A zip attachment contains a img with an exe: the malware. The other, a pdf downloading a zip with an exe: the same malware. The data is exfiltrated via SMTP.
EU training against cyber threats to air transport continues
The EU trains in the management and response to cyber accidents affecting the air transport sector
On 29 and 30 May, the EU Cybersecurity Agency ENISA and the European Aviation Safety Agency EASA will host a technical training session on incident response, incident handling and artefacts analysis at ENISA’s headquarters in Athens, Greece. The goals are 3: to provide an overview of the cybersecurity threat landscape for aviation information infrastructure; to introduce the Network and Information Security Directive and to deliver a technical training on Incident Handling and artefacts forensics customised for the aviation sector. This will be a customised technical training based on ENISA’s 2016 ‘Securing smart airports’ report on threat modelling and security measures for airports and relevant stakeholders. In details the training will include triage and basic incident handling; artefact and malware analysis. The target audiences are airports, national aviation authorities, air carriers, air traffic control and international organizations interested to train their cyber security professionals in incident handling.
The ENISA-EASA training course is part of the EU efforts to increase the cybersecurity of the air transport sector, as the maxi exercise Cyber Europe 2018 (CE2018)
The ENISA-EASA training course is part of the EU efforts to increase the cybersecurity of the European air transport sector. During the year there will be a maxu cyber defence exercise on this issue: Cyber Europe 2018 (CE2018). The performances will be the fifth annual pan european exercise for contrasting digital threats. The first one was held in 2010 and the last in 2016 with the participation of over 1000 persons. It was decided to focus on the IT threats to the civil aviation sector, as it is one of the more exposed to aggressions from cybercrime as well as from terrorists and state hackers. The first by means of acts of ransomware or identity theft of the passengers. The second through acts of cyberwarfare, confirmed by last year’s incidents. The danger, however, is a concrete and constant one. Throughout the Old Continent and not only.