The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have released a joint report outlining a new threat to U.S. and international satellite communication networks (SATCOM). In the advisory they stated that they were aware of threats towards SATCOM networks and were warning all users to make sure they have their networks secure. The report came just days after an outage of a European SATCOM network, believed to be caused by a cyber incident. The report includes information on how to mitigate attacks amongst fear that as additional sanctions are added against Russia, more cyber-attacks will be seen.
Analyst Notes
Among many other recommendations, CISA suggests SATCOM providers consider:
• Using secure methods for authentication, including multi-factor authentication where possible for all accounts used to access, manage, and/or administer networks.
• Using and enforcing strong, complex passwords. Review password policies to ensure they align with the latest NIST guidelines. Do not use default credentials or weak passwords. Audit accounts and credentials and remove terminated or unnecessary accounts, as well as changing expired credentials.
• Enforcing the principle of least privilege through authorization policies.
The full report and other mitigation techniques can be found here: https://www.cisa.gov/uscert/ncas/alerts/aa22-076a
https://www.zdnet.com/article/cisa-and-fbi-warn-over-threats-to-satellite-communications-networks/
