This article originally appeared in the Nov. 12, 2018 issue of SpaceNews magazine.
When German teleport operator CETel learned that the British and American governments were eavesdropping on the satellite communications coursing through its facility, it found out from Spiegel Online, the widely read German news site.
The next thing that happened was a call by Germany’s domestic intelligence service, the Bundesamt für Verfassungsschutz, or BfV.
“The German national secret service approached us and said ‘we have learned that you have been attacked. We are coming over to support you,” said Guido Neumann, managing director of CETel’s teleport in Ruppichteroth, a small town near Cologne and Bonn. Military-grade fencing and CCTV cameras safeguard the 30 satellite antennas and Network Operations Center that CETel — short for Central European Telecom Services GmbH — operates 24/7 to provide geostationary satellite uplink and downlink service to customers around the world.
BfV agents checked CETel’s network systems, which carry digital traffic for everything from mega-yachts in the Mediterranean to European peacekeeping forces in Africa, and helped the company get set up with cybersecurity software to defend against unwanted sleuths.
Spiegel Online learned of the cyber offensive through leaked documents from Edward Snowden, the U.S. National Security Agency contractor who released thousands of classified documents. CETel didn’t have any dedicated cybersecurity staff in 2014 when the news organization broke the news of the intrusion. Now it does, Neumann said.
Satellite teleports are the primary points of contact with satellites in space. Teleports route communications traffic from one part of the world to another, connecting satellites to people and their devices on Earth. A select few are used to fly satellites. Their role in satellite communications makes them an obvious target for hackers. The satellite industry has so far managed to avoid a high-profile cyber attack, something experts attribute both to the industry’s vigilance and how oblivious much of the world is to the magnitude of the services it provides.
“Satellite’s best security, I believe, is what we call ‘security through obscurity’: it’s not well known, and that probably keeps more of the casual threats away,” said Garrett Hill, CEO of X2nSat, a Petaluma, California, company that owns two teleports and through partnerships leverages over half a dozen more for the communications needs of Fortune 200 companies and other large enterprises.
There are nearly 700 commercial teleports globally, many owned by satellite operators and network service providers, according to the World Teleport Association. Those sites engage in the riskiest part of satellite communications.
“The No. 1 threat to security is the internet,” said Robert Bell, the World Teleport Association’s executive director. “Anyplace you touch the internet, or there is an IP-enabled circuit, you have a vulnerability. Teleports are the ground-segment side of the satellite network, so they are the ones that are touching the internet all the time.”
Teleport operators face a rising number of cyber risks as more and more devices requiring data connections join the burgeoning Internet of Things.
Many teleport operators have responded to the digitization of hardware by deliberately keeping important systems disconnected from other networks, a method known as “air-gapping.”
“It is clear if you have a closed system, from this point of view you are safer with respect to the possibility of being attacked,” said Marco Brancati, vice president of innovation and technological governance at Telespazio, a company with seven fully owned teleports including the Fucino Space Center in Italy where it supports rocket launches and early satellite operations and handles data distribution for the European Union’s Galileo navigation constellation.
Keeping teleport networks off the internet isn’t a bullet-proof plan, however. Brancati said some attackers will specifically target closed systems precisely because they are closed, believing what’s inside is more valuable. “Being a closed system doesn’t prevent [networks] from being attacked,” he said.
Even physical security must be considered. David Myers, the former DataPath CEO now leading the communications sector at IT and cybersecurity contractor Peraton, said the Herndon, Virginia-based company assesses the perimeters of partner teleports — Peraton has 10 such sites — to assess preparedness for attacks on less obvious targets, like backup power generators.
“Generators today are a lot of times are IP-enabled … theoretically someone could find a vulnerability and shut down a generator so that the power goes out and then the teleport goes out,” he said. “You have to have a multilayered approach to protecting something like a teleport that really is critical infrastructure. It’s not just an IT network in an office building.”
While firewalls, antivirus software and other defenses are beneficial, teleport and network operators said there is no formula for knowing when one has done enough to defend against threats. Nothing guarantees a network will be impenetrable, but they must do their best to make the task seem insurmountable.
“Just like commercial companies, attackers also are looking for return on investment for their exploits, so part of the key technique is to do threat assessments,” said Brian Still, a software architect at Global Eagle Entertainment, the Los Angeles-based provider of satellite-based connectivity and digital media for airlines and other global mobility customers. “You want to consider the asset or the value of what potential attackers may be after. You want to put enough barriers and defenses in place so that the effort or the cost, whether in time or effort, is higher than the asset that is under attack. You basically deter them from trying.