The commercial communications satellite industry is bracing for a future with more cyberattacks, weeks after Russian operatives are suspected of having hacked and disrupted internet service for thousands of users of Viasat’s KA-SAT network in Europe.
- Satellite operators and U.S. Space Force look to share cybersecurity technologies
- Scrutiny on the electronics supply chain is increasing
In response, commercial satellite operators and manufacturers are taking a hard look at supply chains and network monitoring to bolster defenses against possible future attacks.
“We’re looking at field user equipment and those end user devices to ensure more security at that point as well,” said Jay Chapman, Iridium Communications’ director of government solutions, at the Satellite 2022 show in Washington on March 22.
Viasat was still working to restore internet service to some of its users nearly a month after a suspected Russian cyberattack took thousands of KA-SAT satellite terminals in Europe offline starting Feb. 24, Viasat Executive Chairman Mark Dankberg said at Satellite 2022.
The company has “a very good understanding of exactly what happened,” he said. He declined to comment specifically on how the attackers breached Viasat’s system.
“It took thousands of terminals offline,” he said. “It didn’t affect the satellite, didn’t affect the network infrastructure, but it did take a number of modems offline.”
The company is working to bring home-internet customers back online as fast as possible, Dankberg said. “In most of the cases where the modems are offline, they need to be replaced,” he said. “They can be refurbished, so we’re cycling modems through.”
Viasat’s KA-SAT system was vulnerable to a cyberattack because it was in transition following the company’s purchase of the satellite and ground infrastructure from former partner Eutelsat in April 2021.
“The customer base that we acquired is still being upgraded by a third party as part of a transition agreement. On the cyberattack, we have a very good understanding of exactly what happened,” Dankberg said. “Typically, we monitor everything that goes on the network. We believe this particular event was preventable, but we didn’t have the capability in that case.”
The Cybersecurity and Infrastructure Security Agency (CISA) and FBI warned on March 17 “of possible threats to U.S. and international satellite communication networks.”
The agency noted: “Given the current geopolitical situation, CISA’s Shields Up initiative requests that all organizations significantly lower their threshold for reporting and sharing indications of malicious cyberactivity.”
To defend against similar threats, commercial and defense customers are likely to share cybersecurity technologies, Ryan Reid, president of Boeing Commercial Satellite Systems International, said at Satellite 2022.
“I think [you’re going] to see more of those technologies that are applicable in a contested space, whether [it be] jam resiliency or cybersecurity,” Reid said. “I think the customers see the strategic value of resilient, calm communications.”
Collaborative commercial-defense efforts are already underway. As of 2021, nine U.S. commercial satellite operators were working with the U.S. Space Force as part of the Combined Force Space Component Command’s Commercial Integration Cell, to exchange information on “unplanned space events,” according to a Vandenberg Space Force Base fact sheet.
The participating companies—Eutelsat America, Hughes Network Systems, Inmarsat, Intelsat General Communications, Iridium Communications, Maxar Technologies, SES Government Solutions, Viasat and XTAR—also have signed Cooperative Research and Development Agreements with the Space Force to facilitate technology exchanges with the Space Force.
“That collaboration is very important,” said Iridium’s Chapman. “There’s quickly a recognition across the community for us all to be paying attention to what is happening within our networks.”
Dylan Browne, president of OneWeb’s government business unit, said at Satellite 2022 that his company is a big fan of zero-trust architecture, an approach to IT security that emphasizes constant reverification of device identity and integrity. He adds that low-Earth-orbit constellations have built-in advantages. “[Low-Earth-orbit] satellites move fast. Frequency planning is not predictive,” Browne said. “So the network in itself has inherent capability. But that’s not enough.”
Satellite manufacturers and operators are also looking for vulnerabilities within their supply chains.
“We’re having to scrutinize our supply chain even more,” says Tina Ghataore, chief commercial officer with Mynaric, a company that makes laser communications devices. “We have restrictions on where procurement parts can come from, specifically electronics and things.”
Whatever technologies are incorporated, industry executives say a new level of watchfulness will be needed. “It keeps us on our toes to make sure we’re closing [as many] doors as possible,” Chapman said. “Cybersecurity and the aggressors’ activity are constantly evolving.”
Complacency could be devastating, industry executives say. “There will be worse cyberattacks than [those that have] happened if we are not really vigilant,” Dankberg said. “It is a constant battle.”