FBI warns for more satellite cyber attacks
2022-03-22A report from the FBI and the USA’s Cybersecurity & Infrastructure Security Agency says more attempts are likely to occur in future, similar to the recent hacking of Viasat’s KA-SAT communications satellite. The report warned that a successful intrusion could create risk in their customer environments.
The recent Viasat outage affected their direct customers in Ukraine but also reportedly interfered with some 5,800 wind turbines in Germany. Viasat provides communications to the Ukraine military although this connectivity has more recently been aided by Elon Musk’s Starlink system.
The CISA and FBI said in a joint advisory that they are aware of possible threats to U.S. and international satellite communication (SATCOM) networks.
The advisory contains mitigation actions for both SATCOM operators and their customers to take amid US and European investigations into a major outage affecting Viasat's internet service for fixed broadband customers in Ukraine and elsewhere on its European KA-SAT satellite network.
The agencies are recommending SATCOM operators review the security of communications to and from end-user terminals. CISA also warns customers to review IT supply relationships and the NSA's January 2022 recommendations for protecting very small-aperture terminal (VSAT) networks.
CISA suggests SATCOM providers consider using secure methods for authentication, including multi-factor authentication where possible for all accounts used to access, manage, and/or administer networks. Enforcing the principle of least privilege through authorization policies is also recommended.
It also suggests using and enforcing strong, complex passwords. Review password policies to ensure they align with the latest NIST guidelines. Do not use default credentials or weak passwords. Audit accounts and credentials: remove terminated or unnecessary accounts; change expired credentials.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.