{"id":18610,"date":"2022-03-29T03:10:08","date_gmt":"2022-03-29T11:10:08","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2022\/03\/29\/news-12343\/"},"modified":"2022-03-29T03:10:08","modified_gmt":"2022-03-29T11:10:08","slug":"news-12343","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2022\/03\/29\/news-12343\/","title":{"rendered":"Satellites are critical infrastructure and need to be cybersecured"},"content":{"rendered":"<p><strong>Credit to Author: Pieter Arntz| Date: Tue, 29 Mar 2022 10:27:03 +0000<\/strong><\/p>\n<p>In the context of this article we will use the term satellite for a machine that is launched into space and moves around Earth. And there might be a lot more of them than you would expect\u2014this <a href=\"https:\/\/geoxc-apps2.bd.esri.com\/Visualization\/sat2\/index.html\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">live map<\/a> tracks a huge number of satellites.<\/p>\n<p>Originally most of earth\u2019s satellites\u00a0were launched for scientific reasons. Some because of their unique ability to provide a view of a large area of the earth\u2019s surface, and others because they are able to study space without having to deal with the atmosphere.<\/p>\n<p>Today, a majority of the satellites in orbit are used in some form of communication. That&#8217;s not surprising when you consider that Elon Musk&#8217;s <a href=\"https:\/\/www.spacex.com\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">SpaceX<\/a> is by far the largest operator of satellites. In September 2021, the total number of satellites amounted to <a href=\"https:\/\/dewesoft.com\/daq\/every-satellite-orbiting-earth-and-who-owns-them\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">4550<\/a>, with 1655 of them belonging to SpaceX. SpaceX\u2019s Starlink satellite Internet program plans to send more than a thousand new satellites into orbit every year.<\/p>\n<p>Commercial satellites, like Starlink, provide us with the ability to have things like Internet access, television, GPS, and scientific information about the weather and other processes in the atmosphere and on the surface.<\/p>\n<h2>CISA<\/h2>\n<p>On March 17, 2022, the Cybersecurity &amp; Infrastructure Security Agency (CISA) published an <a href=\"https:\/\/www.cisa.gov\/uscert\/ncas\/alerts\/aa22-076a\">al<\/a><a href=\"https:\/\/www.cisa.gov\/uscert\/ncas\/alerts\/aa22-076a\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">e<\/a><a href=\"https:\/\/www.cisa.gov\/uscert\/ncas\/alerts\/aa22-076a\">rt<\/a> in conjunction with the Federal Bureau of Investigation (FBI) which warned of possible threats to US and international satellite communication (SATCOM) networks.<\/p>\n<p>Along with that alert came a <a href=\"https:\/\/www.cisa.gov\/uscert\/sites\/default\/files\/publications\/AA22-076_Strengthening_Cybersecurity_of_SATCOM_Network_Providers_and_Customers.pdf\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">report<\/a> that provided mitigation strategies for SATCOM providers and their customers. And, as part of CISA\u2019s <a href=\"https:\/\/www.cisa.gov\/shields-up\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Shields Up<\/a> initiative, all organizations are being asked to significantly lower their threshold for reporting and sharing indications of malicious cyberactivity.<\/p>\n<h2>Russia<\/h2>\n<p>On March 2, 2022 the current head of the Russian Roscosmos State Space Corporation, Dmitry Rogozin, <a href=\"https:\/\/interfax.com\/newsroom\/top-stories\/75057\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">said<\/a> that Russia will consider any cyberattacks targeting Russian satellite infrastructure an act of war. This didn&#8217;t seem to stop activist group NB65 from claiming that it had disabled WS02, the Rocosmos Vehicle Monitoring System.<\/p>\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\">\n<div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">We won&#39;t stop until you stop. <a href=\"https:\/\/t.co\/Cy1kiAN0bc\">pic.twitter.com\/Cy1kiAN0bc<\/a><\/p>\n<p>&mdash; NB65 (@xxNB65) <a href=\"https:\/\/twitter.com\/xxNB65\/status\/1498563301525102594?ref_src=twsrc%5Etfw\">March 1, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script> <\/div>\n<\/figure>\n<h2>Viasat<\/h2>\n<p>On February 28, 2022 US-listed satellite communications firm Viasat Inc said it was investigating a suspected cyberattack that caused a partial outage in its residential broadband services in Ukraine and other European countries. Among other things, the outage caused a disruption of the remote monitoring and control of 5,800 wind turbines in Central Europe, with a total capacity of 11 gigawatt (GW).<\/p>\n<h3>Starlink<\/h3>\n<p>Viasat operates large geostationary satellites. Geostationary means they are synchronized with the earth\u2019s rotation, which results in a stationary orbit at a point about 35,000 kilometers from Earth.<\/p>\n<p>Viasat\u2019s geostationary approach is the traditional method of providing broadband service from space, but other operators, like Starlink, use satellites in <a href=\"https:\/\/en.wikipedia.org\/wiki\/Low_Earth_orbit\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">low earth orbits<\/a>. This requires more satellites, but provides higher speeds.<\/p>\n<p>In answer to a request for Starlink support from Ukraine digital minister Mykhailo Fedorov, SpaceX\u2019s CEO Elon Musk was quick to respond and promise help.<\/p>\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\">\n<div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Starlink service is now active in Ukraine. More terminals en route.<\/p>\n<p>&mdash; Elon Musk (@elonmusk) <a href=\"https:\/\/twitter.com\/elonmusk\/status\/1497701484003213317?ref_src=twsrc%5Etfw\">February 26, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script> <\/div>\n<\/figure>\n<h2>Critical infrastructure<\/h2>\n<p>The examples above demonstrate how networks of satellites and space systems are vulnerable to cyberattack, and create a backdoor into the physical and digital systems we rely upon on a daily basis. <\/p>\n<p>While we tend to think about other things first when we are discussing critical infrastructure, the underlying systems that enable technology functionality across these sectors often rely on space systems. For example, some high-tech farming equipment relies on GPS information provided by satellite.<\/p>\n<p>Like so many other important assets, a lot of space systems were developed without cybersecurity in mind. Around the turn of the century, cybersecurity was not a big concern, and during the development of some systems no special cybersecurity parameters were deployed because engineers thought the technology was too advanced for a hacker to compromise.<\/p>\n<p>It wasn\u2019t until NASA set up the Cyber Defense Engineering and Research Group (CDER) that anyone looked at the unique cybersecurity requirements that distinguishes space mission systems from traditional firewalled data servers.<\/p>\n<p>And it wasn\u2019t until the end of 2016, that AT&amp;T encrypted NASA\u2019s Deep Space Network (DSN), after a <a href=\"https:\/\/www.extremetech.com\/extreme\/134334-could-you-hack-into-mars-rover-curiosity\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">report on how to hack into the Mars Rover<\/a> appeared on the Internet.<\/p>\n<h2>Recommendations<\/h2>\n<p>If you know or suspect that an important part of your organization\u2019s internal processes depends on satellite services, the CISA report provides some guidelines for customers of SATCOM providers:<\/p>\n<ul>\n<li>Use secure methods for authentication.<\/li>\n<li>Enforce principle of least privilege through authorization policies.<\/li>\n<li>Review existing trust relationships with IT service providers.<\/li>\n<li>Implement independent encryption across all communications links leased from, or provided by, your SATCOM provider.<\/li>\n<li>Strengthen the security of operating systems, software, and firmware, <a href=\"https:\/\/www.malwarebytes.com\/business\/vulnerability-patch-management\">including vulnerability and patch management<\/a>.<\/li>\n<li>Monitor network logs for suspicious activity and unauthorized or unusual login attempts.<\/li>\n<li>Create, maintain, and exercise a cyberincident response plan, resilience plan, and continuity of operations plan so that critical functions and operations can be kept running if technology systems\u2014including SATCOM networks\u2014are disrupted or need to be taken offline.<\/li>\n<\/ul>\n<p>Stay safe, everyone!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/vital-infrastructure\/2022\/03\/satellites-are-critical-infrastructure-and-need-to-be-cybersecured\/\">Satellites are critical infrastructure and need to be cybersecured<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/vital-infrastructure\/2022\/03\/satellites-are-critical-infrastructure-and-need-to-be-cybersecured\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Pieter Arntz| Date: Tue, 29 Mar 2022 10:27:03 +0000<\/strong><\/p>\n<p>Satellites have become a main link in communications, and given some recent events it has become clear why we consider them to be critical infrastructure.<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/vital-infrastructure\/2022\/03\/satellites-are-critical-infrastructure-and-need-to-be-cybersecured\/\">Satellites are critical infrastructure and need to be cybersecured<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[14182,23583,13519,25507,8093,25508,25509,25510,25511,15619,17224,14315,25512,25513,21437],"class_list":["post-18610","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-att","tag-cisa","tag-communication","tag-dsn","tag-nasa","tag-nb65","tag-patchmanagement","tag-rocosmos","tag-satcom","tag-satellites","tag-shields-up","tag-spacex","tag-starlink","tag-viasat","tag-vital-infrastructure"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/18610","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=18610"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/18610\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=18610"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=18610"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=18610"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}