Cisco Talos and other security researchers have recently reported on a series of malicious campaigns targeting the aviation industry. These reports mainly center around the crypter that hides the usage of commodity malicious remote access tools. In September, two of those researchers published a blog outlining how they were able to track an aviation cyber targeting campaign to actor who has been targeting the aviation industry for several years. The research analyzes how the use of commodity malware and the acquisition of crypts to wrap the malware can make them more effective, allowing such an operation to run under the radar for years, while causing serious problems for its targets. During this interactive session, Vitor Ventura, lead security researcher for Talos Security at Cisco, gives an overview of the research that went into this discovery, and what can be done to prevent such attacks in the future.