Cyberattacks are on the rise, and satellite operators are not immune, especially as they make bolder moves into broadband data connectivity.
Lim Kian Soon, head of satellite at Singtel, warned satellite players to take security seriously and take steps to protect themselves and their customers.
In the last couple of years the headlines have been increasingly filled with stories of companies being hacked or subjected to DDoS attacks. And many of the hackers carrying out those attacks are generally professional, organized and well-funded (either by states or crime syndicates), and they have very specific objectives that they are willing to achieve via long-term occupation.
That latter point is particularly important, says Lim, because often breaches go undetected for months.
“According to research from FireEye, the median time from the actual breach to discovery of the breach is 205 days,” Lim said during the satellite track at the CommunicAsia2016 Summit Tuesday. “Of the companies they surveyed, 67% found out about the breach from an external source. And 100% of them had their firewalls and security software up to date.”
Satellite companies are of course no strangers to security threats, whether because they are nationalistic enterprises or because they deal in critical infrastructure for governments, the military, aeronautical and maritime that terrorists and other criminals would want to exploit.
But data creates new vectors of attack, including the internet, corporate networks, apps, users and supplier networks, Lim said.
Potential attack targets for satellite operators include atomic clocks on GPS systems, ground segment satellite systems, signal jamming, integrity of satcom devices, navigation satellites, on-board computers, weak encryption and mobility/BYOD.
Satellite operators face similar challenges in securing data networks, from hackers becoming more sophisticated to a lack of cybersecurity skills, especially for specific areas like maritime satellite, for example. And deployment of cybersecurity solutions is technically complex.
Lim said that satellite players do have the option of outsourcing security management. As it happens, Singtel offers managed security services, powered by its acquisition of Trustwave as well as partnerships with companies like Akamai, FireEye, Palo Alto and Checkpoint.
As a proof-of-concept, Lim pointed to Singtel’s announced partnership in April with Inmarsat, in which Singtel installed unified threat management software on maritime vessel servers connecting to Inmarsat’s FleetXPress service.