Operators must learn from past security breaches to avoid more crippling attacks against their satellite networks. Experts also caution against certain myths.
One of the most prevalent misconceptions is that domain specific knowledge needed for hacking is not readily available. Various cases disproved this myth. Hackers are getting more skilled. Another dangerous myth is that hackers must get hold of system specifications in order to succeed. This has been proven to be wrong. It is a classic example of reverse engineering motivating hackers.
Military and government satellite communications providers are at risk of having a false sense of security by believing that strong encryption is the key to satellite network security. The opposite could be true.
In response to modern SATCOM security threats posed by cunning hackers, service carriers need to focus on threat modelling instead. They need to identify potential security threats to their system and imagine how hackers would work on it. With poor threat modelling, a lot of resources could be wasted on ineffective security measures like firewalls, intrusion prevention, anti-virus and the like. Surprisingly, majority of penetration tests are carried out incorrectly. Such tests often limit the scope of test so it won’t exceed the maximum level of ineffectiveness, thus deceiving the higher management and customers.
Threat modelling involves a thorough analysis of processes, external actors, data stores and data flows. All possible security threats should be identified automatically from data flow diagrams (DFDs) models. Doing so will ensure efficient use of satellite security resources.
It is a must to pay attention to both insider and external threats. Cybersecurity Watch reported that 21% of security breaches were caused by insiders,and 33% of CSOs considered such attacks as more costly. Oftentimes, insider threats are actually accidental like malware infection while browsing.
Amid grave threats of satellite communications hacking, the conference on ‘Securing Space Assets for Peace and Future Conflict’ at the National Defense University reiterated the importance of cyber security, with majority of participants believing that securing space capabilities demands serious attention. The United States National Institute of Standards and Technology (NIST) recommends the development of an overall cyber security risk management framework. It also published guidelines on processes and compliance verification.
SATCOM specialists should also develop means to see signs of security breaches. They should keep an eye on bandwidth usage, network failure, new host on the network or lack of a critical host or service. Security by obscurity seems to be an outdated concept. NIST thinks security by obscurity is not the sole answer to network attack.