cyber risks in the satellite industry · to resume takeaways ... farid nakhli created date:...
TRANSCRIPT
![Page 1: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/1.jpg)
0x70 Eric Bärenzung
Cyber risks in the satellite industry
![Page 2: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/2.jpg)
0x70 Eric Bärenzung
![Page 3: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/3.jpg)
0x70 Eric Bärenzung
A critical infrastructurefor many sectors
![Page 4: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/4.jpg)
0x70 Eric Bärenzung
A 36’000 km high overview
Partners / Suppliers / Customers
SatelliteOperator Ground
station
![Page 5: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/5.jpg)
0x70 Eric Bärenzung
Main threats
![Page 6: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/6.jpg)
0x70 Eric Bärenzung
Fraudulent usage
![Page 7: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/7.jpg)
0x70 Eric Bärenzung
Pay TV and Satellite Key Sharing
PayTVOperator Legal
SubscriberSubscriberusing illegaladditional rights
IllegalSubscriber
![Page 8: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/8.jpg)
0x70 Eric Bärenzung
Signal jamming
![Page 9: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/9.jpg)
0x70 Eric Bärenzung
Signal jamming
https://www.ebu.ch/contents/news/2012/10/ebu-deplores-middle-east-satelli.html
![Page 10: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/10.jpg)
0x70 Eric Bärenzung
In a ideal Operations mode
![Page 11: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/11.jpg)
0x70 Eric Bärenzung
Baikonour, we have a problem
Taking controlof the satellite
![Page 12: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/12.jpg)
0x70 Eric Bärenzung
To resumeProtecting and monitoring signal integrity is key!
![Page 13: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/13.jpg)
0x70 Eric Bärenzung
Then, as for any company…
Partners / Suppliers / Customers
Phishing
Malware
BYODBring Your Own Device
DDoSDistributed Denial
Of Services
Ransomware
![Page 14: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/14.jpg)
0x70 Eric Bärenzung
… but with special interests
Partners / Suppliers / Customers
Espionageincluding
• Office reconnaissance• IP mapping
• Social Engineering• Etc.
APT(Advanced Persitent Threat)
![Page 15: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/15.jpg)
0x70 Eric Bärenzung
Why hacking?Only few of the potential reasons
![Page 16: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/16.jpg)
0x70 Eric Bärenzung
Just for fun?!Sean Caffrey
UK citizen – 25 years old
• Ranks, usernames and email addresses of more than 800 users
• 30’000 satellite phoneshttp://www.nationalcrimeagency.gov.uk/news/1111-hacker-stole-satellite-data-from-us-department-of-defense
![Page 17: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/17.jpg)
0x70 Eric Bärenzung
Or « dreaming » to be a spy.
http://www.thedailybeast.com/wannabe-russian-spy-sentenced-to-five-years-in-prison
More info on:https://www.justice.gov/opa/pr/defense-contractor-employee-arrested-selling-satellite-secrets-undercover-agent-posing
49 years old
Information sold for 3’500 USD
US engineer enamored with spy dramas gets 5 years for trying to sell secrets to Foreign secret service agent
![Page 18: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/18.jpg)
0x70 Eric Bärenzung
Command and Control
![Page 19: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/19.jpg)
0x70 Eric Bärenzung
The standard way
�Find a way to install a malware/ransomware
C&C� Activate and control the malware
Hacker
You
ISPInternet Service
Provider
![Page 20: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/20.jpg)
0x70 Eric Bärenzung
« Easy » to stop
C&C� Ask ISP to take down
Domain / server
ISPInternet Service
Provider
(But you will have to do many times)
![Page 21: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/21.jpg)
0x70 Eric Bärenzung
Talking about Wannacry
Source: https://www.bluecatnetworks.com/blog/2017/05/17/dns-helped-stop-wannacry-ransomware-attack/More info on https://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html
Marcus Hutchins
Source: http://www.telegraph.co.uk/technology/2017/08/03/fbi-arrests-wannacry-hero-marcus-hutchins-las-vegas-reports/ Kronos
![Page 22: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/22.jpg)
0x70 Eric Bärenzung
Using satellite transmission
C&C
Internet
�The infected system calls « decoy » satellite subscribers
� Port / Service unknownÞ Invalid requestÞ Call droped
� C&C pretends to be« decoy » userÞ Call accepted
?
� Call broadcastedby the satellite
?
� C&C anwers to the attackedsystem acting as itwas the « decoy » user
� Malware sends back to C&C the hacked data
Source: https://securelist.com/satellite-turla-apt-command-and-control-in-the-sky/72081/
![Page 23: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/23.jpg)
0x70 Eric Bärenzung
Cybersecurity:A business opportunity
![Page 24: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/24.jpg)
0x70 Eric Bärenzung
Satellite industry startingto offer cyber security services
http://www.maritime-executive.com/article/inmarsat-unveils-cybersecurity-service
![Page 25: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/25.jpg)
0x70 Eric Bärenzung
The future?
• Quantum computing• a « hack-proof » communication system
Source: http://thehackernews.com/2017/08/quantum-satellite-data.html
![Page 26: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/26.jpg)
0x70 Eric Bärenzung
For Critical Infrastructure
Framework
https://www.nist.gov
![Page 27: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/27.jpg)
0x70 Eric Bärenzung
NIST Cybersecurity Framework
Identify Protect Detect Respond Recover
Access Control
Awareness & Training
Data Security
Info Protection Processes and
Procedures
Maintenance
Protective Technology
Asset Management
Business Environment
Governance
Risk Assesment
Risk ManagementStrategy
Anomalies & Events
Security ContinuousMonitoring
Detection Processes
Respond Planning
Communications
Analysis
Mitigation
Improvements
Recovery Planning
Improvements
Communication
![Page 28: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/28.jpg)
0x70 Eric Bärenzung
NIST Cybersecurity Framework
Identify Protect Detect Respond Recover
HIGHLOW
HIGH
PRO
BA
BIL
ITY
BUSINESS IMPACT
Risk Assesment
Defineyour
priorities
Think onCyber Insurance
![Page 29: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/29.jpg)
0x70 Eric Bärenzung
NIST Cybersecurity Framework
Identify Protect Detect Respond Recover
Awareness & Training
https://securityintelligence.com/news/insider-threats-account-for-nearly-75-percent-of-security-breach-incidents/(**) http://www.computerweekly.com/news/450425184/Security-professionals-name-top-causes-of-breaches
84%
cyberattacks reported been due, at least in part,
to human error (**)
TheX-Factor
![Page 30: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/30.jpg)
0x70 Eric Bärenzung
NIST Cybersecurity Framework
Identify Protect Detect Respond Recover
Anomalies & Events
Acquisition
AnalyzeActionACTION
ACTION
The rise ofMachine Learning &Artificial Intelligence
![Page 31: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/31.jpg)
0x70 Eric Bärenzung
NIST Cybersecurity Framework
Identify Protect Detect Respond Recover
Mitigation
Recovery Planning
Crisis Managementrequires
PREPARATION
üWho?üWhat?üHow?üWhen?
þþ¨
and TRAINING
üRegional Cyber Drill
![Page 32: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/32.jpg)
0x70 Eric Bärenzung
NIST Cybersecurity Framework
Identify Protect Detect Respond Recover
Recovery Planning
Develop
TestImprove
Last backup
IncidentSe
rvic
e le
vel
Time
DegradedService
Back to standard operations
RecoveryPoint Objective
RPOReturn Time on Objective
RTO
DownTime
![Page 33: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/33.jpg)
0x70 Eric Bärenzung
To resumeTake aways
![Page 34: Cyber risks in the satellite industry · To resume Takeaways ... Farid Nakhli Created Date: 10/6/2017 12:18:42 PM](https://reader034.vdocuments.net/reader034/viewer/2022042223/5eca02d6cb8ac030fe45539e/html5/thumbnails/34.jpg)
0x70 Eric Bärenzung
3 take aways
• Satellite industry is a sensitive target for hackers• Start, if not done already, to
• Evaluate your risks• Develop your strategy to protect your organization from
cyber threats• Cybersecurity is a business opportunity
• To differentiate from your competitors• And also to bring you additional revenues opportunities €€€