SD Cybersecurity:
Protecting Your Data at Any Altitude

Business aircraft, and flight departments present unique targets of opportunity. Malicious actors no longer need to compromise an organization’s hardened security perimeter to get to high value targets if they can compromise an unmanaged or unmonitored aircraft network.

One of the most common myths in the industry is that once the aircraft’s Wi-Fi signal is out of the range of those on the ground, it is safe from an attack. Nothing could be farther from the truth. Today’s sophisticated hackers, and advanced persistent threat (APT) groups sponsored by nation states, and criminal organizations now go out of their way to target executives, VIPs and high net worth individuals.

SD Threat Monitoring

Visibility is the first step in protecting your assets. If you can't see what is flowing to and from your network, you have no way of knowing if there is an issue, or when it occurs. SD Threat Monitoring provides this for your aircraft, and the devices connected to it.

Using a variety of enhanced threat analysis and prevention solutions - such as Antivirus, Modern Malware Protection and Threat Intelligence services - our in-house network security experts actively monitor network activity against a host of potential threats to detect and block intrusion attempts before they ever reach your airplane.

When an event is identified, we immediately send you an alert, help you identify the root cause and provide recommended steps for remediation.

In 2019 alone, SD has blocked over 475 critical threats to customer aircraft, and over 1,700 high and medium threats.

1

Low

Threats Blocked

1

Medium

Threats Blocked

1

High & Critical

Threats Blocked

To see a real SD Incident Report, sent to an SD Cybersecurity customer earlier this year, please fill out the form below.

The Threat Monitoring module in SD Pro provides you with a real-time, centralized in-flight view of the cabin network, including networks and applications in use, identified threats, the level and type of threat, and actions SD has taken to protect the network.

SD Pro

CIOs, IT security teams, and flight departments can be confident that their networks and data are secure when flying with SD’s cybersecurity services.

Why Traditional Anti-Virus Is Not Enough

Advanced targeted attacks can bypass standard signature based anti-virus solutions increasing your risk of phishing attacks, security breach and data theft.

  • Most data breaches are through customized malware attacks. Polymorphic malware changes itself to modify its detection signature, enabling it to bypass standard anti-virus solutions.
  • Business travelers often use mobile devices for convenience. Most mobile devices such as tablets and smart phones are not equipped with anti-malware software; this lack of security could provide an opportunity for threat actors to compromise the device and provide a pivot point further into the network. Our Threat Monitoring service can detect and block this malicious activity when it attempts to “call home” to its command and control server.
  • Even the best anti-virus software may not be able to detect malicious activity if the attackers use internal system functionality, such as PowerShell to mask their activity. This attack method is called “Living off the Land”. Our unique defense-in-depth strategy identifies multiple attack vectors and stops them in their tracks.
  • Social engineering attempts to manipulate users into revealing sensitive information or to click malicious web links. These threats are often disguised as official emails from familiar sites you may be associated with.

SD Threat Monitoring Methodology: Defense In Depth

Cybersecurity threats are constantly evolving making data protection challenging.

Our Threat Monitoring starts with advanced security hardware, adds layers of technology and custom traffic routing to protect data, and continues with human intervention. We utilize our technology, people and processes to evaluate traffic patterns to detect and block sophisticated attacks. SD’s certified cybersecurity experts alert your teams to critical cybersecurity threats and enhance your visibility into the often-overlooked office in the sky, your aircraft.

Enterprise Firewall

Enterprise Firewall

monitors incoming and outgoing traffic and helps detect external attacks trying to execute a malicious action on the airborne network. This allows our security experts to respond, avoiding and/or stopping the attack.

Embedded Antivirus

Embedded Antivirus

unlike typical antivirus, SD’s are dynamically updated to help prevent a malicious action that can put your data at risk. Files received via email, USB device or direct internet download are targets of this technology which scans unencrypted traffic for viruses and malicious content, and blocks them, mitigating risk.

Intrusion Prevention

Intrusion Prevention Systems

detects and blocks exploit attempts and evasive techniques on both the network and application layers, including port scans, buffer overflows, and protocol fragmentation. This technology alerts our team that a hack is happening, so we can take immediate steps to stop it and track down the root cause.

Modern Malware

Modern Malware Protection

blocks highly evasive exploits like polymorphic malware, and instantaneously identifies existing malware variants. Unlike some malware solutions, we use heuristics – behavior-based scanning – and sophisticated machine learning techniques to analyze and pinpoint malicious files, eliminating traditional reliance on signature databases. The result? More effective cybersecurity.

URL Filtering

IP Blacklisting

is used proactively to block known bad web sites and malicious content, reducing risk and making the network safer.

Threat Intelligence Services

Threat Intelligence Services

our cybersecurity experts use evidence-based information to identify airborne network threats, while helping to mitigate exposure to them. We analyze and prioritize global and targeted threats to proactively prevent attacks.

 

High Security Posture, Key Certifications

Security is a cornerstone of our business. We’ve invested in SD Training, the SD Data Center, SD Pro, and the SD team, for your peace of mind.

Combined with SD’s Certified Cybersecurity experts, our Defense In Depth Threat Monitoring approach to cybersecurity gives you and your team the confidence that inflight passenger data communications, and the airborne network, are safe.

Going the Extra Mile: The SD Data Center

Satcom Direct is the only data provider in business aviation that operates a wholly-owned data center dedicated to safeguarding your connectivity and communication streams.

The SD Data Center is the foundation for all of Satcom Direct’s services and the base from which we can help you build a tailored cybersecurity strategy. Whereas other providers outsource this to third-party data centers, with Satcom Direct your data never leaves the company’s 25,000 sq. ft. purpose-built facility that meets Tier III standards, complies with major industry requirements, and is designed to withstand a Category 5 hurricane. In other words, your data is safe here.

To learn more about security for your business jet cabin network, contact the SD team today.

cybersecurity@satcomdirect.com

+1 321.777.3000

SD: Connected Aircraft. Synchronized Flight Department. Customized Cybersecurity.

Top