner, Cyber, EMEA William Brown Director, Cyber, Middle East 1 Control Risks Cyber attacks exploiting the pandemic Share of attack vector of organized

447 views • 10 slides
HSARPA Cyber Security Division Internet Measurement and Attack Modeling Project Active Internet

HSARPA Cyber Security Division Internet Measurement and Attack Modeling Project Active Internet

HSARPA Cyber Security Division Internet Measurement and Attack Modeling Project Active Internet Measurement Systems Workshop (AIMS) February 6-8, 2013 Ann Cox, PhD. Program Manager Cyber Security Division Homeland Security Advanced Research

545 views • 21 slides
Cyber Security J I L L S K L A R J A C K S O N C O U N T Y J U D G E C O U N T Y C O U R T

Cyber Security J I L L S K L A R J A C K S O N C O U N T Y J U D G E C O U N T Y C O U R T

Cyber Security J I L L S K L A R J A C K S O N C O U N T Y J U D G E C O U N T Y C O U R T A S S I S TA N T S T R A I N I N G C O N F E R E N C E , F E B R U A R Y 2 1 , 2 0 2 0 How Do Hackers Attack? Social Engineering Phishing,

1.13k views • 26 slides
ADROIT: Detecting Spatio-Temporal Correlated Attack-Stages in IoT Networks NUS-Singtel Cyber

ADROIT: Detecting Spatio-Temporal Correlated Attack-Stages in IoT Networks NUS-Singtel Cyber

ADROIT: Detecting Spatio-Temporal Correlated Attack-Stages in IoT Networks NUS-Singtel Cyber Security R&D Corp. Lab Dinil Mon Divakaran, Rhishi Pratap Singh, Kalupahana Liyanage Kushan Sudheera, Mohan Gurusamy, Vinay Sachidananda Context

745 views • 27 slides
Revolutionizing the Field of Grey-box Attack Surface Testing with Evolutionary Fuzzing Jared

Revolutionizing the Field of Grey-box Attack Surface Testing with Evolutionary Fuzzing Jared

Revolutionizing the Field of Grey-box Attack Surface Testing with Evolutionary Fuzzing Jared DeMott Dr. Richard Enbody @msu.edu Dr. William Punch Black Hat 2007 www.vdalabs.com VDA Labs, LLC Agenda Goals and previous works (1)

683 views • 54 slides
Cyber Intrusion Detection by Using Deep Neural Networks with Attack-sharing Loss IEEE DataCom

Cyber Intrusion Detection by Using Deep Neural Networks with Attack-sharing Loss IEEE DataCom

Cyber Intrusion Detection by Using Deep Neural Networks with Attack-sharing Loss IEEE DataCom 19 Boxiang Dong 1 Hui (Wendy) Wang 2 Aparna S. Varde 1 Dawei Li 1 Bharath K. Samanthula 1 Weifeng Sun 3 Liang Zhao 3 1 Montclair State University

476 views • 24 slides

More recommend