Newsroom

Here is a snapshot of CyberInflight’s Quarterly Digest. For this edition, we have set the focus on the topic of aerospace cybersecurity regulations. Some significant steps, from IATA in particular, have been taken lately which are worth digging into.

This digest aims to help you get a broader and updated vision of the current regulatory landscape and extract the core information from this vast topic, through the use of mind-maps in particular.

Feedback/suggestions/comments at : contact@cyberinflight.com

Table of Content:

I. Regulatory framework

• 

Understanding the current cybersecurity regulatory landscape is difficult, isn’t it? 😣 In this mind-map, CyberInflight has selected for you publicly available must-reads.
Stay tuned as our coming quarterly digest for Q3 will focus on the topic of cyber-regulations in civil aviation.

• 

Note that in this mind-map some branches have been folded. The exhaustive resource will be made available soon to the readers of our quarterly digest/.

Also, a “download section” on our website will soon be available to get access to high-res resources.👍

During the first week of October 2020, CyberInflight had the opportunity to give its first Cybersecurity Awareness Training for Airline Executives during a 2-days session.

Our customer, a national carrier, operating a fleet of approximately 100 aircraft, sustained a major cyberattack some time back, and is convinced of the importance of cybersecurity awareness among its staff, and rightly so, as most of cyberattacks usually starts by the compromising of the human element.

People attending this training came from different horizons and departments (IT Department, Aviation Security Department, Flight Crew Division, Ground Service, Engineering Department, Safety and Quality Department, etc.).

Contact us if you wish to know more about this training: contact@cyberinflight.com

• 

• 

Learn about the cybersecurity regulatory context through different perspectives: the regulator, civil aviation authority and the research community.

• 

• 

Discover more about the topic of vulnerability disclosure and non-disclosure agreement.

• 

• 

• 

Flashcard from the “DEFCON 28 Aerospace Village: Building Connections Across the Aviation Ecosystem”.

• 

• 

“DEFCON has been cancelled !” DEFCON the world famous hacking convention has entered in SAFE MODE, meaning that it will take place virtually this year. During this outstanding event, the Aerospace Village is organizing a variety of virtual talks, workshops and CTFs with contributions from both public and private industry, all designed to provide education and awareness about aerospace cybersecurity and foster collaboration between the aerospace industry and the security researcher community.

CyberInflight is following this event with great interest !

If you can’t join the event or if you don’t have the time to go through all the content and videos made available by the Aerospace Village, CyberInflight will provide you with flahcards so you can the takeaways of each talk at one glance !

Please let us know your comments, suggestions.

• 

Life is made of small victories ! 🌟
We just reached 100 followers on LinkedIn !

Here is a snapshot of CyberInflight’s Quarterly Digest. For this edition, we have set the focus on the topic of Dark Web. Find out how it works, what type of information can be found, and how it could impact the aerospace community.

You will also learn about the recent ransomware attack on an aerospace engineering group, how cyber attackers are impersonating major aerospace companies to spread malware, recent attacks targeting air transportation in the Middle-East, the data breach of a US airport, another case of supply chain attack and much more.

Table of Content.

I. Dark Web: Facts and Myths

• Introduction
• A dive in the Dark Web
• Its users
• Its usage
• Recent soar of blogs leaking corporate data
• Operating mode of ransomware groups
• Examples of ransomware groups communications
• Aerospace related information on the Dark Web

II. Threat Intelligence

• Noticeable facts for Q2 2020 (1/2)
• Noticeable facts for Q2 2020 (2/2)

III. Food for thoughts:

• Creation of a Principal-Agent problem

• 

The topic of Dark Web seems to convey its set of myths and questionings. In its coming quarterly digest, CyberInflight is willing to share the result of its latest researches and analysis to shed some light on this topic and help aerospace stakeholders improve their posture.

The figure below shows that ransomware groups are accelerating the creation of websites dedicated to the publication of confidential corporate data stolen during their malicious activities. Some aerospace companies are among the victims, either through direct attack or through the compromising of their supply chain.

Digest available beginning of July. You will also find in this digest a review of the latest cyberattacks on aerospace stakeholders.

Do not hesitate to share your feedback with us.