Cyber threats can pose a significant threat to business aviation flight operators and their passengers’ information
A threat occurs in flight
Cobalt Strike is a commercial, full-featured, penetration testing tool which bills itself as “adversary simulation software designed to execute targeted attacks and emulate the post-exploitation actions of advanced threat actors”.
Our Cybersecurity team has discovered and blocked a critical threat communicating out of your aircraft.
SD detects & blocks the threat
Things that it may be able to do:
SD notifies customer of the threat
SD’s recommendation is to identify individuals and their PCs which were connected to the aircraft’s network during the timeframe of the malicious communications and conduct a malware scan and/or reimage those devices. The malware still presents a significant risk and the compromised PC may still communicate with the C2 server if connected to a different network which is not protected by Threat Monitoring (e.g. corporate or home network).
SD provides additional information
& further guidance
Send a screen shot to the C2 server (over multiple DNS queries in the TXT record field.
Export sensitive data
View a full report