CISA and FBI Publish Advisory for Satellite Communication Providers and Customers

On March 17, 2022, the U.S. Department of Homeland Security issued the following notice and encouraged its widest dissemination.

Critical Infrastructure Partners, 

The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA) to help organizations protect their satellite communication (SATCOM) networks against possible cyber threats to U.S. and international networks. Critical infrastructure organizations and other organizations that are either SATCOM network providers or customers are strongly encouraged to review and implement the mitigations in this CSA.

Successful intrusions into SATCOM networks could create risk in SATCOM providers’ customer environments and this advisory provides several actions that can help strengthen SATCOM network cybersecurity. The advisory is titled, “Strengthening Cybersecurity of Satellite Communications Network Providers and Customers.”

To strengthen SATCOM provider and end user cybersecurity posture, organizations that are SATCOM asset owners or end users are strongly encouraged to review and implement all mitigations, such as:

  • Use secure methods for authentication, including multifactor authentication (MFA) where possible;
  • Enforce principle of least privilege through authorization policies;
  • Review trust relationships;
  • Implement independent encryption across SATCOM communications links;
  • Put in place additional monitoring at ingress and egress points; and
  • Monitor network logs for suspicious activity.

Now, more than ever, organizations must put their Shields Up to protect against possible cyber intrusions. CISA and FBI encourage all organizations to be cognizant of this threat and apply the recommended mitigations in this advisory. In addition, we encourage all organizations to review our Shields Up webpage to find recommended guidance and actions for all organizations, corporate leaders and CEOs, steps to protect yourself and your family, and a new technical webpage with guidance from CISA and Joint Cyber Defense Collaborative (JCDC) industry partners.

Your support to amplify this advisory through your communications and social media channels is appreciated. CISA and the FBI are posting information about our joint advisory on our social media platforms.

Thank you for your continued support and collaboration.

Cybersecurity and Infrastructure Security Agency