Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
Satcom Direct, Inc ©2015 All Rights Reserved.
Troubleshooting and Cyber ProtectionJosh Wheeler
May 4, 2016
Satcom Direct, Inc ©2015 All Rights Reserved.
Network Security
Network Security Risks
Video
Satcom Direct, Inc ©2015 All Rights Reserved.
Network Security Risks
Article
Satcom Direct, Inc ©2015 All Rights Reserved.
Network Security Risks
Data stealing or disruption of network systems is a critical issue costing money, downtime and
possible embarrassment to a company
Methods range from social engineering attacks to theft of passwords and credentials, spam, malware
and more.
Satcom Direct, Inc ©2015 All Rights Reserved.
Network Security Risks
A threat is any event or action that could potentially result in the violation of a
security requirement, policy, or procedure.
Unintentional or unauthorized access or changes to data.
Interruption of services.
Damage to hardware.
Unauthorized access or damage to facilities.
Satcom Direct, Inc ©2015 All Rights Reserved.
Network Security Risks
Vulnerability is any condition that leaves a system open to attack.
Vulnerabilities can come in a wide variety of forms, including:
Improperly configured or installed hardware or software.
Bugs in software or operating systems.
Poorly designed networks.
Poor physical security.
Insecure passwords.
Satcom Direct, Inc ©2015 All Rights Reserved.
Network Security Risks
An attack is a technique that is used to exploit a vulnerability in any application
on a computer system without the authorization to do so.
Satcom Direct, Inc ©2015 All Rights Reserved.
Network Security Risks
Measures must be taken within all environments for data to be secure
Remote locations must follow the same policies set forth by a company
Users have a responsibility to help secure data
Being educated
Following policies
Knowledge of what you are connecting to
Satcom Direct, Inc ©2015 All Rights Reserved.
Network Security Risks
Example
Web browser add-ons are
inherently trusted by users and are
being targeted as vehicles for
installation of malware
Satcom Direct, Inc ©2015 All Rights Reserved.
Network Security Risks
Example
Secure Passwords
https://www.my1login.com/resources/password-strength-test/
Satcom Direct, Inc ©2015 All Rights Reserved.
Network Security Risks
Common types of network threats
Evil Twin/Rogue Access Points - Setup a fake wireless network to capture data
Spear Phishing - Increased exposure due to limited controls
Command and Control - Reduced controls allows tools to call home
Advanced Persistent Threats (APT)
Reduced Logging - Impedes forensic analysis if there is an event
Satcom Direct, Inc ©2015 All Rights Reserved.
Network Security RisksE V I L T W I N / R O G U E A C C E S S P O I N T S
Satcom Direct, Inc ©2015 All Rights Reserved.
A user unknowingly associates with a rouge or fake wireless access point which has the same
name as the legitimate access point
The intent is to capture/steal data passing through the rouge access point
Network Security RisksS P E A R P H I S H I N G
Satcom Direct, Inc ©2015 All Rights Reserved.
An email which appears to be from a known
individual or business but is not
Typically targets a specific organization or group
Intent is to get credit card, bank account numbers,
passwords, trade secrets, etc. typically by clicking a link
to enter information
Increased exposure due to limited controls
End user (employee) can decide to click the rouge link
Network Security RisksC O M M A N D A N D C O N T R O L M A LW A R E
Satcom Direct, Inc ©2015 All Rights Reserved.
Malware gets unknowingly installed
Conducts a “call-home” to fetch updated and
instructions from the Command and Control
servers
Sends back stolen information
Network Security RisksC O M M A N D A N D C O N T R O L M A LW A R E
Satcom Direct, Inc ©2015 All Rights Reserved.
Malware gets unknowingly installed
Conducts a “call-home” to fetch updated and
instructions from the Command and Control
servers
Sends back stolen information
Network Security RisksA D VA N C E D P E R S I S T E N T T H R E AT S ( A P T )
APT: a network attack in which a person gains
access to a network (through a variety of sources)
and resides undetected for an extended period of
time
Goal: steal data undetected vs. cause damage to the
network
Target: high-value sectors, such as national defense,
manufacturing and finance
Satcom Direct, Inc ©2015 All Rights Reserved.
Network Security RisksN E T W O R K L O G G I N G A N D M O N I T O R I N G
Satcom Direct, Inc ©2015 All Rights Reserved.
A security firm1 recently identified insufficient
logging and monitoring as #6 on a list of top
ten network security mistakes
Sufficient logging and monitoring can help
provide a quick explanation of why a
security breach occurred and who may be
involved
Almost any device which is managed on a
network can and should generate logs
1Fishnet Security
Network Security RisksN E T W O R K L O G G I N G A N D M O N I T O R I N G
Satcom Direct, Inc ©2015 All Rights Reserved.
Top reasons to use network monitoring
Be informed of your network status from anywhere
Plan for upgrades or changes
Diagnose problems quickly
Make sure your security systems are operating properly
1Fishnet Security
Satcom Direct, Inc ©2015 All Rights Reserved.
Airplane Hacking
Network Security Risks
Airplane hacking
News reports of aircraft hacking and takeover are based off an April, 2015 - Government Accountability Office
(GAO) report on aircraft network security revealed possible vulnerabilities within aircraft systems.
Advised by cybersecurity and aviation experts.
No mock-ups or system testing were carried out.
FAA’s Office of Safety has started reviewing rules for certifying the cybersecurity of all new aircraft avionics
systems.
Full report available at: http://www.gao.gov/products/GAO-15-370
Report specifically addresses commercial aviation where cabin and flightdeck networks are known to be integrated
Satcom Direct, Inc ©2015 All Rights Reserved.
Network Security RisksA I R P L A N E H A C K I N G
Satcom Direct, Inc ©2015 All Rights Reserved.
Boeing example (737-900)
Onboard Network System (ONS) securely connects
airline operations and maintenance with key airplane
data and software parts.
ONS integrates with IP-based satellite connectivity systems.
Cockpit and Cabin share a common router
Separated via a firewall
Satcom Direct, Inc ©2015 All Rights Reserved.
Security Compliance
Security ComplianceM U LT I P L E I N T E R N E T G AT E W AY S ( C O N N E C T I O N S )
Multiple internet connections proves
difficult without the proper setup:
No single monitoring/filtering for exiting
traffic
No guaranteed compliance policy
application
No central logging capability
Allows for multiple attack entry points
Satcom Direct, Inc ©2015 All Rights Reserved.
Security ComplianceC O R P O R AT E G AT E W AY
Security and compliance services delivered
by the end user’s security department and
governed by their IT security policies
Filtering
Virus, email and program scanning
Active monitoring
Prevents un-compliant access
Internet access is provided by the corporate
data center or other exit (egress) point
Satcom Direct, Inc ©2015 All Rights Reserved.
SD Private Network
SD Private NetworkS D T I E R I I I D ATA C E N T E R
Privately owned, secure data center for SD
customers
Allows customer’s to secure their data from the
aircraft, to the ground, to a chosen end point
Data center to internet
Data center to Corporate data center
Data center to a chosen Corporate location
Ensures your traffic travels a secure, known path
SD Private NetworkS D P R I VAT E R O U T I N G
SD operated internet gateways (PoP) worldwide
Amsterdam, New York, Florida, London
Public, private, dynamic, static, US and Europe
based IP addressing
Based on Needs
Private data routing for Ku, Ka, L-band
SD Private NetworkS E C U R E C O N N E C T I V I T Y
Satcom Direct, Inc ©2015 All Rights Reserved.
The reality is users connect through unsecure
locations. Including the aircraft
Free Wi-Fi could potentially be a rouge access point.
VPN connectivity is one solution to help secure data
?
SD Private NetworkS D P R I VAT E R O U T I N G
Satcom Direct, Inc ©2015 All Rights Reserved.
Secure connectivity
Leased line connection from SD Data Center to
Corporate HQ
Aircraft data traffic is delivered directly to your corporate
network
Bypasses the public internet
Your onboard operates completely within your corporate
compliance requirements
SD Private NetworkS D D ATA C E N T E R I S C E R T I F I E D S E C U R E
Satcom Direct, Inc ©2015 All Rights Reserved.
SSAE 16 SOC 1 Type 2
ISAE3402
Financial reporting assurance standards
FISMA Compliant
Protection of government information, operations and
assets against natural or man-made threats
Electronic Government Act of 2002
PCI Compliant
Security for credit, debit, and cash card transactions
HIPAA Compliant
National Security standards to protect patient data
SD Private NetworkS D D ATA C E N T E R T E S T I N G
Satcom Direct, Inc ©2015 All Rights Reserved.
Penetration testing (PEN testing)
Proactive, authorized evaluation of an IT infrastructure’s
security and vulnerabilities Allows for identification and
report of possible security vulnerabilities, both internal
and external.
Weekly testing is carried out by certified ethical
hackers based at the SD Data Center
Software and hardware modifications are tested for
security.
Ability to test end customer SDR configurations.
SDM O R E T H A N J U S T S AT C O M
Satcom Direct, Inc ©2015 All Rights Reserved.
Premier Solutions Provider:
Flight operations
Cabin services
Network security (compliance)
Network Operations Center
Hardware
Training
SD World Headquarters
SD Secure Datacenter
Satcom Direct, Inc ©2015 All Rights Reserved.