I was quoted in the following article alongside Gerome Billois (Partner – Cybersecurity and Digital Trust – Wavestone) and Martial Gervaise (Cybersecurity Expert – Former Deputy Director at Orange Group). This article shows how important it’s to have a guideline in your cybersecurity career. This article shows also how it’s important to share whith others. It’s not by staying on your own that you grow the community. It’s by sharing that we collectively increase our skills. Cybersecurity grows when it’s shared.
I was elected as a CyberStar (or SpaceCyberStar) by Yohann BAUZIL. CyberStar is a program that highlights those who work to make cybersecurity a reality on a daily basis, either by sharing their knowledge or by their work.
I’m very proud to receive the following certificate of completion for having successfully completed the training course : « Introduction to Cybersecurity in Space Systems » with Tim Fowler.
This training course took place at « The Most Offensive Con that Ever Offensived – Bypass Edition » event organized by Antisyphon Training from 13 to 15 March, 2024.
« Introduction to Cybersecurity in Space Systems » was a course designed to expose cybersecurity professionals to the concepts and implementations of space systems including the ramification and impacts security can have on a mission.
In this course each element was broken down into its most basic components and we had the opportunity to look at how proper security can be applied; what tradeoffs must be made and many of the operational constraints governing every design decision.
This course walked students through each of the segments that make up a space system, the subsystems that comprise a spacecraft, and ways that each need to be defended from attacks.
This course also included multiple hands-on labs that will walk students through the process of implementing a custom ground station solution, a virtual satellite with simulated subsystems, and executing simulated attacks against both.
At the completion of this course, I have now a fundamental knowledge and understanding of space systems, how and where security can be implemented and I have a set of tools, I can use to further their knowledge and experience.
First of all, I want to congratulate Antisyphon Training and Tim Fowler for the high-quality of this training.
My first impressions is that the slides have a high-quality. I noticed that Tim’s terminology is very precise. This shows Tim’s great experience and expertise. The labs was very practical and simulate reality. The lab environment was very comprehensive and highly technical.
In conclusion, I’m really happy and proud to have had this unique opportunity to follow Tim’s training.
It gave me access to unique content of great value. Tim had the opportunity to demonstrate his great expertise and experience on the subject.
I definitely recommend to follow this course to someone who want to increase its knowledge in space systems cybersecurity.
In this article, I will show how I used the MITRE EMB3D™ Threat Model to identify vulnerabilities in SIEMENS PLCs that were exploited by the Stuxnet worm to sabotage the Iran’s nuclear centrifuges.
About the MITRE EMB3D™ Threat Model
EMB3D™ is a Cybersecurity Threat Model release by MITRE in May 2024 and dedicated for Embedded Devices.
EMB3D is aligned with and expands on several existing models, including Common Weakness Enumeration, MITRE ATT&CK®, and Common Vulnerabilities and Exposures, but with a specific embedded-device focus. The threats defined within EMB3D are based on observation of use by threat actors, proof-of-concept and theoretical/conceptual security research publications, and device vulnerability and weakness reports. These threats are mapped to device properties to help users develop and tailor accurate threat models for specific embedded devices.
Coming in the next release of EMB3D in Summer 2024, each threat description will include a set of Foundational, Intermediate, and Leading mitigations. These mitigations will provide guidance on what technical mechanisms can best prevent or reduce the risk of that threat.
For each threat, EMB3D will suggest technical mechanisms that vendors should build into the device to mitigate the given threat. EMB3D is a comprehensive framework for the entire security ecosystem—device vendors, asset owners, security researchers, and testing organizations.
To know more about the MITRE EMB3D™ Cybersecurity Threat Model for Embedded Devices, check our article here.
About the Stuxnet attack
Stuxnet is a highly sophisticated worm discovered in 2010, believed to be developed jointly by the United States and Israel. It targeted supervisory control and data acquisition (SCADA) systems, particularly those used in Iran’s nuclear program. Stuxnet specifically aimed at disrupting uranium enrichment processes by sabotaging centrifuges, demonstrating the potential of cyber weapons to physically damage critical infrastructure. Its complex code and ability to spread rapidly made it one of the most advanced and impactful cyber weapons ever deployed.
Stuxnet attack overview
Stuxnet specifically targeted industrial process control systems manufactured by Siemens, including programmable logic controllers (PLCs). It exploited vulnerabilities in the software and communication protocols used by these systems to infiltrate and take control of the PLCs. Once infected, the PLCs could be manipulated to disrupt the operation of the centrifuges used in the Iranian nuclear program.
What is STEP 7 in Siemens PLC and how does Siemens PLC work
STEP 7 is a software platform developed by Siemens for programming and configuring its programmable logic controllers (PLCs). It is part of the Totally Integrated Automation (TIA) Portal, which provides a comprehensive suite of tools for automation tasks, including PLC programming, human-machine interface (HMI) design, and more.
Siemens PLCs are industrial control devices used to automate processes in various industries, such as manufacturing, energy, and transportation. They consist of hardware components, such as the CPU (central processing unit), input/output modules, and communication modules, which interface with sensors, actuators, and other devices in the physical environment.
The PLC’s operation is based on a programmed logic controller, which executes a control program created using software like STEP 7. The program defines the behavior of the PLC in response to inputs from sensors and other sources. When inputs change, the PLC processes this information according to the program’s logic and produces outputs to control actuators, machinery, or other devices.
More about the Siemens STEP 7 software platform here.
Identifying properties of the Siemens embedded device
What I consider as an embedded device is the STEP7 Workstation and the Siemens S7 series PLCs.
Device Property #1
Siemens S7-300 PLC does not include a traditional operating system (OS) or kernel in the same sense as a general-purpose computer. Instead, it operates using firmware that is specifically designed for real-time control tasks. This firmware is tightly integrated with the hardware of the PLC and is optimized for deterministic and reliable operation in industrial environments.
So, in the EMB3D™ Device Properties tool / System Software, I checked PID-23 – Device includes OS/kernel
Device Property #2
Applications and softwares are present and running on Siemens PLCs. These softwares are used for programming and configuring the PLC to perform specific control tasks. In the case of Siemens PLCs, the programming software is typically part of the Totally Integrated Automation (TIA) Portal suite, which includes tools like STEP 7 for programming.
Programmers use this application-level software to create control logic using programming languages such as ladder logic, function block diagram (FBD), or structured text. Once the control program is developed, it is downloaded to the PLC, where it runs directly on the PLC’s firmware.
This application-level software allows users to define the behavior of the PLC, specify how inputs should be processed, define control logic, and configure outputs to interact with the physical environment. It also provides tools for debugging, monitoring, and maintaining the PLC program during operation.
So, in the EMB3D™ Device Properties tool / Application Software, I checked PID-31 – Application-level software is present and running on the device
Device Property #3
Siemens PLCs, including the S7-300 series, have the ability to deploy custom programs created using engineering software or integrated development environments (IDEs). Siemens provides programming software such as STEP 7 (part of the TIA Portal suite) for developing custom control logic programs.
So, in the EMB3D™ Device Properties tool / Application Software, I checked PID-321 – Device includes ability to deploy custom programs from engineering software or IDE
Device Property #4
Siemens PLCs do include system function blocks, which are pre-defined blocks of logic that perform specific tasks within the PLC’s firmware. These function blocks are provided by Siemens as part of the PLC’s programming environment and are used for various system-level tasks, such as reading system information, manipulating data blocks, managing communication protocols, and performing other administrative functions.
So, in the EMB3D™ Device Properties tool / Application Software, I checked PID-3231 – Device includes ability to run custom/external programs as native binary without a confined/restricted environment
Siemens PLCs Properties to Threats Mapping
The following table is mapping the Device Properties to a list of Threats the Siemens S7 series PLCs may be exposed to because it incorporates those properties and features.
The next is to check if these vulnerabilities have been exploited by the Stuxnet worm.
Stay tuned … Coming soon
About the MITRE ATT&CK for ICS Matrix
To go futhermore convergence of IT and OT, and the concept of ICS (Industrial Control System), you can also have a look on the MITRE ATT&CK for ICS Matrix.
The MITRE ATT&CK for ICS Matrix is an overview of the tactics and techniques described in the ATT&CK for ICS knowledge base. It visually aligns individual techniques under the tactics in which they can be applied.
The MITRE ATT&CK for ICS matrix (Source: https://collaborate.mitre.org/attackics/index.php/Main_Page)
Below is the mapping of Stuxnet attack on the ATT&CK for ICS matrix (Than’ks to Airbus Cybersecurity). « Mapping Stuxnet to the ATT&CK for ICS matrix, as shown in figure 3, quickly shows how complex this attack was. Business risk owners can now identify which techniques to focus on if they need to minimise the risk from strikes like Stuxnet. »
Mapping of Stuxnet on the ATT&CK for ICS matrix (Source: https://airbus-cyber-security.com/mitre-attck-for-ics-everything-you-need-to-know/)
Collaborative framework provides common understanding to mitigate cyber threats to critical infrastructure
MCLEAN, Va. & BEDFORD, Mass., May 13, 2024–(BUSINESS WIRE)–The EMB3D Threat Model is now publicly available at https://emb3d.mitre.org. The model provides a cultivated knowledge base of cyber threats to embedded devices, providing a common understanding of these threats with the security mechanisms required to mitigate them. The model is the result of a collaborative effort by MITRE, Niyo Little Thunder Pearson, Red Balloon Security, and Narf Industries.
“The diverse perspectives and invaluable insights shared have fortified our approach, ensuring a robust and effective solution to address the evolving challenges in embedded device security.”
EMB3D model strengthened by peer reviews from infrastructure industries
After the model garnered significant interest for peer review across diverse industries, numerous organizations piloted the threat model, offering invaluable feedback. The EMB3D team appreciates the interest and feedback from vendors and integrators across many industries, including energy, water, manufacturing, aerospace, health, and automotive, as well as researchers and threat tool vendors. This ongoing collaborative effort has been instrumental in refining and enhancing the model’s content and usability. The team looks forward to continued collaboration to strengthen the ability of the model to enable “secure by design.”
“Our framework’s strength lies in the collaborative efforts and rigorous review process across industries,” said Yosry Barsoum, vice president and director, Center for Securing the Homeland at MITRE. “The diverse perspectives and invaluable insights shared have fortified our approach, ensuring a robust and effective solution to address the evolving challenges in embedded device security.”
Leveraging established models to strengthen embedded device security
EMB3D aligns with and expands on several existing models, including Common Weakness Enumeration, MITRE ATT&CK®, and Common Vulnerabilities and Exposures, but with a specific embedded-device focus. The threats defined within EMB3D are based on observation of use by threat actors, proof-of-concept and theoretical/conceptual security research publications, and device vulnerability and weakness reports. These threats are mapped to device properties to help users develop and tailor accurate threat models for specific embedded devices.
For each threat, EMB3D suggests technical mechanisms that vendors should build into the device to mitigate the given threat. EMB3D is a comprehensive framework for the entire security ecosystem—device vendors, asset owners, security researchers, and testing organizations.
An evolving framework for a dynamic threat landscape
EMB3D is intended to be a living framework, where new threats and mitigations are added and updated as new threat actors emerge and security researchers discover new categories of vulnerabilities, threats, and security defenses. EMB3D is a public, community resource where all information is openly available and the security community can submit additions and revisions.
MITRE’s mission-driven teams are dedicated to solving problems for a safer world. Through our public-private partnerships and federally funded R&D centers, we work across government and in partnership with industry to tackle challenges to the safety, stability, and well-being of our nation. Learn more at mitre.org.
In March of 2022, Network battalion 65 (NB65), a hacktivist affiliate of Anonymous, publicly asserted its successful breach of ROSCOSMOS’s satellite imaging capabilities in response to Russia’s invasion of Ukraine.
NB65 disseminated a series of primary sources as substantiation, proclaiming the incapacitation of ROSCOSMOS’s space-based vehicle monitoring system and doxing of related proprietary documentation.
Despite the profound implications of hacktivist incursions into the space sector, the event has garnered limited attention due to the obscurity of technical attack vectors and ROCOSMOS’s denial of NB65’s allegations.
Through analysis of NB65’s released primary sources of evidence, this paper uncovers the probable vulnerabilities and exploits that enabled the alleged breach into ROSCOSMOS’s ground and space segment. Additionally, this paper highlights lessons learned and the consequences this event has for the global aerospace community.
The authors of this paper are : Rajiv Thummala and Gregory Falco
I february 2024, I successfully passed the Certificate of Competence in Zero Trust (CCZT) from the Cloud Security Alliance (CSA).
This certificate is a logical follow-up to the CCSK (Certificate of Cloud Security Knowledge) awarded by the same CSA organization (to know more about CCSK, read my article here).
Zero Trust Philosophy is :
Never Trust Always verify
Assume a hostile environment
Assume breach
Scrutinize explicitly
Apply unified analytics
The CCZT is considered the first Zero Trust certificate in the industry, developed by combining the guidance of Zero Trust experts, foundational documents from authoritative sources, and leadership from vendor-neutral CSA Research.
Building on the foundational principle of Zero Trust that no part of a computing and networking system can be implicitly trusted, CCZT will give you the knowledge and skills necessary to implement a Zero Trust strategy and reduce systemic risk.
CCZT outlines how to put specific measures in place to provide assurance that systems and their components operate appropriately and are continuously verified.
CCZT enables you to understand and implement Zero Trust principles into business planning, enterprise architectures, and technology deployments.
The Certificate of Competence in Zero Trust consists of the following topics:
PenTest and Hakin9 are very proud to present with a special edition, created in a collaborative process between experts in the field of space cybersecurity, PenTest, and Hakin9 magazines. The topic is currently getting more and more deserved attention, and they are more than happy to bring experts’ voice to the table here.
In the “Space Cybersecurity” eBook by PenTest & Hakin9 you will read about this fascinatingarea from a variety of perspectives: from the future of optical and laser communication and its security, through cybersecurity measures in modern space exploration, simulating the test of space systems with S-WAN, end-to-end security management system using COSMOS2, Space threats and operational risks to mission, security by design for satellites, to the relevant information about ASAT, geopolitical aspects of space cybersecurity, and cybersecurity in the ground segment for space industry.
It is a great compendium of knowledge provided by the practitioners in the field. Special thanks to all the contributors, reviewers, and proofreaders involved in the creation of this issue.
Let’s launch and dive in the reading process.
TABLE OF CONTENTS
The Future of Satellite Communication: Optical Communication and Lasers. Is it Secure? from Angelina Tsuboi
Although there are a plethora of benefits that emerge from migrating to optical- based communications infrastructure, it still has some drawbacks. Firstly, optical communications rely on high precision since information is sent via a narrow beam pointed at the receiver. This significantly reduces the margin for error as even a slight deviation of the beam could result in signal disruption. Moreover, optical signals are highly vulnerable to interference found in external light emissions from various sources like the sun and other optical signals. Both of these factors make optical communications vulnerable to interception, spoofing, jamming, and physical attacks.
Cybersecurity Measures in Modern Space Exploration from Sylvester Kaczmarek
As with any computerized system, autonomous space systems are vulnerable to software-based attacks. Malicious entities could potentially introduce rogue software into these systems. Such software could subtly alter the system’s behavior, making it perform unintended actions or even sabotage its mission. For instance, a malicious software injection could alter a satellite’s data collection parameters, leading it to transmit false or corrupted data back to Earth. In the case of an autonomous rover on a distant planet, such an attack could result in it straying into hazardous terrain or failing to carry out its scientific objectives. Moreover, the specific security risks vary between different types of autonomous space systems. For instance, autonomous satellites managing Earth observation may be targeted to manipulate environmental data, while rovers exploring extraterrestrial surfaces could be commandeered to disrupt scientific discovery or misrepresent findings.
S-WAN: Simulate the Test of Space systems from Jamel Metmati
The simulation doesn’t replace the test on the real chambers once the satellite’s assembled. It provides support on the process between the preliminary design and the assembly, integration and test phase, the operational activity in space. The simulation gives an environment test to monitor and control the satellites to understand anomalies to be studied and to be corrected on short notice.
Space Threats and Operational Risks to Mission (STORM) from William Ferguson
There is a clear need for space cybersecurity workforce development that will require public, private, and international government cooperation. Significant progress is already being made with the ongoing efforts to build space cybersecurity skills through cutting-edge platforms like Moonlighter, an on-orbit cybersecurity training platform, Hack-a-Sat, and established communities like the Aerospace Village that have existed for some time. But there is still more work to be done.
End-to-End Security Management of Space Systems using COSMOS2 from Dr Jordan Plotnek
This article provides an overview of the outcomes of a multi-year research project resulting in the novel COSMOS2 (Contemporary Ontology for the Security Management of Space Systems) framework, developed through iterative feedback from space security experts across 10 countries. The framework includes a definition for space systems security and a tabular taxonomy encompassing the protection of five segments (Ground, Space, Communications, Human, and Governance) against four threat categories (Non-Malicious, Cyber, Electromagnetic, and Kinetic).
Safeguarding Earth’s Frontline: The Crucial Role of Cybersecurity in Space Operations from Olga Nasibullina
To fortify cybersecurity in space operations, there is a need for increased education. Initiatives like the European Space Agency’s collaboration with Rhea Group have led to the development of dedicated Space Operations Cyber Ranges. These ranges offer services such as preparation, testing, and training for cyberattacks, along with 24/7 managed Security Operations Centre (SOC) support. Two consortia consisting of Estonian companies are developing a concept for a space cyber training range. The first consortium includes Spaceit, CybExer, and CGI; the second includes Nortal and Talgen. Foundation CR14, established by the Estonian defense ministry, is also a member of both consortia. The new range should, among other things, allow us to simulate specific space-related environments and potential threats, validate various industry-specific components and processes, and contribute to the development of know-how related to space cyber defense.
Space Cybersecurity: a Strategic Issue in the Current Geopolitical Context from Anais Shay-Lynn Videlingum
The security of space infrastructures is a geopolitical issue, as space-based resources are increasingly used by our societies in all fields, from construction and financial markets to military capabilities. The rapid development of objects and services powered by satellites is contributing to a growing dependence on space in all fields. Being present in space has become a strategic issue over time, depending on the interest of decision-makers in the use of space. Protecting satellites in low, medium, or geostationary orbit is now a strategic asset for governments, the military, and commercial operators alike, to ensure continuity of service and guarantee a degree of resilience.
Space Oddities: What is ‘Secure-by-Design’ and Why Does it Matter for Satellites? from Mikols Tomka and Isabela Leandersson, Pasimoni and Tarides
In response to the cybersecurity agencies’ advice, some people may argue that the risks are mitigated in the context of Space IoT and edge computing because satellites are more difficult to attack. Unfortunately, this could not be further from the truth. Not only are satellites vulnerable to attack, but the infrastructure they provide is critical to many fundamental systems across the globe. Much of that critical infrastructure is, as of today, relatively unprotected!
Tim Fowler will provide a training course called “Introduction to Cybersecurity in Space Systems” at “The Most Offensive Con that Ever Offensived – Bypass Edition” event.
This event is organized by Antisyphon Training. This event will take place from 13 to 15 March, 2024.
Summit: March 13, 2024
Summit Training: March 14-15, 2024
About the course “Introduction to Cybersecurity in Space Systems”
Introduction to Cybersecurity in Space Systems is a course designed to expose cybersecurity professionals to the concepts and implementations of space systems including the ramification and impacts security can have on a mission.
In this course each element is broken down into its most basic components and we look at how proper security can be applied; what tradeoffs must be made and many of the operational constraints governing every design decision.
This course walks students through each of the segments that make up a space system, the subsystems that comprise a spacecraft, and ways that each need to be defended from attacks.
This course also includes multiple hands-on labs that will walk students through the process of implementing a custom ground station solution, a virtual satellite with simulated subsystems, and executing simulated attacks against both.
At the completion of this course, students will have a fundamental knowledge and understanding of space systems, how and where security can be implemented and have a set of tools, they can use to further their knowledge and experience.
If you wan to know what you will learn in thi scourse, check the Antisyphon Training website here.
Tim has obtained and maintains multiple industry certifications (OSCE, OSCP, OSWE, CRTO, CRTL, CISSP) and has leveraged his skills and knowledge both in consulting as well as working internally in multiple security roles within Fortune 100 financial institutions.
He frequently contributes to the infosec community by speaking con conferences, writing blogs, and participating in webcasts. He continues to hone his skills and abilities by having a research minded focus and not being afraid to fail in the process of learning.
Tim previously did a presentation at BSIDES St. Louis 2023 hacking education conference.
About the summit, The Most Offensive Con that Ever Offensived – Bypass Edition!
Is it the best defense is a good offense or the best offense is a good defense? For all the defenders out there, wouldn’t it be nice to understand the mind of an offensive security professional? And for all the offensive security professionals, wouldn’t it be amazing to learn from others who think about all the best ways to bypass defenses.
Join the Antisyphon Training team for hours of stimulating offensive talks, panels, and hopefully rants about what we can do to keep this arms race from growing cold.
This is a free event, where you can connect with your fellow attendees through Discord and Zoom chat! Keep the comments and memes flowing as our speakers share their knowledge with the community.
Learn to throw and take a punch at The Most Offensive Summit that Ever Offensived… again.
Find below my certificate of completion
To know more
Link to my article about the previous presentation of Tim at BSIDES St. Louis 2023 hacking education conference.
Angelina Tsuboi is a programmer, mechatronics developer and Engineer, a pilot, a Scientific Researcher and cybersecurity researcher. She is currently working for NASA. She is interested in educating others about the exciting field of aerospace cybersecurity in conjunction with developing her own programs and research in the field.
She is dedicated to advancing technology by developing inventions and conducting eclectic scientific research.
She is focused on applying computational and artificial intelligence to research fields such as electromagnetism, astrophysics, quantum mechanics, and biology.
To celebrate the holiday season, Angelina created comprehensive guides centered around aerospace cybersecurity, exploring concepts across satellites, drones, aircraft, and beyond — all at a special holiday discount.
This is a four extensive step-by-step manuals covering aerospace cybersecurity.
This bundle includes : Aerospace Cybersecurity: Satellite, Aerospace Cybersecurity: Drones, Aerospace Cybersecurity: Airplanes, Aerospace Cybersecurity: Signals Intelligence
Learn about aerospace cybersecurity, with this interactive step-by-step aerospace cybersecurity bundle. This bundle contains four manuals covering different subfields in aerospace security: satellites, drones, airplanes, and signals intelligence systems.
Topics Covered :
Satellites: Learn about satellite communications systems and common vulnerabilities found within satellite firmware and programs.
Drones: Uncover the vulnerabilities and intricacies of drone communication systems. Explore how malicious actors might exploit UAV and learn about defensive strategies.
Airplanes: Navigate the cybersecurity challenges in aircraft systems. Gain insights into the unique complexities of aviation networks, from in-flight data transmission to ground-based communications.
Signals Intelligence: Dive into modern electronic warfare with a focus on signals intelligence. Understand how SIGINT plays a role in deciphering, intercepting, and analyzing communications, offering a crucial advantage in safeguarding aerospace systems.
Learn more about aerospace cybersecurity, with this interactive step-by-step satellite security manual. This guide walks you through satellite communication basics to advanced satellite signal analysis and protocol exploitation via programs and immersive labs.
Topics Covered :
Satellite Communication Basics: Build a strong foundation in satellite communication, exploring frequency bands, modulation techniques, and transmission protocols.
Satellite Tracking and Identification: Master advanced methods like orbital parameter analysis, radio frequency monitoring, and optical tracking. Understand the critical role of accurate tracking for defense and attack scenarios.
Satellite Vulnerabilities and Threats: Delve into the vulnerabilities satellites face, from weak encryption to physical attacks. Learn to defend against potential threats effectively.
Satellite Signal Analysis: Acquire skills in decoding and interpreting satellite signals, including telemetry, tracking, and control signals. Understand hacker techniques and how to thwart them.
Satellite Protocol Exploitation: Uncover security weaknesses in communication protocols like TCP/IP, DVB-S, and CCSDS. Gain practical experience in exploiting and mitigating these vulnerabilities.
Learn more about aerospace cybersecurity, with this interactive step-by-step drone security manual. This guide walks you through UAV communication basics to advanced digital forensics and RF communication exploitation via programs and immersive labs.
Topics Covered :
Drone Systems and Threat Modeling: Decode the fundamental components, architecture, and threat modeling techniques, providing insights into potential vulnerabilities.
Drone Identification and Tracking: Master the art of recognizing drone identifiers and implementing tracking methods, including RF triangulation, GPS tracking, and radar systems.
Ground Control System: Uncover the pivotal role of ground control systems, identifying vulnerabilities and fortifying security measures.
Drone Digital Forensics: Navigate the realm of digital forensics tailored to drone incidents. Acquire skills to investigate, analyze digital evidence, and reconstruct events.
Radio Communications and Protocols: Gain proficiency in wireless communication protocols such as Wi-Fi, radio control, and cellular networks. Learn to intercept and analyze drone communications.
Countermeasures and Defense: Arm yourself with knowledge to safeguard drones against potential threats. Explore encryption, authentication, RF signal jamming, and other defense techniques.
Learn more about aerospace cybersecurity, with this interactive step-by-step signals intelligence for aerospace security manual. This guide walks you through aerospace signals communication basics to advanced modulation techniques via programs and immersive labs.
Topics Covered :
Conceptual Understanding of Satellite, Drone, and Aircraft Communication Systems: Gain a deep insight into the communication frameworks of satellites, drones, and aircraft, laying a robust conceptual foundation for further exploration.
Decoding Aerospace Transmissions: Acquire practical skills in decoding complex transmissions, unraveling the intricacies of communication protocols employed in aerospace systems.
Relevant RF Analysis Tools for Enhanced Cybersecurity: Familiarize yourself with essential tools such as GNU Radio, SatDump, and Fissure, honing your ability to perform precise and effective RF analysis.
Packet Decoding and Reverse Engineering: Master the art of packet decoding and reverse engineering, crucial skills for understanding and manipulating data within aerospace communications.
Emerging Prevalence of SIGINT in Modern Electronic Warfare: Explore the evolving landscape of signals intelligence in the context of modern electronic warfare, understanding its growing significance.
Defensive Strategies to Safeguard Aerospace Systems: Equip yourself with defensive strategies to fortify aerospace systems against common RF attacks, ensuring the resilience of critical communication infrastructure.
Learn more about aerospace cybersecurity, with this interactive step-by-step airplane security manual. This guide walks you through airplane telemetry and subsystem basics to radar interpretation and in-flight entertainment system firmware analysis via programs and immersive labs.
Topics Covered :
Aircraft Attack Surfaces and Threat Modeling : Uncover vulnerabilities in aviation systems and build threat models to proactively identify potential risks.
Internet of Wings (IoW): Navigate the connectivity landscape of aviation and learn to secure the Internet of Things (IoT) soaring through the skies.
Threat Modeling and Mitigation : Delve into aviation-specific threat modeling techniques and mitigation strategies to fortify aerospace systems.
Secure Communication with Ground Control : Master the art of ensuring secure and reliable communication between aircraft and ground control.
Securing Passenger Wi-Fi and Inflight Entertainment Systems : Explore the challenges of securing passenger amenities while ensuring a safe and enjoyable flying experience.
ADS-B and Radar Systems : Gain insight into vulnerabilities associated with Automatic Dependent Surveillance–Broadcast (ADS-B) and radar systems.
Regulatory Framework and Compliance : Navigate the complex landscape of aviation regulations, including FAA and ICAO standards, to ensure compliance.
Data Encryption and Protection : Master the intricacies of encrypting and protecting sensitive aviation data against cyber threats.
Incident Response and Recovery Planning : Develop comprehensive incident response and recovery plans tailored to aviation cybersecurity incidents.
I just successfully completed the comprehensive course on « Aerospace Cybersecurity: Satellite Hacking » and passed successfully the final exam with a result of 90%.
This course is led by Angelina Tsuboi in collaboration with PenTest Magazine. This course was for me an incredible journey that I started in September 2023.
In this course, I developed my skills in: Satellite reconnaissance, Communication Analysis and Eavesdropping, Reverse Engineering and Decoding Communication, Vulnerabilities and Attacks.
The final exam was very challenging. There was purely cybersecurity questions that were easy for me to answer. But there was also questions of a more general nature that ware very challenging.
In this course, I covered the following topics: Orbital Mechanics, Satellite Reconnaissance, Decoding Satellite Communication, Satellite On-Board Systems, Listening to Satellites via Radio Frequencies, Vulnerability Analysis of Satellites, Common Attacks employed against satellites, Detection of satellite hacking.
I got skills about: OSINT for satellite systems and Operations, Satellite Tracking, Satellite Eavesdropping and Packet Decoding, Satellite Signals Intelligence, Satellite Attack Understanding, Satellite File and Data Forensics, Attack Mitigation and Threat Modeling.
At the end of the course, we explored the Future of Satellite Cybersecurity like SpaceOS, 5G satellite, Quantum Cryptography, Quantum Encryption.
In conclusion, this Satellite Cybersecurity course will provide a comprehensive understanding of satellite hacking techniques, along with the tools and strategies required to defend against them using digital forensics and attack vector detection.
I highly recommend this course to anyone interested in exploring the fascinating realm of satellite cybersecurity. It offers a comprehensive learning experience that equips you with the tools and knowledge necessary to navigate and safeguard satellite systems effectively.
A special thank’s to the amazing instructor Angelina Tsuboi and the entire course team with Bartłomiej Adach for their dedication and expertise in curating such an enriching educational experience.
What an incredible start to 2024.
I've had some incredible opportunities and I've been able to do some really interesting things.
I continue my role as...
I’m very proud to receive the following certificate of completion for having successfully completed the training course : « Introduction to Cybersecurity in Space...
Introduction
In this article, I will show how I used the MITRE EMB3D™ Threat Model to identify vulnerabilities in SIEMENS PLCs that were exploited by...
Collaborative framework provides common understanding to mitigate cyber threats to critical infrastructure
MCLEAN, Va. & BEDFORD, Mass., May 13, 2024--(BUSINESS WIRE)--The EMB3D Threat Model is...
In March of 2022, Network battalion 65 (NB65), a hacktivist affiliate of Anonymous, publicly asserted its successful breach of ROSCOSMOS’s satellite imaging capabilities in...
Avec l'aimable autorisation de Martial Le Guédard, nous reproduisons ci-dessous sa cartographie au sujet des différents acteurs étatiques évoluant dans le domaine du Cyber...
KYPO is a Cyber Range Platform (KYPO CRP) developed by Masaryk University since 2013. KYPO CRP is entirely based on state-of-the-art approaches such as...
