DOD Moves on Satellite Cyber Guidance After Russian Threats – Blog 7

Cybersecurity concerns resulting from the Russia-Ukraine war are leading to new security approaches for satellites.

Upcoming cybersecurity guidance aims to safeguard U.S. commercial satellites against emerging cyber threats amid concerns foreign adversaries will target commercial satellites and cripple U.S. military operations and allies.

The cybersecurity guidance, known as the Infrastructure Assurance Pre-Approval initiative (IA-Pre), falls in line with the 2022 National Defense Strategy. The U.S. military and critical infrastructure sectors increasingly rely on commercial satellites for mission-critical communications, such as the Defense Department’s Joint All-Domain Command-and-Control (JADC2) initiative.

The SSC CSCO news also comes one week after a Russian senior foreign policy official threatened to target U.S. commercial satellites if they aid Ukraine.

“What [the war in] Ukraine has shown is that commercial companies and satellites are going to be targets of electronic warfare, jamming, active disruption of the service itself,” Ultisat President and CEO David Myers said during a CyberSatGov 2022 panel in Reston, Virginia, this week. “Then the extreme of it is an increased investment from Russia and China in kinetic anti-satellite technology. The real scary part about that is the ability to pollute an entire orbital plane that creates a debris field that destroys every other satellite in the adjacent plane.”

“Working with the U.S. commercial sector, the U.S. government will strengthen the cyber posture of the space sector and supply chains.   Cyber resilience will be enhanced by, for example, modern encryption and a zero trust architecture. In the space domain, [DOD] will reduce adversary incentives for early attack by fielding diverse, resilient and redundant satellite constellations.”

Jared Reece, branch chief for SSC CSCO, said his office aims to develop strong relationships with industry to provide cybersecure space and satellites technologies to DOD’s Commercial Satellite Communication Services (COMSATCOM) via IA-Pre.

Todd Gossett, vice president of corporate development at SES Government Solutions, said the entire satellite industry and DOD should be “tracking” cyber hygiene policy and key cyber guidance from government because of the war in Ukraine.

“We have to be 100% effective every day [because] adversaries just have to have one good day,” he said during a panel on cyber lessons learned from the war in Ukraine. “The cybersecurity posture in many ways is the same, that said, there’s been an increase in technical measures as well as information to get earlier and higher awareness. NIST 800-171, CMMC … all those things continue to help us defend the network, but we have to be vigilant every day and effective every day so that spurs us to action.”

So why is this interesting to me? Finally, it appears agencies and the Government are taking things seriously. Other parties are putting it out there as to how they will attack our satellite, commercial and DoD. Commercial and Government will need to work together if they want to have a chance of deterrence.

DOD Moves on Satellite Cyber Guidance After Russian Threats (