Satcom Direct (Booth W115) a global connectivity solutions company, comes to EBACE 2019 with some disturbing news: nefarious hackers are going after passengers on business jets with rising frequency. The company tracks cyber threats on the 600 aircraft subscribing to its cybersecurity threat-monitoring module from its purpose-built facility that meets Tier III standards, complies with major industry requirements, and is designed to withstand a Category 5 hurricane in Melbourne, Florida. Recently, it has logged a 54 percent increase in critical and high-level threats.
The company noticed that recent threats are often from organized groups such as Fancy Bear and sophisticated, well-known hackers, some of whom are hired by nation-states or criminal entities hoping to create chaos or target specific VIPs. Critical threats represent activity that can affect default installations of widely deployed software such as consumer digital device operating systems, compromising servers, and leaving a back door for additional malice (Trojan horse or viruses). A high-level threat would be a web browser exploitation or malware that can cause serious long-term damage to complete corporate networks.
“These perpetrators making particularly nasty threats invariably involve a group of black-hat hackers working in a closed network that continuously attack aircraft,” said Josh Wheeler, senior director of cybersecurity at Satcom Direct. It takes a lot to stop these aggressive and intelligent hacks, but Satcom Direct said its SD Pro dashboard is fine-tuned for the job, monitoring both inbound and outbound threats and delivering a real-time, centralized inflight view of the cabin network.
The SD Threat monitoring module provides the data activity to the aircraft's flight departments and Satcom Direct security experts. Any abnormal behavior on the network is flagged and potential threats are simultaneously blocked before they can reach the digital devices in use on the aircraft. And if a compromised device is detected, the service can block that device from propagating the threat or “calling home” to the hacker, who would then know the door was open for harvesting data from the devices infected.
That is the hardware/software side of how Satcom Direct handles cybersecurity for its subscribers, but there is a human factor to every hacked machine, insisted Michael Skou Christensen, vice president of Satcom Direct International.
“The traditional path to protection is always the device side. Install a VPN, for instance," he told AIN. "But 80 to 90 percent of risk in cybersecurity are exploits on that human factor, so we try to educate the flight departments and crew on best practices. We bring in the corporate IT department as well and work together to create a private corporate network on the aircraft that duplicates the kind of protection that IT is already providing for the executives in their homes and offices.”
The company provides a threefold approach to education on cyber threats, and the first two levels are available at no charge. Anyone can download the Satcom Direct white paper on cybersecurity from the company’s website, and the company provides a free audit of any company’s security, pointing out holes in the “armor.”
Under its paid services, Satcom Direct offers an Aero IT educational program that is designed specifically for flight department IT personnel so that they can understand the Satcom Direct cybersecurity capability and also teach them how to coordinate with it. Finally, the company’s Aero CNCT crew network connectivity training, offered in collaboration with FlightSafety International, is designed for pilots and flight attendants who interface directly with the executives and VIP passengers carrying devices onto the aircraft.
“As part of our service, we survey the clients’ procedures regarding cabin connectivity and outside devices brought onboard and we make suggestions on best practices," said Christensen. "One of those practices might well be a passenger connectivity briefing by the crew or a seatback card with instructions for passengers.”