Updated May 10, 2022: The U.S. government attributes this threat activity to Russian state-sponsored malicious cyber actors. Additional information may be found in a statement from the State Department. For more information on Russian malicious cyber activity, refer to cisa.gov/uscert/russia.
Actions to Take Today:
ā¢ Use secure methods for authentication.
ā¢ Enforce principle of least privilege.
ā¢ Review trust relationships.
ā¢ Implement encryption.
ā¢ Ensure robust patching and system configuration audits.
ā¢ Monitor logs for suspicious activity.
ā¢ Ensure incident response, resilience, and continuity of operations plans are in place.
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are aware of possible threats to U.S. and international satellite communication (SATCOM) networks. Successful intrusions into SATCOM networks could create risk in SATCOM network providersā customer environments.
Given the current geopolitical situation, CISAās Shields Up initiative requests that all organizations significantly lower their threshold for reporting and sharing indications of malicious cyber activity. To that end, CISA and FBI will update this joint Cybersecurity Advisory (CSA) as new information becomes available so that SATCOM providers and their customers can take additional mitigation steps pertinent to their environments.
CISA and FBI strongly encourages critical infrastructure organizations and other organizations that are either SATCOM network providers or customers to review and implement the mitigations outlined in this CSA to strengthen SATCOM network cybersecurity.
Click here for a PDF version of this report.
CISA and FBI strongly encourages critical infrastructure organizations and other organizations that are either SATCOM network providers or customers to review and implement the following mitigations:
All organizations should report incidents and anomalous activity to CISA 24/7 Operations Center at [email protected] or (888) 282-0870 and/or to the FBI via your local FBI field office or the FBIās 24/7 CyWatch at (855) 292-3937 or [email protected].
March 17, 2022: Initial Version |May 10, 2022: Added Atrribution
cisa.gov/known-exploited-vulnerabilities
csrc.nist.gov/publications/detail/sp/800-63b/final
public.govdelivery.com/accounts/USDHSCISA/subscriber/new?topic_id=USDHSCISA_138
twitter.com/CISAgov
twitter.com/intent/tweet?text=Strengthening%20Cybersecurity%20of%20SATCOM%20Network%20Providers%20and%20Customers+https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-076a
www.cisa.gov/capacity-enhancement-guides-federal-agencies
www.cisa.gov/shields-up
www.cisa.gov/uscert/ncas/tips/ST04-002
www.cisa.gov/uscert/russia
www.dhs.gov
www.dhs.gov/foia
www.dhs.gov/performance-financial-reports
www.dni.gov/files/ODNI/documents/assessments/ATA-2022-Unclassified-Report.pdf
www.dni.gov/files/ODNI/documents/assessments/ATA-2022-Unclassified-Report.pdf
www.facebook.com/CISA
www.facebook.com/sharer/sharer.php?u=https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-076a&title=Strengthening%20Cybersecurity%20of%20SATCOM%20Network%20Providers%20and%20Customers
www.fbi.gov/contact-us/field-offices
www.instagram.com/cisagov
www.linkedin.com/company/cybersecurity-and-infrastructure-security-agency
www.linkedin.com/sharing/share-offsite/?url=https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-076a
www.nsa.gov/Press-Room/News-Highlights/Article/Article/2910409/nsa-issues-recommendations-to-protect-vsat-communications/
www.nsa.gov/Press-Room/News-Highlights/Article/Article/2910409/nsa-issues-recommendations-to-protect-vsat-communications/
www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/2949885/nsa-details-network-infrastructure-best-practices/
www.oig.dhs.gov/
www.state.gov/attribution-of-russias-malicious-cyber-activity-against-ukraine/
www.surveymonkey.com/r/CISA-cyber-survey?product=https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-076a
www.usa.gov/
www.whitehouse.gov/
www.youtube.com/@cisagov
mailto:?subject=Strengthening%20Cybersecurity%20of%20SATCOM%20Network%20Providers%20and%20Customers&body=www.cisa.gov/news-events/cybersecurity-advisories/aa22-076a