admin / AirportCyberSimulator
publicAirport Cyber Attack Simulation Application
AirportCyberSimulator / airport-cyber-sim / backend / data / playbooks.json
2876 B · main
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 | [ { "playbook_id": "pb_01_ransomware", "name": "The OT Gridlock (Ransomware)", "ingress_point": "baggage_handling", "ingress_method": "Employee plugged in an infected USB drive found in the terminal.", "ingress_icon": "usb_drive", "spread_events": [ {"delay_seconds": 5, "target": "check_in", "vector": "Shared Network Drive"}, {"delay_seconds": 12, "target": "logistics", "vector": "Automated Routing API"} ], "description": "Adversaries exploit an unpatched remote access vulnerability in the operational technology (OT) network." }, { "playbook_id": "pb_02_iot_botnet", "name": "The Silent Choke (IoT Botnet)", "ingress_point": "hvac_systems", "ingress_method": "Default admin credentials left on internet-facing smart thermostat.", "ingress_icon": "unlocked_padlock", "spread_events": [ {"delay_seconds": 8, "target": "terminal_access", "vector": "Building Management VLAN"}, {"delay_seconds": 18, "target": "atc_tower", "vector": "Shared Environmental Controls"} ], "description": "Physical environment compromise via poorly secured smart building devices." }, { "playbook_id": "pb_03_supply_chain", "name": "The Third-Party Siphon (API Breach)", "ingress_point": "retail_pos", "ingress_method": "Phishing email compromised a retail vendor's external support account.", "ingress_icon": "phishing_email", "spread_events": [ {"delay_seconds": 6, "target": "ticketing_db", "vector": "Payment Gateway API"}, {"delay_seconds": 15, "target": "public_wifi", "vector": "Customer Data Sync"} ], "description": "Data exfiltration via a compromised third-party vendor API connection." }, { "playbook_id": "pb_04_insider", "name": "The Rogue Insider (Credential Theft)", "ingress_point": "security_screening", "ingress_method": "Disgruntled employee used rogue smartphone to capture supervisor QR badges.", "ingress_icon": "rogue_smartphone", "spread_events": [ {"delay_seconds": 4, "target": "identity_db", "vector": "Admin Access Elevation"}, {"delay_seconds": 10, "target": "boarding_gates", "vector": "Biometric Override"} ], "description": "Bypassing perimeter defenses using legitimate but stolen administrative access rights." }, { "playbook_id": "pb_05_spoofing", "name": "The Blind Spot (Signal Spoofing)", "ingress_point": "atc_tower", "ingress_method": "Unsecured maintenance VPN accessed via brute-force attack.", "ingress_icon": "vpn_breach", "spread_events": [ {"delay_seconds": 7, "target": "runway_lighting", "vector": "Tower Control Protocol"}, {"delay_seconds": 14, "target": "airplane_comms", "vector": "VHF Radio Spoofing"} ], "description": "Catastrophic kinetic impact via GPS and communication signal manipulation." } ] |