2015 Golf & Learn August 18, 2015 Cyber-Security: Is your satellite network at risk?

Transcription

1 2015 Golf & Learn August 18, 2015 Cyber-Security: Is your satellite network at risk?

2 Introduction Mr. Alexander Benitez, GICSP Over 25 years of experience in the engineering and analysis of voice and data networks with IBM, MITRE, TASC and other employers Network design experience is bolstered by more than 15 years of experience in the vulnerability assessment of world market switches, and ancillary equipment Led teams in designing, integrating, testing and deploying advanced networks incorporating terrestrial and VSAT links, employing bulk encryption, VPNs, protocol / application acceleration, VoIP, video, firewalls, NIDs, and related network elements Traveled internationally to survey sites, plan build outs, interview, train, and transition day-to-day technical operations to a staff of foreign business partners Conducted vulnerability assessments on critical manufacturing and electric utilities Contact Information: alex.nmi.benitez@outlook.com m/

3 ICS community: Shodan -> SHINE Started cataloging Internet of Things (IoT) in 2009 Scan by IP address to capture service banners associated with: HTTP, port 80 FTP, port 21 SSH, port 22 TELNET, port 23 POP3, port 110 SNMP, port 161

4 Project SHINE SHodan INtelligence Extraction (SHINE) Started April 2012 Ended in 2014 Examined Shodan database for Internet-facing Industrial Control Systems (ICS) Over 7200 systems found across the U.S.

5 Satellite Community IntelCrawler Los Angeles-based cybersecurity firm Published report in Jan 2014 where they found at least 10,500 of those terminals globally are wide open to being hacked, according to IntelCrawler s President, Dan Clements Many VSAT systems were found to use manufacturer default passwords, often published in system manuals available on the Internet, or no password at all. Geolocation data of the VSAT terminals was also readily available

6 Ownership of the Cybersecurity Problem Everyone owns a piece of the problem AND the solution Vendors of satellite-related hardware Secure data transport protocols (e.g. SSH, SFTP, HTTPS and others) Signed patches and firmware upgrades Owner/Operators of satellite systems C2 infrastructure User data-plane management End users Will eventually drive solution through procurement reform

7 Cost of Fixing versus Doing Nothing Doing nothing allows continuum of damage to operational environment Disrupt <=> deny <=> degrade <=> destroy As observed by users, operational issues are magnified Fixing the Problem Depends on cybersecurity maturity-level of vendors, owner/operators and users Requires selection and implementation of risk-based management framework Requires ability to cross-map standards e.g. DoD RMF, NIST Cybersecurity Framework, CNSSP-12, CSC-20

8 First Steps: Triage Installed Base Goal is to rapidly reduce attack cross section Not the first critical sector to face this challenge Ref: ICS-ALERT A (UPDATE) Increasing Threat to Industrial Control Systems Replace control system references with VSAT devices or systems Minimize network exposure for all control system devices. Control system devices should not directly face the Internet. Locate control system networks and devices behind firewalls, and isolate them from the business network. If remote access is required, employ secure methods, such as Virtual Private Networks (VPNs), recognizing that VPN is only as secure as the connected devices. Remove, disable, or rename any default system accounts wherever possible. Implement account lockout policies to reduce the risk from brute forcing attempts. Implement policies requiring the use of strong passwords Monitor the creation of administrator level accounts by third-party vendors. Adopt a regular patch life cycle to ensure that the most recent security updates are installed. Must include network monitoring of vulnerable devices

9 Integrating Security Best Practices Adopt a cyber security framework Security processes add value to customer and operator environments by increasing reliability and observability e.g. Initial 5 steps of 20 Critical Security Controls can prevent up to 80-90% of all known attacks Build security into life cycle through: Procurement language Procurement_Language_Rev4_ pdf Requirements definition / Design Factory acceptance test /Site acceptance test O&M practices Decommissioning

10 GVF Cybersecurity Taskforce SSPSec-1.0 Guidance to improve and advance the security and integrity of satellite solutions offered to customers Service Provider Security Attempts to secure transit paths for data, while not controlling the endpoints of data flow Goals include: Protecting critical infrastructure Maintaining service delivery to customers Providing defense-in-depth as part of overall end-to-end security posture

11 Initial HTS architectures: Evolution of Bent-pipes Intelligence on ground grooms and merges user beams on uplink to satellite Satellite turns around user beams to allocated spot beams, independent of C2 of satellite or management of comms payload e.g. Hughes EchoStar XVII Ref: Intelsat INSIDER Q4 2014

12 Other HTS architectures: Regenerative Systems Demod of the uplink from ground station Internally switch or route packets onboard satellite Remod for downlink to user e.g. Hughes SPACEWAY 3 Ref: Intelsat INSIDER Q4 2014

13