LLC “Air Gate of the Northern Capital”, chief operator of Pulkovo International Airport, utilizes the network sandbox PT Sandbox to protect email from malicious attacks, unauthorized links, and control the receipt of files within the organization. With the help of Positive Technologies’ products, the Information Security service monitors the content (files and emails) entering the organization, identifying and blocking malicious software, including complex and previously unknown threats. PT Sandbox successfully prevented the infiltration of Trojans and exploits into the airport infrastructure following its implementation.
Airports are considered critical information infrastructure and are required to ensure uninterrupted operations even in the face of cyber threats. In 2023, during the security system modernization at Pulkovo Airport, particular emphasis was placed on safeguarding information channels from malicious programs.
Analysts suggest that approximately 40% of attacks on critical infrastructure objects are carried out using malware. To combat modern cyber attacks targeting airports, a sandbox solution was necessary to accurately detect and thwart such threats, preventing them from breaching the corporate perimeter. The Information Security specialists also sought a sandbox that offers real-time automated protection and enables incident investigations involving advanced persistent threats. Moreover, the implemented system was required to be listed in the register of domestic software and possess FSTEK certification.
During testing, PT Sandbox effectively identified cyber threats in the airport’s email traffic. As a result of successful testing, the product was integrated into Pulkovo Airport’s infrastructure in 2023. On average, PT Sandbox processes around 700 thousand objects monthly, flagging 1,500 files as suspicious and categorizing 30 incidents as dangerous.
The integration of the sandbox into the infrastructure was seamless, not requiring alterations to business processes or application interference. The solution leverages a combination of machine learning technologies, static and dynamic analysis, as well as the PT Expert Security Center and multiple antivirus engines. Positive Technologies stated, “In this project, the Information Security service implemented two object checking scenarios using our product: the first involves monitoring mail traffic in lock mode to swiftly halt the infiltration of malicious files, while the second automatically scans objects from network folders.”