From ongoing penetrations by “hacktivists” to state-sponsored attacks, cyber threats against satellite communications networks are proliferating at an alarming rate. The constantly shifting arena is putting extra accountability on commercial providers, who are not immune from the same threats the government faces.
This ongoing challenge reinforces the need for advanced security technologies to stay one step ahead of the bad guys – especially as hybrid systems create new vulnerabilities when linking traditional satellite networks and ground-based systems.
“More and more it is hybrid networks that we are operating, and the services that we are selling use both terrestrial and space assets,” says Thierry Guillemin, executive vice president and chief technology officer at Intelsat, in a recent Aviation Week story. “Because of that we are also vulnerable to the threats you will find on terrestrial infrastructure in general, so we have to take care of the entire system.”
As highlighted in the article, Intelsat is already playing a key role in this effort by closely monitoring the flow of traffic on its networks for the signs of illicit cyber activity.
The company also applies various information security standards and regulations, such as ISO 27001 and KPMG’s Service Organization Control 3, which further help mitigate threats. In addition, as new technologies are developed, Intelsat’s engineers build security in from the start – rather than adding it in “after the fact.”
Along these same lines, Intelsat recently published a white paper titled, “Security in Space: Intelsat Information Assurance,” which maps out the company’s strategy for providing the highest level of Information Assurance by building our infrastructure, networks and third party infrastructures against the most stringent DoDI 8500.2 MAC Level I controls.
The bottom-line is that both commercial providers and government agencies always have to be ready for any type of network breach from a wide-range of sources. Furthermore, while satellite interference is often not purposeful, the need to be prepared for it has never been greater.
“Our view of the world is that it is an extremely dynamic landscape, and you do not make any assumptions,” added Guillemin in the article. “Everything is specific. You want to be ready for any kind of attempt to breach your system wherever it comes from, no preconception, and you want your security posture to be as comprehensive as possible.”