Upload
others
View
4
Download
0
Embed Size (px)
Citation preview
Security concerns in ATM SNMC 22
Cofely Ineo is a turnkey solution integrator
n Airport Infrastructure : production and backup power plants, solar power systems, secured electrical distribution, runway lighting, navigational aids (VOR, ILS, DME, NDB, DF), weather stations, equipment monitoring & maintenance…
n Telecommunications & networks : HF/VHF, UHF, MW, VSAT, LAN/WAN networks, remote VHF stations, secured optical fiber networks (data collection around the runway)
n Air Traffic Control : digital and analog voice communication switch systems (VCSS), recording systems, ITWP, integrated towers, mobile towers, AFTN/AMHS switch, AIS, time synch ron i za t i on , AT IS , D -AT IS , 3D simulators...
Cofely Ineo is an ATC/ATM product designer
n Cofely Ineo designs, develops and commercialize a business product range for the ATC world
n These products are sold under a new brand name :
be-safe.com
n Dedicated web site : www.be-safe.com
n AIRvoice : VCS over IP
n AIRtouch : Smart Tower Suite
n AIRview : Integrated Tower Position
n Simulation tools
Cofely Ineo : a world leader in VSAT/VHF networks
Aeronautics – March 2014
VSAT Network REDDIG 1 2001-2006 REDDIG 2 2013-2014
VSAT Network SADC
2006-2008
VSAT / VHF Network AFISNET 1998-2009
VSAT Network NAFISAT 2006-2008
VSAT / VHF Network Venezuela 2005-2008
VSAT / Microwave Network Perou
2011-2012
VSAT / VHF Network Tunisia
1994-1996
VSAT Network Gabon
2003-2004
VSAT Network Egypt
1996-1998
VSAT Network South Africa
2006-2008
VSAT / VHF Network Yemen
1997-2000
n PIRACY, CRACKING, HACKING have been going on for centuries
n WHY ?
n Due to the need by people to exchange informations n There is always somebody somewhere who wants your information
n Now, Internet, by extension all the networks and the diversity of the network (satcom, satellite network, ADS-B network, interconnection, office network, etc.), increase the risk of attack
History
• Differents types of attack use differents way through the vulnerabilities of
• Organisation • Physical access • Software
Tendances
Software Organisation Physical Access
• And can concerns all ATM area : • VoIP • Flight plan (AMHS) • Monitoring network (SNMP) • Network interconnection (AIDC) • Surveillance sensors (ADS-B, Radar, MLAT)
Tendances
• Laptop – First and main is that the laptop is « mobile »
• Satcom network – Signals are accessible by whoever and wherever in the coverage area – Satcom provider use more and more open source software
• Network services – Not update the security patch – Office network and production network on the same level – Interconnection
Threats and Vulnerabilities
Theft of the smartphone: 30 s Extract SIM card by thief: 30 s Broken the password:
4-digit password: broken within 636s 6-digit password: broken in 50 hours 8-digit password: broken in 165 hours
Keychains violation:
40 minutes All password are available (bank app, wifi code, photos with geolocalisation
Example: Iphone
Within 1 minute, the smartphone is isolated
Within 1 hour, all your life in the hands of a hacker
Unavailabilty of satcom services
Catastrophic, in terms of safety, brand image, economy A lots of possible threats:
Terrorists State Competitor
ATM services are a target as banks, intelligence services, websites or any companies
Example: ATM Satcom network
HOW
• ORGANISATION • PHYSICAL PROTECTION • TECHNICAL DEVICE
Implement Security Process
• Security is a process, not a product • We can help you to implement a security process on these 3 major domains
cofelyineo-gdfsuez.com
PASSION FOR SUCCESS