1 / 22

CYBER RESILIENCE IN CIVIL AVIATION

CYBER RESILIENCE IN CIVIL AVIATION. Sandrine GNASSOU Air Navigation Safety Oversight Inspector Head of CNS Department Civil Aviation Authority of Côte d’Ivoire. AGENDA. 54% Increase in mobile malware variants (2017). Cyber-security Facts and Figures

hslater
Download Presentation

CYBER RESILIENCE IN CIVIL AVIATION

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CYBER RESILIENCE IN CIVIL AVIATION Sandrine GNASSOU Air Navigation Safety Oversight Inspector Head of CNS Department Civil Aviation Authority of Côte d’Ivoire

  2. AGENDA

  3. 54% Increase in mobile malware variants (2017) • Cyber-security Facts and Figures • Cyber-crime damages will cost the world $6 trillion annually by 2021 (2017 Cybersecurity Ventures). • Cyber attacks are increasing and evolving. 600% Increase in attacks against Internet of Things (IoT) devices 46% increase in new ransomware variants Source : Symantec’s 2018 Internet Security Threat Report (ISTR) 2017 2016 Cette photo par Auteur inconnu est soumis à la licence CC BY-SA-NC

  4. Attacks on Aviation are happening… • In Civil Aviation, the threat is also both real and serious June 2014 September 5th 2018 Data breach 4

  5. Aviation Cyber-attack surface is growing… mean More interconnected systems Less isolated architectures with e-enabled aircrafts, clouded services, Total Airport Management… More reachable targets More Network centric infrastructure and operations Airport Airline operation center Airport Vehicles ANSP ATC Airline operation center ANSP ATC Vehicles MET Service provider Military OPS Center MET Service provider Military OPS Center Flow management Flow management 5 5

  6. Aviation Cyber-attack surface is growing… This means that civil aviation is very much exposed to cyber attacks

  7. AGENDA

  8. Cyber culture Roles & Responsibilities Training Incident Detection COTS Policy Standards and Guidelines Data & Services Threat Intelligence Forensics INTEGRITY Assessment AVAILABILITY Architecture CONFIDENTIALITY

  9. Resilience umbrella Recovery Response Preparedness Operational Continuity Response Prevention Emergency Response Pre-incident Post -incident Cyber Incident t=0 Time t

  10. Common Sources of Cyber Threats Mass Untargeted Targets Individuals

  11. Malware Phishing Ransomware Types of Cyber Threats Spam Botnets Identity theft Web application attacks Data Breaches • The ENISA* Threat Landscape Report 2017** provides the fifteen top threats (that have dominated the threat landscape in 2017) • (*) European Union Agency for Network and Information Security • (**)https://etl.enisa.europa.eu/#/ Information leakage Cyber espionage Physical manipulation/damage/theft/loss Web-based attacks Denial of Service Insider Threat Exploit kits

  12. Potential cyber attacks –Motives & Sophistication Increasingly sophisticated and motivated threat

  13. What about Aviation?

  14. CYBER ATTACK AHEAD • Aviation Cyber-threats landscape • Two categories of possible cyber threats to Aviation:

  15. Aviation Cyber-threats landscape • Main potential targets in aviation:

  16. Aviation Cyber-threats landscape – ATM example Injection of false information in controller-pilot data link communications Malware injection during maintenance Login usurpation on ATC system technical position Spoofing of GPS time Enroute ATC Approach ATC CNS Data spoofing CNS Data corruption Network Management Airport ATC Denial of Service attack on Aeronautical Information servers Aeronautical Information service provider Surveillance and Navigation infrastructure Spoofing of ADS-B Radio signal Airport operations centre Airline Operations Centre Meteo offices

  17. How can Aviation be resilient to cyber threat? Business continuity plans to maintain resilience and recover capabilities after a cyber breach. Identify primary assets (« crown jewels ») Risk Management Develop formal Cyber Policies Threat Intelligence contingency planning, procedures, and training and awareness Protect assets according to risk Build Cybersecurity culture : training, education, awareness Build layered system Cyber monitoring Networking to share cyber info, to predict new threats and be prepared

  18. AGENDA

  19. International efforts

  20. AFI Planning and Implementation Regional Group (APIRG) Infrastructure & Information Management (IIM) Sub-Group COMMUNICATION PROJECT 5 : « Assessment of AFI Aeronautical Networks Cyber Security” • Project objectives To assess and prevent internal and external cyber threats that impact availability, reliability, integrity and continuity of aeronautical networks in Africa To develop and implement a global cyber security policy for aeronautical telecommunications systems in Africa

  21. November 2019 APIRG IIM SG COMMUNICATION PROJECT 5 : « Assessment of AFI Aeronautical Networks Cyber Security” December 2017 October 2018

  22. October is the National Cybersecurity Awareness Month « Cyber Security is our shared responsability » THANK YOU

More Related