Voting
?What about new design for our website
- Excellent
- Very Good
- Good
Voting Number 1647
- 'Birds of Goodness' executes 43rd humanitarian aid airdrop in north Gaza
- EDGE Becomes a Global Player in Non-Lethal Technologies by Acquiring Industry Leader CONDOR
- Birds of Goodness executes 42nd humanitarian aid airdrop in north Gaza
- Birds of Goodness executes 41st humanitarian aid airdrop in north Gaza
- Birds of Goodness delivers over 3000 tons via 40 airdrops since humanitarian operation commenced.
- 'Birds of Goodness' executes 39th humanitarian aid airdrop in north Gaza
- 'Birds of Goodness' executes 38th humanitarian aid airdrop in north Gaza
- Saab delivers fourth GlobalEye to the UAE
- Birds of Goodness executes 37th humanitarian aid airdrop in north Gaza
- Birds of Goodness executes 36th humanitarian aid airdrop in north Gaza
- Birds of Goodness executes 35th humanitarian aid airdrop in north Gaza
- Led by the Commander of Joint Operations .. A delegation from the Ministry of Defense, has initiated several-day visit to the People's Republic of China
- Birds of Goodness executes 34th humanitarian aid airdrop in north Gaza
- Birds of Goodness' executes 33rd humanitarian aid airdrop in north Gaza
- Birds of Goodness delivers over 2,000 tonnes of aid via 32 airdrops since humanitarian operation began
- On the 2nd day of Eid al-Fitr... Birds of Goodness Executes 31st Humanitarian Airdrop and Eid Clothing in North Gaza
- On the first day of Eid Al-Fitr,UAE and Jordan conduct 14th joint food aid airdrop in northern Gaza
- UAE and Jordan conduct 13th joint food aid airdrop in northern Gaza
- 'Birds of Goodness' Executes 29th Humanitarian Aid Airdrop and Eid Clothing in North Gaza.
- UAE and Jordan conduct 12th joint food aid airdrop in northern Gaza
2016-05-10
BATTLING THE CYBER ATTACKS
Airbus Defence and Space offers solutions to make critical IT environment safer
Airbus Defence and Space is the European specialist in cyber security, putting innovation at the heart of its strategy in order to defend its customers against ever-evolving cyber threats. The business cluster provides customers with a global cyber defense approach that dynamically associates network monitoring, early detection and investigation, through to incident response whenever necessary. Guy Meguer, General Manager of CyberSecurity at Airbus Defence and Space in the Middle East talked to Nation Shield on the challenges civilian and military sectors face in cyber security. Excerpts:
By Sakha Pramod
Could you tell us about your expertise to take on the present security challenges faced by organizations?
The aims of cyber attackers are manifold: The first one is the criminal threat, stealing bank information, getting money from ATMs etc. which are very well known. The second category relates to terrorism. This kind of attackers are using the Internet to support their activities and for their propaganda.
The third category is cyber espionage. The aim in this case is to inconspicuously infiltrate an organisation’s IT network in order to steal its most sensitive information; commercial, strategic, IPRs (Intellectual Property Rights) or advanced research programs are the most targeted information. The fourth category is cyber sabotage, aiming at destroying information systems and production lines, as we’ve seen it a couple of years ago with major oil and gas companies attacked. Each category will have its own way of countering the threats.
The third category is cyber espionage. The aim in this case is to inconspicuously infiltrate an organisation’s IT network in order to steal its most sensitive information; commercial, strategic, IPRs (Intellectual Property Rights) or advanced research programs are the most targeted information. The fourth category is cyber sabotage, aiming at destroying information systems and production lines, as we’ve seen it a couple of years ago with major oil and gas companies attacked. Each category will have its own way of countering the threats.
If you are focusing on the Middle East, the important threats are cyber sabotage and cyber espionage. In cyber sabotage, as we have seen some well-known cases in the Middle East, they use cyber weapons to totally destroy the targeted IT system. In order to counter these threats, you need to understand how the attackers are working as they always use the same kind of methodology to get access to the systems.
First, they send some phishing messages which contain a malware. Once the file is opened, the malware is released, and may go from machine to machine trying to exploit some vulnerability in order to access to administration rights. Once they escalate their rights, they can access to the entire IT system. From there, they can steal information, destroy the database, exfiltrate data or freeze the system.
First, they send some phishing messages which contain a malware. Once the file is opened, the malware is released, and may go from machine to machine trying to exploit some vulnerability in order to access to administration rights. Once they escalate their rights, they can access to the entire IT system. From there, they can steal information, destroy the database, exfiltrate data or freeze the system.
To prevent these attacks, Airbus Defence and Space has developed along the years a comprehensive portfolio of cyber security products and solution to defend its customers against the most sophisticated threats.
Do you have some product to detect the malware well in advance?
Yes, Airbus Defence and Space proposes Keelback Net, a solution for detection and advanced investigation of sophisticated attacks. Keelback Net constantly monitors data traffic, identifies and detects threats, analyses stealthy characteristic signs of a security breach and instantly raises an alarm if an attack is suspected.
The alarm is immediately qualified by Airbus Defence and Space experts using a continually updated knowledge database. This is today the most advanced technology for early malware detection. The malware code is sent into a ‘sandbox’ which is an isolated environment, where the experts can analyse the potential effects of the attack and decide the containment plan. It is primordial to understand what the hacker is doing or you will not be able to tackle him.
The alarm is immediately qualified by Airbus Defence and Space experts using a continually updated knowledge database. This is today the most advanced technology for early malware detection. The malware code is sent into a ‘sandbox’ which is an isolated environment, where the experts can analyse the potential effects of the attack and decide the containment plan. It is primordial to understand what the hacker is doing or you will not be able to tackle him.
You said Keelback can detect malware. But it needs training. Do you give training?
Our Cyber Security Training Centre at Airbus Defence and Space offers a wide range of training courses, for all levels either at our premises or on site, covering the following three areas. The first is cyber awareness where training is adapted to various profiles from the top executive to IT teams through to all employees, with the most relevant training techniques, in order to assess customer employees’ cyber maturity and/or to provide them the keys to understand the latest cyber security challenges.
The second is cyber portfolio which covers a range of training courses to support the deployment and operation of our cyber solutions and security products. The third is specific training offering a high customer added-value through a kind of simulator and several possible scenarios, with on-demand customized training to support the customer’s projects.
In addition to the training offer, the transfer of know-how is fully part of our strategy in the Middle East. We aim to support our customers, especially in the governmental sector, in being autonomous to manage their information security as it is part of their national sovereignty.
In what way is Keelback Net different from similar products in the market?
Keelback Net is one single solution, or a single appliance, which is designed to do what the others are doing with four different products: intrusion detection, full packet capture, file analysis and data storage. Thus we have higher efficiency and we are capable to tackle the attacks more quickly. There is always a race between the attackers and the defenders. The shorter the time to detect is, the better the efficiency gets. Otherwise, if you lose time, the attackers will introduce and start something in your system.
Keelback Net further differentiates itself by its in-depth analysis capabilities (called Keelback Analytics), which are realised by experts from Airbus Defence and Space’s Cyber Defence Centre. These experts supplement real-time analysis with advanced investigation functions that are based on technologies developed by Airbus Defence and Space and enhanced by our threat knowledge database, which is continuously updated with information about new cyber attack strategies.
Does Keelback Net already have customers?
Yes, Keelback Net has many references, and I can mention one of them: the international French-speaking television channel TV5MONDE to protect and monitor its information systems in the wake of the cyber attack on the television network on the April 8 2015. Moreover, Airbus Defence and Space has deployed Stormshield Endpoint Security, a solution developed by its Stormshield subsidiary to protect workstations and servers. The solution blocks any and all attempts to hack into workstations and servers while remaining imperceptible to users.
Cyber security requirements for military and civil organizations are different. Do you have separate products for these two sectors?
The requirements for military and civil organizations are different but, at the end, all the organizations are using IT systems and the attackers are using the same breaches. The military agencies will look at having more “isolated” networks, but this is far from being sufficient.
The requirements are different but the solutions are quite the same. For the military market, we have developed tailored-made projects among these, the ‘MTLID Tactique’ a defensive cyber warfare system. But the expertise needed is the same as the one for the civil market.
The requirements are different but the solutions are quite the same. For the military market, we have developed tailored-made projects among these, the ‘MTLID Tactique’ a defensive cyber warfare system. But the expertise needed is the same as the one for the civil market.
Do you have any training centers in the UAE?
As part of our transfer of know-how, Airbus Defence and Space supports the organizations managing training and education in the UAE. Our trainers are able to meet our customers in the Middle East, and can support them from our Training Centers located in France, Germany and United Kingdom. We aim to be as close as possible to our customers.
So if any organization is interested in your products, it has to send their employees to you for training?
It depends of the number of trainees but we adapt our solutions to our customer requirements and needs. More generally, we do what is more efficient.
Your last word?
We face a dramatic rise in cyber attacks with more and more sophisticated cyber threats. So we need to be flexible and agile as attackers, otherwise they will gain ground. As a trusted industrial firm, we are making an active contribution, because as far as we are concerned, cyber security is not simply a market opportunity, but also a duty.
Visitors Comments
Related Topics
.
No Comments