Posts Tagged ‘airportcybersec’


[Government Security News] The FBI Cyber Division has warned that the Aviation industry is under continual cyber-attack. Advanced Persistent Threat (APT) actors have been sending successful spear-phishing e-mails targeting the aviation community.

The FBI assesses that APT actors target technology, best practices, and other proprietary information from victim businesses for theft.

GCR has appointed Andre Allen as its new information & cyber security manager; Allen will spearhead GCR’s Cyber Security Practice to deliver cost-effective cyber security solutions with a primary focus on the aviation industry, the company says.

Allen will lead an experienced team of certified project managers and developers, some with high level government security clearance.

Andre Allen

Andre Allen

GCR provides cyber security solutions to the aviation industry partly due to the experience the company has in providing technology solutions to large airports.

The Cyber Security Practice will leverage GCR’s security architecture, policies, technologies and processes to produce automated cyber security solutions.

GCR is currently implementing automated cyber security solutions at a major U.S. airport.

“GCR leveraged the existing partnership with the airport to collaboratively deliver cyber security solutions that address the needs and challenges faced in the aviation industry,” said Tim Walsh, director of Aviation Services for GCR.

“We are excited about having Andre on our team as he brings a wealth of information and cyber security knowledge, specifically having been an IT security leader at the NASA Johnson Space Center for the past 15 years.”


Government Security News
5th Aug, 2014


Advertisements

[World Bulletin] Cybersecurity researcher Ruben Santamarta says he has figured out how to hack the satellite communications equipment on passenger jets through their WiFi and in-flight entertainment systems – a claim that, if confirmed, could prompt a review of aircraft security.

“In theory, a hacker could use a plane’s onboard WiFi signal or inflight entertainment system to hack into its avionics equipment, potentially disrupting or modifying satellite communications”

Santamarta, a consultant with cybersecurity firm IOActive, is scheduled to lay out the technical details of his research at this week’s Black Hat hacking conference in Las Vegas, an annual convention where thousands of hackers and security experts meet to discuss emerging cyber threats and improve security measures.

His presentation on Thursday on vulnerabilities in satellite communications systems used in aerospace and other industries is expected to be one of the most widely watched at the conference. “These devices are wide open.

The goal of this talk is to help change that situation,” Santamarta, 32, told Reuters. The researcher said he discovered the vulnerabilities by “reverse engineering” – or decoding – highly specialized software known as firmware, used to operate communications equipment made by Cobham Plc, Harris Corp, EchoStar Corp’s Hughes Network Systems, Iridium Communications Inc and Japan Radio Co Ltd.

 

In theory, a hacker could use a plane’s onboard WiFi signal or inflight entertainment system to hack into its avionics equipment, potentially disrupting or modifying satellite communications, which could interfere with the aircraft’s navigation and safety systems, Santamarta said.

He acknowledged that his hacks have only been tested in controlled environments, such as IOActive’s Madrid laboratory, and they might be difficult to replicate in the real world.

Santamarta said he decided to go public to encourage manufacturers to fix what he saw as risky security flaws. Representatives for Cobham, Harris, Hughes and Iridium said they had reviewed Santamarta’s research and confirmed some of his findings, but downplayed the risks.

For instance, Cobham, whose Aviation 700 aircraft satellite communications equipment was the focus of Santamarta’s research, said it is not possible for hackers to use WiFi signals to interfere with critical systems that rely on satellite communications for navigation and safety.

The hackers must have physical access to Cobham’s equipment, according to Cobham spokesman Greg Caires. “In the aviation and maritime markets we serve, there are strict requirements restricting such access to authorized personnel only,” said Caires. A Japan Radio Co spokesman declined to comment, saying information on such vulnerabilities was not public.

Read the full story here…… 

 


World Bulletin 4th Aug, 2014