In April 2022, a bipartisan group of congressmen introduced the Satellite Cybersecurity Act. Senators Gary Peters (D-MI) and John Cornyn (R-TX) authored the bill, and Congressman Andrew R. Garbarino (R-NY) joined with Congressman Tom Malinowski (D-NJ) to introduce the bill to the U.S. House of Representatives.

“We depend on satellites for everything from driving to work to defending our country, yet our space systems are vulnerable to cyberattack, and the commercial satellite industry has been asking for help to protect Americans against this threat,” said Rep. Malinowski in a statement. “Our bill directs the U.S. government’s primary cyber-defense agency to provide that help.”

Satellite Cybersecurity Act Requires Resources and Study

The congressmen created the Satellite Cybersecurity Act in response to recent threats and current processes and measures. Here are the two main components:

  • Consolidating resources and best practices. Because different companies own the satellites, they have different processes and best practices. The act requires that the Cybersecurity and Infrastructure Security Agency (CISA) create a commercial system cybersecurity clearinghouse within 180 days of the act becoming law. By creating a public hub and uniform best practices that companies can follow if they choose, the act aims to create more consistent protocols for all satellites. The resources will also include recommendations for network security used to manage and operate the satellites. In addition, some of the resources will be geared to small businesses that have different resources and processes than enterprises.
  • Directs CISA to perform a study on federal government support of commercial satellite industry cybersecurity. Within two years of the act becoming law, CISA must study how the federal government supports commercial satellite systems. The study must also include how the government has addressed critical infrastructure cybersecurity.

“Commercial satellites are an integral part of our infrastructure network and must be protected from cyberattacks by bad actors that would compromise our national security,” said Sen. Cornyn in a statement

Risks of Satellite Cyberattacks

An attack conducted through a satellite in February shows the risks and impact of this type of attack. Cyber criminals deployed data wiper malware called Acid Rain onto a KA-SAT satellite. This type of malware wipes data from routers and modems, which leave them inoperable. By targeting the satellite that provided broadband service to SATCOM modems, the attack impacted thousands of modems in Ukraine and tens of thousands in Europe. Because the attack rendered the modems inoperable, the damage spilled to over 5,800 wind turbines in Germany.

“It’s clear the government must provide more cybersecurity support to small businesses and other companies that own and operate commercial satellites before it’s too late. This bipartisan bill will help ensure these organizations — who often do not have enough resources — are able to protect their own networks,” said Sen.Peters in a statement.

More from News

Hack-for-Hire Groups May Be the New Face of Cybercrime

Google’s Threat Analysis Group (TAG) recently released a report about growing hack-for-hire activity. In contrast to Malware-as-a-Service (MaaS), hack-for-hire firms conduct sophisticated, hands-on attacks. They target a wide range of users and exploit known security flaws when executing their campaigns. “We have seen hack-for-hire groups target human rights and political activists, journalists and other high-risk users around the world, putting their privacy, safety and security at risk,” Google TAG says. “They also conduct corporate espionage, handily obscuring their clients’ role.”…

More School Closings Coast-to-Coast Due to Ransomware

Instead of snow days, students now get cyber days off. Cyberattacks are affecting school districts of all sizes from coast-to-coast. Some schools even completely shut down due to the attacks. The federal government recently warned that K-12 schools face a growing threat from cyber groups. According to the FBI, school districts often have limited cybersecurity protections, which makes them even more vulnerable. The FBI also says it anticipates the number of threats to increase. In a recent warning, the nation’s…

Hackers are Increasingly Targeting Auto Dealers

Auto dealerships are increasingly concerned with cybersecurity in the face of new regulations and an alarming rise in cyberattacks. The Second Annual Global State of Cybersecurity Report by CDK Global found that 85% of dealerships say cybersecurity is very or extremely important relative to other operational areas. Additionally, 89% say cybersecurity is more important than last year, a 12% increase. Not surprisingly, only 37% of auto retailers are confident in the current protection, which is a 21% decrease from 2021.…

LastPass Breaches Cast Doubt on Password Manager Safety

In 2022, LastPass suffered a string of security breaches which sparked concern among cyber professionals and those impacted by the intrusions. Some called into question the way LastPass handled and responded to the incident. In addition, the situation ignited a wider conversation about the risks linked to utilizing password managers. A password manager helps users generate strong passwords and safeguards them within a digital locker. A master password secures all data, which enables users to conveniently access all their passwords…