Difficult situations – such as the current coronavirus pandemic – often bring out the best in people, as exemplified by the global outpouring of support for heroic healthcare and medical professionals in recent weeks. Unfortunately, these situations also can accentuate the worst – which is why the Airbus CyberSecurity team hasn’t skipped a beat since the COVID-19 outbreak began, preventing adversaries from stealing valuable data and crippling essential systems at an unprecedented time for governments, agencies, corporations and individuals alike.
According to Nicolas Audiot, the Deputy Head of the Airbus Security Operations Centre (SOC) in Elancourt, France, regular operations are continuing while half of his 40 colleagues now contribute remotely – with one team physically present at the SOC for two weeks while the other team works from home, then switching – to reduce the risk of coronavirus infection.
This setup is essential to maintain the quality of operations 24/7, especially in times where cyber-criminals are trying to exploit the public’s fear of COVID-19.
Resisting ransomware and other malware
One such scam being perpetuated is called “waterholing,” in which adversaries disguise their intentions by registering internet addresses referring to the coronavirus to build fake websites. The aim is to attract as many followers as possible, and then launch ransomware or other kinds of malware.
In ransomware attacks, adversaries infiltrate networks and encrypt important data – from hospitals, for instance – and demand a ransom before releasing the data again. “Many victims just pay,” said Audiot, adding that most simply can’t afford to shut down. But even after paying a ransom, there is no guarantee the victims will return to a functioning system.
Phishing email attacks also are on the rise. If recipients click on links or attachments, malware is deployed which hackers then utilise to steal business-critical information. Both ransomware and phishing have been increasingly afflicting companies and institutions since the spread of COVID-19 began, Audiot added.
Airbus’ cyber experts also have observed an uptake of Virtual Private Network (VPN)-related exploits. Here, adversaries are scanning VPN servers to take advantage of systems that companies have set up to enable their employees to work from home, but which were poorly configured or have vulnerabilities.
According to Audiot, the SOC has responses for all such threats. "We have deployed so-called Indicators of Compromise or IOCs and provided our customers with tactical instructions – helping to protect them from harm,” he explained.
On the alert for new threats
In constantly assessing the risks, Airbus’ SOC teams design and implement detection means, analyse potential attacks, define adequate remediation measures; repeating this cycle indefinitely, taking the intelligence provided and shared by their colleagues into account.
“Not only do we cover ‘simple’ threats such as malware and ransomware, we’re also focussed on attacks that come from nation-state actors who attempt to steal valuable data or cripple essential systems,” added Audiot.
During the Airbus cyber security operations, Level 1 colleagues identify and evaluate suspicious activities and notify customers in case of a real threat. If it is an attack, Level 2 personnel continue to investigate and define measures. Level 3 colleagues and Incident Response Teams come into play when more complex attacks are to be fended off. The Service Delivery Managers act as an interface between SOC teams and customers, coordinating all measures.
A business jet designed for flexible use must have an interior which can be reconfigured to suit different missions. And that is exactly what the Pilatus PC-24 Super Versatile Jet offers. To demonstra...
A technological icon in Brazilian agriculture with five decades of operation, Embraer has delivered the 1500th Ipanema agricultural aircraft. The aircraft, which received a commemorative painting allu...
In line with the gradual recovery of the aviation market, airBaltic announces that it has started recruitment of a total of 120 additional pilots, including graduates of the airBaltic P...
Ahead of the upcoming 2022 edition of Frieze New York, VistaJet announces its new global partnership with Frieze Art Fairs. With over 80% of VistaJet’s Members sharing a passion for ar...