WASHINGTON — If your company or organization uses a network, there are people who want to hack it. If you haven’t tried to stop them, those hackers are probably already in your network.
That was the message from cybersecurity experts at the CyberSat Summit here Nov. 7. Satellites are just another target in a cyber world rife with perpetrators.
“It’s not if, it’s when,” James Turga, executive assistant director of the FBI’s Information and Technology Branch, said about getting hacked.
Turga said around 1.4 million new phishing sites form every month, and ransomware sold on a hidden level of the internet known as the “dark web” has gone up 2,500 percent.
“Those are staggering numbers and the amount of tools that are out there because of various leaks from organizations have now caused a situation where the threat is so prolific, [that] it doesn’t matter if you are ‘mom and pop’ or a Fortune 500 company or the FBI or NASA.”
Lisa Donnan, managing director of Option3Ventures, a venture capital firm focused on information security and analytics companies, said conversations with chief security officers (CSOs) have shifted from defense to damage control given the magnitude of cyber attacks.
“When the average breach has been there for 221 days — on average — the game’s over,” she said. “When you speak to seasoned CSOs, their mindset is much more in resiliency and recovery, because they’ve lost the war.”
Donnan said traffic running on satellite networks — defense communications, financial information and television broadcasts, for example — are all very attractive to hackers. Option3Ventures always considers what digital infrastructure companies are building their businesses on, she said, and isn’t interested in those using outdated technologies.
Greg Touhill, president of the data center company Cyxtera Technologies’ Federal Group, disagreed that the war has been lost, but said there are a myriad of threats to satellite systems.
“We need to have the approach that ‘I might be able to live through a battle I’ve lost, but I don’t want to lose the war.’ You have to have resiliency. You have to be able to take a punch and keep on going,” he said.
Risks include distributed denial of service (DDOS) — cyber-attacks designed to overwhelm a system and render it inoperable — to interrupt satellites and even launches, he said. If a hacker gets into the design phase of a satellite, they could even do a “Death Star”-type attack, implanting a weakness for exploitation at a later date, he said.
“We’ve got folks that don’t necessarily have that mindset of thinking like a hacker,” he said. “You can buy down your risk if you start thinking like a hacker and adjusting the training, the certification, the auditing of your personnel processes and technology.”
Randy Sabett, head of Cooley’s cyber practice, said intentionally misleading emails containing malware are the source of many new attacks, particularly those requiring electronic signatures.
“Remember, your systems are not just technology, it’s the people and the processes as well,” Touhill added. “Teams are used to design, operate, field your satellite systems, and teams are where you really need to be focusing your efforts.”