Okay so, when earlier companies were formed, they didn’t have fax machines, and there was no such thing as a cellular phone. They didn’t have computers either, and probably many folks that are graduating college right now have never known a time when there were not computers, cell phones, and the Internet. But since the late 70’s, everything has changed, and it will never be the same again. Indeed, everything about you and your family is now on the Internet, or online in some database.
Unfortunately, all of that is being exploited by corporations who want to sell you something, by governments who want to keep a watchful eye on you, and by hackers who have criminal intent. Indeed, I can make this statement; “none of your personal privacy is safe in the Internet and information age.” And isn’t it interesting that if I made that comment in a room with 100 people, no one would disagree with me. And yet people are gladly putting all their information online and giving private information to various websites who they believe they can trust.
Well, what is that famous CIA line; “trust no one!” – And that’s about it isn’t it? There was an interesting comment and posting on SlashDot posted on June 8, 2011 titled “Cybersecurity and the Internet Economy” posted by Samzenpus, and he quoted Ormone 1;
“Global online transactions are currently estimated by industry analysts at $10 trillion annually. As this grows, so has the threat of cybersecurity attacks. The Department of Commerce released a report proposing voluntary codes of conduct to foster cybersecurity of firms relying on the Internet, but not part of the critical infrastructure sector stating; ‘By increasing the adoption of standards and best practices to promote innovation & growth, while protecting companies & consumers from hackers & cyber theft.'”
In other words, not only is your small business, and your family’s private information less than safe online, or sitting in some data center somewhere, but our entire economy, military, government, and most all corporations could crash due to a cyber-attack. In other words, no one is safe, not a real person, not a created person, and not even a government agency or the military. We live in a new age, and information age, and the cyber threats to the future of our economy, businesses, and government, not to mention our personal information are all at risk.
Another Prevailing Danger
Satellite operators must learn from past security breaches to avoid more crippling attacks against their satellite networks. Experts also caution against certain myths.
One of the most prevalent misconceptions is that domain specific knowledge needed for hacking is not readily available. Various cases disproved this myth. Hackers are getting more skilled. Another dangerous myth is that hackers must get hold of system specifications in order to succeed. This has been proven to be wrong. It is a classic example of reverse engineering motivating hackers.
Military and government satellite communications providers are at risk of having a false sense of security by believing that strong encryption is the key to satellite network security. The opposite could be true.
In response to modern SATCOM security threats posed by cunning hackers, service carriers need to focus on threat modelling instead. They need to identify potential security threats to their system and imagine how hackers would work on it. With poor threat modelling, a lot of resources could be wasted on ineffective security measures like firewalls, intrusion prevention, anti-virus and the like. Surprisingly, majority of penetration tests are carried out incorrectly. Such tests often limit the scope of test, so it won’t exceed the maximum level of ineffectiveness, thus deceiving the higher management and customers.
Threat modelling involves a thorough analysis of processes, external actors, data stores and data flows. All possible security threats should be identified automatically from data flow diagrams (DFDs) models. Doing so will ensure efficient use of satellite security resources.
It is a must to pay attention to both insider and external threats. Cybersecurity Watch reported that 21% of security breaches were caused by insiders, and 33% of CSOs considered such attacks as costlier. Oftentimes, insider threats are actually accidental like malware infection while browsing.
Must Read : How To Access Blocked Websites
Amid grave threats of satellite communications hacking, the conference on ‘Securing Space Assets for Peace and Future Conflict’ at the National Defense University reiterated the importance of cyber security, with majority of participants believing that securing space capabilities demands serious attention. The United States National Institute of Standards and Technology (NIST) recommends the development of an overall cyber security risk management framework. It also published guidelines on processes and compliance verification.