Transport (stations, airports, etc.) concentrates more and more people but also technologies in order to constantly optimize boarding and disembarkation procedures. These concentration points are critical for the regions that host them. They are privileged targets, exposed to many advanced threats (terrorism, espionage, sabotage, diplomatic pressure…). As the availability of transport is critical, the associated IT systems must have security measures in place to prevent any accidental or malicious interruption.
Luggage sorting systems analyze all suitcases and parcels before loading them in the hold. These analyses are carried out by proven systems, which are subject to specific certifications. A malicious third party, by taking remote control of this type of device, can modify the analysis matrices so that dangerous baggage is no longer detected. Once the compromise has been made, the attacker can simply check in his luggage, which then passes through the security filters and on to the aircraft.
Special lighting systems make it possible to manage the lighting of entire runways that guide aircraft during the approach phase and on the ground. A computer attack on these systems allows a malicious third party to potentially change the display phases of the stop bars and cause collisions between several aircraft. In the night phase, untimely extinctions can also be carried out and severely disrupt all flight plans.
Video protection systems are mandatory in the boarding area. They make it possible to investigate quickly after an incident occurs and to evaluate situations in a broad manner. In the event of an advanced and coordinated attack on an airport area, a remote-control takeover allows the attackers to take advantage of the police by removing their ability to fly, thus not allowing access to the boarding area. The deletion of data by these attackers can be extremely complicating for the investigation.
Remote display systems are at the heart of airport operations. They provide the necessary tracking information for all passengers transiting through the terminals: boarding and check-in gates, flight numbers, possible delays, etc. A compromise of this type of system allows an attacker to directly influence the behaviour of those present on the scene: disorganisation, propaganda messages, panic, etc.
With its wide range of coverage and its ease of deployment and exploitation, the TEHTRIS XDR Platform offers a real capacity to protect the various technological means used in transport, whether in a standard office environment or in a more specific environment such as airport applications.
The TEHTRIS XDR Platform, through its SIEM functions, also provides a log audit and review capability, which is particularly useful to ensure the integrity of access in sensitive areas (access restricted areas, airside…).
The EDR’s remediation capabilities provide real-time protection against the execution of targeted and non-targeted threats. They therefore make it possible to stop threats before they have had the slightest impact on the information system. In addition, the very low use of local resources induced by our cyber arsenal allows deployment in a constrained environment on specific systems (industrial applications, PLC security, protection of an environment disconnected or with a degraded connection…).
In addition, TEHTRIS’ SOC service provides an expert view of events that occur on monitored information systems.