Catalyst / admin/AirportCyberSimulator 14.8 GB / 57.8 GB 40.0 GB free
Help Sign in

admin / AirportCyberSimulator

public

Airport Cyber Attack Simulation Application

Code Issues Pull requests Pipelines Packages Security Insights Wiki Settings
AirportCyberSimulator / airport-cyber-sim / backend / data / playbooks.json 2876 B · main
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
[
  {
    "playbook_id": "pb_01_ransomware",
    "name": "The OT Gridlock (Ransomware)",
    "ingress_point": "baggage_handling",
    "ingress_method": "Employee plugged in an infected USB drive found in the terminal.",
    "ingress_icon": "usb_drive",
    "spread_events": [
      {"delay_seconds": 5, "target": "check_in", "vector": "Shared Network Drive"},
      {"delay_seconds": 12, "target": "logistics", "vector": "Automated Routing API"}
    ],
    "description": "Adversaries exploit an unpatched remote access vulnerability in the operational technology (OT) network."
  },
  {
    "playbook_id": "pb_02_iot_botnet",
    "name": "The Silent Choke (IoT Botnet)",
    "ingress_point": "hvac_systems",
    "ingress_method": "Default admin credentials left on internet-facing smart thermostat.",
    "ingress_icon": "unlocked_padlock",
    "spread_events": [
      {"delay_seconds": 8, "target": "terminal_access", "vector": "Building Management VLAN"},
      {"delay_seconds": 18, "target": "atc_tower", "vector": "Shared Environmental Controls"}
    ],
    "description": "Physical environment compromise via poorly secured smart building devices."
  },
  {
    "playbook_id": "pb_03_supply_chain",
    "name": "The Third-Party Siphon (API Breach)",
    "ingress_point": "retail_pos",
    "ingress_method": "Phishing email compromised a retail vendor's external support account.",
    "ingress_icon": "phishing_email",
    "spread_events": [
      {"delay_seconds": 6, "target": "ticketing_db", "vector": "Payment Gateway API"},
      {"delay_seconds": 15, "target": "public_wifi", "vector": "Customer Data Sync"}
    ],
    "description": "Data exfiltration via a compromised third-party vendor API connection."
  },
  {
    "playbook_id": "pb_04_insider",
    "name": "The Rogue Insider (Credential Theft)",
    "ingress_point": "security_screening",
    "ingress_method": "Disgruntled employee used rogue smartphone to capture supervisor QR badges.",
    "ingress_icon": "rogue_smartphone",
    "spread_events": [
      {"delay_seconds": 4, "target": "identity_db", "vector": "Admin Access Elevation"},
      {"delay_seconds": 10, "target": "boarding_gates", "vector": "Biometric Override"}
    ],
    "description": "Bypassing perimeter defenses using legitimate but stolen administrative access rights."
  },
  {
    "playbook_id": "pb_05_spoofing",
    "name": "The Blind Spot (Signal Spoofing)",
    "ingress_point": "atc_tower",
    "ingress_method": "Unsecured maintenance VPN accessed via brute-force attack.",
    "ingress_icon": "vpn_breach",
    "spread_events": [
      {"delay_seconds": 7, "target": "runway_lighting", "vector": "Tower Control Protocol"},
      {"delay_seconds": 14, "target": "airplane_comms", "vector": "VHF Radio Spoofing"}
    ],
    "description": "Catastrophic kinetic impact via GPS and communication signal manipulation."
  }
]