the cyber attack surface of the
play

The cyber attack surface of the aerospace industry Andy Davis, - PowerPoint PPT Presentation

Jul 08, 2023 •10 likes •310 views

The cyber attack surface of the aerospace industry Andy Davis, Transport Assurance Practice Director Global experts in cyber security & risk mitigation Agenda Space attack surface overview Attacks against terrestrial assets

  1. The cyber attack surface of the aerospace industry Andy Davis, Transport Assurance Practice Director

  2. Global experts in cyber security & risk mitigation

  3. Agenda • Space attack surface overview • Attacks against terrestrial assets • RF attacks • Using COTS products • Supply Chain attacks • Reducing the risks • Q&A

  4. Space Attack Surface Overview

  6. Attacks – Terrestrial Assets

  7. Ground Stations • Phishing attacks against employees • Access to workstations controlling satellites • Physical and network attacks: • March 2011: The theft of an unencrypted NASA notebook computer resulted in the loss of the algorithms used to command and control the International Space Station • By far the easiest way to attack space-based assets

  8. Attacks – DoS, Eavesdrop, Hijack, Spoof & Remote Control

  9. Denial of Service (jamming) • Preventing or degrading satellite services • Requirements: • Directed antenna • Target frequency knowledge • Appropriate transmit power level • Potential targets: • Satellite receiving an uplink • Ground station • User terminal receiving a downlink • Jamming the uplink requires more skill and power but the disruption can be significantly greater • “Smart” jamming could involve attacks against software-based radio technologies

  10. Real-world jamming attacks

  11. Eavesdrop (interception) • Intercepting data communicated via satellite • Attacks only require low cost COTS products: • Unauthorised satellite television viewing • Intercept satellite telephone conversations • Intercept Internet traffic • Unauthorised satellite imagery viewing • Data is often not even encrypted • Encrypting satellite signals can cause performance degradation

  12. Real-world Eavesdrop attacks

  13. Hijack (re-purpose) • Unauthorised use of a satellite to transmit the attacker’s signal, potentially manipulating legitimate traffic. • COTS products used for eavesdropping attacks can also potentially be used for hijacking. • Similar types of attack in the enterprise world: • Wi-Fi theft • Web page defacement • DNS cache poisoning

  14. Real-world Hijack attacks

  15. Spoofing – e.g. GPS • Virtual Teleportation • Spoof location – subtly or to extremes • Virtual Time Machine • Spoof date and time • Y2038 bug: 03:14:07 UTC on Tuesday, 19 January 2038 • Intelligent Jamming • Malformed ephemeris/almanac data • DoS attacks

  16. Real-world Spoofing attacks

  17. Control (manipulate) • Take control of the satellite to manipulate its systems, orientation or orbit • To control a satellite the attacker must breach the TT&C (Tracking, Telemetry and Control) links • Requires significant knowledge / skill level to achieve

  18. Real-world Control attacks

  19. The use of Commercial Off-The-Shelf (COTS) products

  20. Why COTS products? • Primarily cost - “I worked on a couple of what NASA considered small satellites costing 10 –200 million dollars. They’re not necessarily physically small, but they’re small in cost because normal satellites cost half a billion or billions of dollars.” - Will Marshall, CEO Planet Labs • COTS devices are attractive due to their relatively low power consumption and high processing performance • Plenty of available knowledge and expertise around the use of COTS products for systems development • Trade-off: Cost vs Reliability – depends on mission – fault tolerance through use of redundant components

  21. Brief history of COTS in space • 1970s: A group of highly-skilled aerospace researchers working at the University of Surrey, decided to experiment by creating a satellite using COTS components • 1980s: The University of Surrey launched UoSat-1 in 1981 with the help of NASA and the mission was a great success, outliving its planned three year life by more than five years. • 1990s: California Polytechnic State University (Cal Poly) and Stanford University developed the CubeSat specifications • 2000s: 386-based on-board computers running QNX used on the University of Surrey’s UoSat -12 • 2010s: “We’re seeing a lot of electronics – imaging technologies, radio technologies, navigation and GPS receivers, and other things we take for granted in our cellphones – moving into space designs.” - Aaron Q. Rogers, Johns Hopkins University Applied Physics Lab

  22. Automotive cyber security comparisons • Automotive COTS components now being used in satellites • Operating Systems such as QNX and Linux used for both applications • CAN Bus technology used in satellites • Attacker skillset well established in many technology areas already implemented in automotive

  23. COTS Operating Systems in space • In the 2018 CVE “Top 50”, Ubuntu Linux is number 3 (with only Android and Debian Linux higher) • With the rise of IoT attackers are looking for more interesting targets – embedded systems • Embedded systems mind-set: Security through obscurity • Increased risk of malware on-board satellites – incident response significantly more tricky!

  24. Supply Chain

  25. Supply chain attacks • Attacker Tools and Techniques • Chip-Off • Leaked Software/Tools/Schematics/Data • Third Party Tools • Open Source Research • Jailbreaking Community • Stolen Network Access • Vulnerabilities and Exploits • Common Components

  26. Risk Reduction

  27. SDL: Secure Development Lifecycle 1. Consider security in the design Secure Design Review / Advice 2. Understand what needs to be protected Threat Modelling 3. Model potential threats and risk assess 4. Ensure appropriate countermeasures Risk Assessment Don’t try to re -invent the wheel 5. Penetration Testing 6. Post implementation assessment & Code review Incident Response 7. Plan for security incidents in the future Planning Technical and Training at all stages Management Training

  28. Threat Modelling • Identify threats to a design • Examine interfaces and trust boundaries • Understand associated risks • Prioritise risks NCC Group Automotive Threat Modelling Template • Inform security test plans

  29. Reducing the risks - summary • An awareness of the risks needs to be raised with the right stakeholders • Satellite cyber security standards need to be developed with input from experts • Satellite manufacturers and their whole supply chain need to develop-in security from day one (Secure Development Lifecycle) – bolt-on solutions are never as effective and often very costly • Satellite technology must be independently security assessed to ensure that vulnerabilities haven’t been introduced during development or integration

  30. Questions? Europe +44 (0)161 209 5200 North America • Manchester - Head Office • Atlanta • Madrid TransportSecurity@nccgroup.trust • • Amsterdam Austin • Malmö www.nccgroup.trust/transport • • Basingstoke Boston • Milton Keynes • • Cambridge Chicago • Munich A global practice offering the full range of Cyber • • Cheltenham New York • Security and Assurance services to the Transport industry Vilnius • • Copenhagen San Francisco • Wetherby • • Edinburgh Seattle • Zurich Automotive • • Glasgow Sunnyvale Maritime Australia • Leatherhead • Sydney Canada • Leeds • Waterloo • London Asia • Aerospace Luxembourg • Singapore Middle East Rail • Dubai

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Current Trends in Cyber Security Course on Cyber Attack Detection & Mitigation Techniques

Current Trends in Cyber Security Course on Cyber Attack Detection & Mitigation Techniques

Current Trends in Cyber Security Course on Cyber Attack Detection & Mitigation Techniques (NIT-K) S. K. Pal Defence Research & Development Organization (DRDO) SAG, Metcalfe House, Delhi 27-Jul-2020 1 What is Cyberspace? Refers to

766 views • 17 slides
Attack on Traffic Systems These attack examples have happened in the past. We will take an

Attack on Traffic Systems These attack examples have happened in the past. We will take an

From start to finish how a cyber attack would be performed on traffic system, we will go over first day >> exploitation of the device >> the real-world aftermath. Mission Secure, Inc. Attack on Traffic Systems These attack examples

556 views • 18 slides
CYBER ATTACK ON YOUR UMBILICALS SUT YES CYBER SECURITY EVENT Andrea Kesterson | Change Manager

CYBER ATTACK ON YOUR UMBILICALS SUT YES CYBER SECURITY EVENT Andrea Kesterson | Change Manager

CYBER ATTACK ON YOUR UMBILICALS SUT YES CYBER SECURITY EVENT Andrea Kesterson | Change Manager Loai Khalayli | Operational Technology Engineer 25 May 2017 Disclaimer and important notice Outline Current, real and ever increasing threat

152 views • 11 slides
Important Examples of Cyber-Physical Systems Cyber-Physical Systems under Attack Models,

Important Examples of Cyber-Physical Systems Cyber-Physical Systems under Attack Models,

Important Examples of Cyber-Physical Systems Cyber-Physical Systems under Attack Models, Fundamental Limitations, and Monitor Design Fabio Pasqualetti Florian D orfler Francesco Bullo Center for Control, Dynamical systems and Computation

994 views • 11 slides
Wargames in the 5th Domain The next Pearl Harbor could very well be a cyber attack. - Leon

Wargames in the 5th Domain The next Pearl Harbor could very well be a cyber attack. - Leon

Wargames in the 5th Domain The next Pearl Harbor could very well be a cyber attack. - Leon Panetta, US Secretary of Defense The United States is fighting a cyber-war today, and we are losing. - Mike McConnell, former Director of

298 views • 28 slides
Cyber: Protect yourselves against the growing reality of a cyber- attack Dibble Clark M: +44

Cyber: Protect yourselves against the growing reality of a cyber- attack Dibble Clark M: +44

Cyber: Protect yourselves against the growing reality of a cyber- attack Dibble Clark M: +44 17917 623 068 T: +44 1684 878178 F: +44 1684 878171 dibble.clark@3sdl.com What is Cyber? Commercial in Confidence Policy in Action Commercial in

275 views • 25 slides
TCPDB.DAT case Archive file signatures Attack surface Attack vectors Defense Conclusions P A

TCPDB.DAT case Archive file signatures Attack surface Attack vectors Defense Conclusions P A

Introduction Motivation SAP compression algorithms Archive file programs SAP archive file formats CAR SAR v2.00 SAR v2.01 Relative/absolute paths TCPDB.DAT case Archive file signatures Attack surface Attack vectors

913 views • 49 slides
BinRec: Attack Surface Reduction Through Dynamic Binary Recovery Taddeus Kroes, Anil Altinay,

BinRec: Attack Surface Reduction Through Dynamic Binary Recovery Taddeus Kroes, Anil Altinay,

BinRec: Attack Surface Reduction Through Dynamic Binary Recovery Taddeus Kroes, Anil Altinay, Joseph Nash, Yeoul Na, Stijn Volckaert, Herbert Bos, Michael Franz, Cristiano Giuffrida October 19, 2018 Attack Surface Reduction x =

2.55k views • 62 slides
Identifying Attack Vectors Professor Larry Heimann Web Application Security Information Systems

Identifying Attack Vectors Professor Larry Heimann Web Application Security Information Systems

Identifying Attack Vectors Professor Larry Heimann Web Application Security Information Systems Nothing is in isolation Attack surface An attack surface is the total number of possible attack vectors Think of a house, with the

309 views • 15 slides
Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber

Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber

Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber Dependent crime examples of these offences are Distributed Denial of Service attack (DDOS), Account Compromise (hacking), Malware (virus) and

237 views • 7 slides
Cyber(space) Incidents 1 IS TV4 attack TV5Monde went black (2015)

Cyber(space) Incidents 1 IS TV4 attack TV5Monde went black (2015)

Cyber(space) Incidents 1 IS TV4 attack TV5Monde went black (2015) Heartbleed: Wikileaks Revelations worst vulnerability ever secret hacking tools: IoT (2014; in open SSL) (democratic control?, 2017)

715 views • 42 slides
Protecting UK Critical National Infrastructure from Cyber Attack Kevin T National Cyber Security

Protecting UK Critical National Infrastructure from Cyber Attack Kevin T National Cyber Security

Protecting UK Critical National Infrastructure from Cyber Attack Kevin T National Cyber Security Centre (NCSC) This information is exempt under the Freedom of Information Act 2000 (FOIA) and may be exempt under other UK information legislation.

197 views • 8 slides
Verify what? Navigating the Attack Surface Mark S. Miller, Google Formal Methods meets JavaScript

Verify what? Navigating the Attack Surface Mark S. Miller, Google Formal Methods meets JavaScript

Verify what? Navigating the Attack Surface Mark S. Miller, Google Formal Methods meets JavaScript Imperial College, March 2018 Risk as Attack Surface a Expected Risk: likelihood * damage Potential damage Likelihood of exploitable

592 views • 48 slides
AFIIA 2017 Cyber Attack Demonstration Overview of Information Security Information Security

AFIIA 2017 Cyber Attack Demonstration Overview of Information Security Information Security

5/30/2017 Presentation Outline Cyber Security - Safeguarding your IT Environment Cyber Attack Demonstration Overview of Information Security Situational Analysis of Current Attacks Wednesday, May 17, 2017 @ AFIIA Conference, 2017

498 views • 5 slides
Improving Cyber Resiliency using Intelligence-led Attack Simulations Vincent Yiu Who am I?

Improving Cyber Resiliency using Intelligence-led Attack Simulations Vincent Yiu Who am I?

Improving Cyber Resiliency using Intelligence-led Attack Simulations Vincent Yiu Who am I? @vysecurity Vincent Yiu vincent.yiu@syonsecurity.com Founder of SYON Security Offensive Operations including Adversary Simulaton and Penetration

344 views • 33 slides
Exploring the IoT attack surface Breaking || Liberating the brave new IoT world. doc.dr.sc.

Exploring the IoT attack surface Breaking || Liberating the brave new IoT world. doc.dr.sc.

Exploring the IoT attack surface Breaking || Liberating the brave new IoT world. doc.dr.sc. Tonimir Kiasondi Sponsored by http://iot.foi.hr Why should i listen to you and not go out for coffee? Well, IoT is the next big hotness

725 views • 55 slides
Achieving Quality Requirements with Reused Software Components: Challenges to Successful Reuse

Achieving Quality Requirements with Reused Software Components: Challenges to Successful Reuse

Achieving Quality Requirements with Reused Software Components: Challenges to Successful Reuse Second International Workshop on Models and Processes for the Evaluation of off-the-shelf Components (MPEC05) 21 May 2005 Donald Firesmith

586 views • 32 slides
Standards for SDR; a Canadian Perspective Steve Bernier Advanced Radio Systems, Communication

Standards for SDR; a Canadian Perspective Steve Bernier Advanced Radio Systems, Communication

Standards for SDR; a Canadian Perspective Steve Bernier Advanced Radio Systems, Communication Research Centre Canada December, 2007 1 Overview Overview of the Canadian market CRCs Perspective on SDR The SCA and its ecosystem

611 views • 31 slides
France Tlcom Orange roadshow in Tel Aviv Gervais Pellissier CEO Delegate & CFO June

France Tlcom Orange roadshow in Tel Aviv Gervais Pellissier CEO Delegate & CFO June

France Tlcom Orange roadshow in Tel Aviv Gervais Pellissier CEO Delegate & CFO June 2012 Agenda 1 introduction to France-Telecom Orange, one of the global leaders in Telecoms 2 a clear strategic and industrial vision 3

1.09k views • 57 slides
PRESENTATION Titre du document - Auteur - Date de diffusion - Niveau de classification (PUBLIC ou

PRESENTATION Titre du document - Auteur - Date de diffusion - Niveau de classification (PUBLIC ou

FULL-YEAR 2018 RESULTS 21 FEBRUARY 2019 PRESENTATION Titre du document - Auteur - Date de diffusion - Niveau de classification (PUBLIC ou INTERNE ou CONFIDENTIEL ou SECRET) This presentation contains forward-looking information and statements

914 views • 69 slides
Finnish Software Radio Programme Visa Tapio, Ari Pouttu, Matti Raustia University of Oulu/Centre

Finnish Software Radio Programme Visa Tapio, Ari Pouttu, Matti Raustia University of Oulu/Centre

Centre for Wireless Communications CWC Finnish Software Radio Programme Visa Tapio, Ari Pouttu, Matti Raustia University of Oulu/Centre for Wireless Communications P.O.Box 4500 Tutkijantie 2E FIN-90014 University of Oulu

575 views • 15 slides
Global Trade Compliance Due Diligence for Mergers, Acquisitions & Cross-Border Investment

Global Trade Compliance Due Diligence for Mergers, Acquisitions & Cross-Border Investment

MASSACHUSETTS EXPORT CENTER EXPORT EXPO DECEMBER 13, 2019 Global Trade Compliance Due Diligence for Mergers, Acquisitions & Cross-Border Investment Workshop Scenario Mass. Optics, Inc. is a Massachusetts optical lens manufacturer that

79 views • 5 slides
Visualizing Softw are Architecture w ith Off-The-Shelf Components Jie Ren, Richard Taylor

Visualizing Softw are Architecture w ith Off-The-Shelf Components Jie Ren, Richard Taylor

Visualizing Softw are Architecture w ith Off-The-Shelf Components Jie Ren, Richard Taylor Institute for Software Research University of California, Irvine Outline Overview Background Integrate off-the-shelf components

221 views • 20 slides
Virgin Galactic and TSC George Whitesides October 10, 2018 WhiteKnightTwo has flown 252 times 2

Virgin Galactic and TSC George Whitesides October 10, 2018 WhiteKnightTwo has flown 252 times 2

Virgin Galactic and TSC George Whitesides October 10, 2018 WhiteKnightTwo has flown 252 times 2 2 nd Supersonic, Rocket Powered Flight May 29, 2018 Third Supersonic, Rocket Powered Flight July 26, 2018 4 Spaceport Update Paving the

488 views • 9 slides

More recommend