Placeholder alt text
Found inSATELLITE 2023

Viasat Hack Still Dominates Cybersecurity Discussions A Year Later

July 24th, 2023
Picture of Mark Holmes
Mark Holmes

The hack on Viasat’s KA-SAT network in early 2022 is still casting a shadow over cybersecurity discussions more than a year later.

In a cybersecurity panel on March 16 at SATELLITE, Mike Regan, vice president of Business Performance for the Telecommunications Industry Association (TIA), highlighted the Viasat breach and other recent security breaches at AT&T and T-Mobile over the last couple of years. He spoke of the frustrations that these attacks could have been avoided.

“When you look at the forensics, it is frustrating that so many things are avoidable,” Regan said. “Where were the access controls for the VPN devices for Viasat? Where was multi-factor authentication? The risk could have been avoided. If you look at the Solar Winds [incident], the results of that are still being felt today. One of key lessons is don’t treat satellite networks as any less important than others. When you talk about something like supply chain security, that touches every aspect of an organization. When we talk about an approved cyber posture, it covers everything.”

Manjula Sriram, chief information and security officer of Iridium offered the satellite operator perspective. It’s a mindset that everyone has to think about security in a “holistic” way, she said.

While the incident of a broken VPN connections which led to the Viasat hack were unfortunate, “if you have a flat tire, you have a flat tire,” she says. “If someone enters your network, no matter how much encryption you have, you must have identity access management. You have to have basic hygiene. We at Iridium believe everyone has to have a security mindset.”

Sriram spoke of the importance of company auditing to improve security and find where the gaps are. Iridium has a security champions program, she said, and every department has a “champion.” “From our CEO, top down, we are all focused on security,” Sriram said. “It is the cost of doing business.”

Mathieu Bailly, co-founder and director of CYSEC, said that while the industry talks a lot about Viasat, attacks on space systems, whether on the ground systems or space systems is not a new phenomenon, and something that had been going on for decades.

“These [Viasat] modems were commercial grade, so everything was open. There were vulnerabilities there as a result. I think there is now a big shift of how we perceive security on the space market,” Bailly said. “The line between government and commercial is definitely more blurred than before. Some commercial players are providing data to Ukraine. They are waking up to security as they know they could now be targeted by the Russians. For us, we need to make security accessible.”

Bailly spoke of the importance of education in the satellite sector, even among the engineering community. He said, “Space has been a very niche market compared to things like finance, automotive. We need to open up, and have more transparency. It is a question of adaptation. When you talk to engineers in the field, they don’t have a security background. We need to do a better job in terms of education. Space engineers in Europe haven’t done security or cryptography courses. We need to do a better job of educating young engineers. Having attacks like Viasat is a wake-up call for the industry.”

Michael Allen, director of Business Development for Beyond Gravity USA said protections and applications need to be kept updated. Cyber attacks are always changing, and operators need to look at contracting security firms to find out where their gaps are. “Cyber attacks are changing. The US Marshals Service was attacked last week with a ransomware attack. We need to learn how we can handle the evolving threat,” Allen said.

Shaun Waterman, cybersecurity correspondent for Newsweek, and former Via Satellite writer, praised the work of people like moderator Greg Falco, assistant professor for John Hopkins University, who helped analyze how the attack was carried out.

Waterman said that hackers were persistent and he speculated on what they might have tried next, had they failed to get in. Attackers only have to be lucky once — whereas defenders have to be lucky every time.

“Viasat bought KA-SAT. There is going to be a period of time, you won’t be in control of it, even though you own it. There are always going to be seams and gaps where hackers can take advantage,” Waterman said.

Given what has happened recently, Waterman believes more could be done on the government side to help the space sector.

“The U.S. government doesn’t see space as critical infrastructure. This creates the situation where you have no center of gravity to push this forward in space,” he said. “There are regulatory agencies out there, but someone has to take this issue by the scruff of the neck. There isn’t an institutional framework in place for this. Someone has to write rules. I think it has to be driven by the White House.” VS