GOVSAT
| Information security is of everybody’s concern and we bet yours too, so are you willing to take this challenge and try to revolutionize satellite and or cybersecurity industries? Here is the plot:
For the 2019 edition of Game of Code, SES and GovSat have developed a fictive use case of an imaginary company called ACME Sat. ACME Sat is satcom provider that offers managed satcom services to customers worldwide and is committed to provide best in class secure satellite communications; therefore information security is one of their top priorities. In their continuous effort to differentiate themselves in the market, they are launching a call-out to coders, information security enthusiasts and anyone willing to accept the challenge.
Your role
You will act as strategic advisor and integrator for the information security department of ACME Sat.
Your mission
Assess today’s satellite communication principles, especially in the information security context, and design and implement a solution that brings improvements to this ecosystem. Focusing on all components of satellite delivered services: cyber security, access control in unmanned locations, social engineering etc. is what ACME Sat is mostly interested.
The environment
Consider a classical satellite communication ecosystem which includes end-users as systems but most importantly as humans, satellite terminals (antennas), radio-frequency links, satellite itself, access to public terrestrial infrastructure and so on.
Your tools
There is no restrictions on technologies, platforms, programming language. You are free to define the scenario, but keep in mind the quality of the proposed scenario will also be evaluated.
We understand is vast, but so are the space and cybersecurity businesses. ACME Sat is just a classical example of a satcom provider so don’t panic, our teams will work alongside with you to shape ideas and guide you through satcom service architecture. In fact, we have some samples/ideas already here, check them out:
Sample 1: Service integrity validation using blockchain
Managed satcom services are complex and during their lifetime go through many changes such as: component replacements, satellite capacity upgrades/downgrades, supporting personnel turnover or data hosting migration from local hosting to cloud, just to name a few.
The challenge is to build a software application that uses blockchain for validating the integrity of a managed service throughout its entire lifetime regardless of the changes it might suffer.
Why? ACME Sat wants to help its customers in many ways: raise awareness about service modifications, detect unauthorized changes, verify the sanity of the components replaced or get a history of their service evolution.
Sample 2: Social Engineering Awareness
How about building an application/program that displays the digital/internet footprint of an entry (person name, company name, domain name, email address, telephone number etc.) and matches to the other of another entry.
Why? We want to bring awareness on the digital noise we leave behind us while browsing, using apps, social media and try find the source of information for those nasty targeted social engineering activities (e.g. targeted emails, phone calls etc.). We are all annoyed by them, to say the least so let’s turn this pain in a creative business opportunity!!!
Sample 3: Access Control System
Build software application that simulates a two-factor authentication access control system. What the application is going to open is a world of opportunities, but for the moment the authentication itself is of interest.
Why? The goal is to raise awareness on authentication systems and build the enhanced security systems of the future. There are some limitations: factors must be different and usage of knowledge factor (memorized passwords, PINs etc.) is not allowed. Would be too mainstream, right? However, there is plenty left to use: possession factor (exp. Token), biometric factor (iris, fingerprint, face), location factor (geolocation during the authentication attempt) or time factor (time of the attempt).
Sample 4: Make security alerts available on a smartwatch
The new revolution is to wear a smart watch. This new technology permits to always have information on hands. For security reason and to be sure to be informed about a threat, even if you are not in front of your computer, this challenge is to develop a solution to make security alerts from a security monitoring system available on a smartwatch for first assessment and triage.
Solution requirement:
Establish a novel, intuitive interface to enable an analyst to obtain a timely alert on a smartwatch (Android/Apple) and to support the analyst in performing an efficient analysis and triage. There is no specific material or automation platform imposed.
RESOURCES
Internal resources
We will make available a smartwatch and sample alert messages, which you can use to develop and present your solution.
Internet resources
To help you to do this you can find behind some information and resources you can use:
Solution Hints
You may want to consider automation platform (IFTTT, Zapier, …) to achieve the objective. The source systems could be configured to send certain selected messages to the API and trigger a notification on the smart watch app.
See more in:
Sample 5: Find the evil!
Finding the evil on complex infrastructures is a difficult and time-consuming process. Funneling down the list of files to be analysed in a security incident can save a lot of time to the analyst and freeing up precious time to be used to find real evil.
NIST is maintaining a list of good know files (National Software Reference Library), which may be a good starting point.
Your challenge could be to provide a solution to check hashes of individual files, or for bulk of hashes (e.g. all hashes from a system) against a list of good known hashes.
Solution requirement:
Your solution should allow to query of a file hash or a bulk of file hashes (using web interface, API call, script, etc). The solution should output for each of the queried hash the result (e.g. hash is database or not, source of the file, …). The solution should foresee querying a large number of files (e.g. entire Windows folder of a computer) in an efficient way.
The solution could be extended
To leverage additional reputation services and to apply advanced techniques and heuristics (e.g., approximate matching).
To perform searches across a whole corporate environment and to identify outliers and potentially malicious files.
by a GUI that enables an analyst to identify outliers and perform additional analyses on these files.
RESOURCES
To help you to do this you can find behind some information and resources you can use:
National Software Reference Library
https://www.nist.gov/software-quality-group/national-software-reference-library-nsrl
https://www.nist.gov/itl/ssd/software-quality-group/nsrl-download
https://www.nist.gov/software-quality-group/approximate-matching
https://s3.amazonaws.com/rds.nsrl.nist.gov/RDS/current/rds_modernu.zip
Solution Hints
Considering that the National Software Reference Library list contains couple of gigabyte of data you may consider using a database for storing the good known hashes.