The International Cybersecurity Forum (FIC) is Europe’s leading cyber security event – covering everything from privacy and digital identity, to risk management and operational security.
The Airbus CyberSecurity team will be at FIC 2022 (7-9 June 2022, Lille Grand Palais, France) on stand #F22. Come and meet us to hear how we’re helping our clients build their cyber resilience and watch our live product demos.
Technical demonstration : Visualising the extent of a cyber attack with the SOAR PROPHECy
In this demonstration, an attacker compromises a critical system to gain multiple simultaneous “grabs” before propagating to sensitive areas of the system in order to deliver a fatal blow.
What is the best way to reconstruct and respond to such an attack as quickly as possible?
Discover the answer to this question and more with PROPHECy. Our experts will illustrate the main phases of the attack and demonstrate how to orchestrate an automatic incident response that slows down and blocks attackers.
Hacking LAB: Vulnerability research on an ESP32 IoT system
Tuesday, June 7 2022 – 2:35 PM to 3:05 PM – Solutions Area
Flavian Dola and Yann Breut, Vulnerability Researchers at Airbus CyberSecurity
Introducing the Hacking Lab – a brand new space dedicated to ethical hacking presentations and demos.
Our first demo has been designed especially for the FIC, and will focus on hacking a system controlling access to a car park. Come and join us as we have a go at:
- Radio interception (LoRa);
- Carrying out reverse engineering of the embedded system;
- Developing the tooling adapted to the ESP32 architecture;
- Searching for vulnerabilities via fuzzing / emulation;
- Exploiting the vulnerability on the model.
Hacking LAB: Making your own Stuxnet: Exploiting vulnerabilities and voodooing industrial systems
Wednesday, June 8 2022 – 11:45 AM to 12:15 PM – Solutions Area
Flavian Dola – Nicolas Delhaye – Guillaume Orlando, Vulnerability Researchers at Airbus CyberSecurity
Based on the CVEs published by AIRBUS, we will explain how we are able to reproduce the key steps of Stuxnet on another industrial environment (Schneider Modicon 340).
What’s in store? First, several vulnerabilities will allow us to take control of the engineering station. Then, unconstrained code execution will enable our experts to corrupt the industrial controller in order to modify the industrial system or transform it into a proxy for an attacker.
Hacking LAB: An Antivirus Story : Dive into a PE authentication leading to a local privilege escalation
Thursday, June 9 2022 – 11:45 AM to 12:15 PM – Solutions Area
Nicolas Delhaye, Vulnerability Researcher at Airbus CyberSecurity
Despite being designed to prevent threats, antivirus software can introduce risks into your computer system.
How? Antivirus includes many software components running with high rights, so the slightest programming error can lead to an exploitable vulnerability. Join us as we detail the steps required to exploit a kernel vulnerability on Windows 7, and obtain system rights from a user account with restricted rights.
Partners Conference : Cyber expertise sharing community
Thursday, June 9 2022 – 2:15 PM to 3:00 PM – Solutions Area
Eric Chambareau, Engineering Director at Airbus CyberSecurity
Organisations regularly face cyber threats that put their information systems at risk. To protect yourself, it’s crucial to train your employees using exercises in realistic simulation environments.
The CyberRange is an advanced simulation platform that makes it easy to model IT/OT systems and play out realistic scenarios including real cyber attacks.
Our network of partner schools and customers are constantly contributing to the improvement of this solution and the development of new simulation and training content.
Discover the Airbus CyberSecurity CyberRange HUB!
European Cyber Cup
Wednesday, June 8 to Thursday, June 9 – 9 AM to 5:00 PM
The EC2 is the first ethical hacking competition that pits engineering and cyber security students against esports security professionals. Who will be victorious?
Join us to find out! Airbus CyberSecurity is providing its gaming platform to manage teams, events and scoring. During the competition, we’ll also set up SpeedRun events, allowing teams to gain – or lose – extra points.
Round Table : The role of OSINT in L2I
Tuesday, June 7 2022 – 4:00 PM to 6:30 PM – Artois
Charlotte Graire, Senior Manager, Cyber Business Growth at Airbus CyberSecurity
As global geopolitical tensions flare up, governments are increasingly using digital networks to launch informational offensives aimed at destabilising their adversaries – or supporting their military manoeuvres on the ground.
Join us to learn how open source investigations present new opportunities to identify and counter these operations.
Orion Malware : Static and dynamic analysis of Microsoft Exchange attachments
From Tuesday, June 6 to Thursday, June 9 2022 – 10:30 AM & 3:00 PM – Booth Airbus CyberSecurity F22
Nicolas Petesque, Technical Manager, Software Designer at Airbus CyberSecurity
Orion Malware is a network file analysis platform designed to empower all security teams (SOC, CERT and CTI) by analysing files extracted from networks or submitted by users. Sorting techniques, static analysis and dynamic analysis are coupled to extract data on analysed files and qualify threats.
For example, Orion Malware can integrate into Microsoft Exchange messaging infrastructure to detect and neutralise malicious attachments.
This presentation will demonstrate Orion Malware’s ability to detect and block malware, such as ransomware received by email.
We will present the different configuration options as well as the logging and traceability aspects of the analysis system integrated with Microsoft Exchange.
PROPHECy : Simulation of a cyber attack and implementation of an incident response
From Tuesday, June 6 to Thursday, June 9 2022 – 11:00 AM & 3:30 PM – Booth Airbus CyberSecurity F22
Ewin Cannet, International Pre-Sales, Airbus CyberSecurity
Our experts will illustrate the main phases of the attack and demonstrate how to orchestrate an automatic incident response that slows down and blocks attackers.