The FBI and Cybersecurity & Infrastructure Security Agency issued a warning late Thursday about possible threats to U.S. and international satellite communications networks.
What You Need To Know
- The FBI and Cybersecurity & Infrastructure Security Agency issued a warning late Thursday about possible threats to U.S. and international satellite communications networks
- The agencies published a bulletin urging critical infrastructure organizations, satellite network providers or their customers to strengthen their cybersecurity
- The alert references “the current geopolitical situation,” but does not explicitly mention the Russia-Ukraine war
- However, Reuters reported that a blitz of cyberattacks on satellite internet modems began Feb. 24, the same day Russia invaded Ukraine; those attacks are under investigation
The agencies published a bulletin urging critical infrastructure organizations, satellite network providers or their customers to strengthen their cybersecurity.
“CISA remains concerned about the threat to U.S. and Allies’ satellite communications (SATCOM) networks,” Eric Goldstein, executive assistant director for cybersecurity at CISA, said in a statement provided to Spectrum News. “As the nation’s cyber defense agency, CISA is committed to sharing information that helps protect the nation’s critical infrastructure. CISA strongly recommends satellite communication providers and end users review this advisory and immediately implement the recommended mitigation measures to protect their networks. Now, more than ever, organizations must put their shields up to protect against cyber threats and report any unusual or malicious activity to CISA.”
The alert references “the current geopolitical situation,” but does not explicitly mention the Russia-Ukraine war. CISA, a division of the Department of Homeland Security, did not answer a question about whether it believes the war is linked to the possible satellite network threats.
However, Reuters reported that a blitz of cyberattacks on satellite internet modems began Feb. 24, the same day Russia invaded Ukraine. According to Reuters, Western intelligence agencies are investigating the attacks, which have disrupted broadband service from satellite internet provider Viasat, a U.S. company.
The agencies have not yet publicly accused any groups of being behind the attacks.
“Were it to be ultimately attributed to Russia, it would very much fit within what we expect them to do, which is use their cyber capabilities to support, ultimately, their military campaign,” a British official told reporters Friday, according to Reuters.
CISA and FBI are recommending a number of steps organizations and customers that rely on satellite networks should take to mitigate the potential for cyberattacks. They include lowering their threshold for reporting malicious cyber activity, stepping up monitoring to detect the presence of insecure remote access tools or suspicious network traffic, restricting security privileges, using secure methods of authentication and ensuring passwords are strong.
The British official said the U.K. is investigating the threats “quite actively” and also working to provide guidance to organizations there.
The FBI declined to comment Friday.
Note: This article was updated to say the FBI declined to comment.