National Public Safety Telecommunications Council
People and Vehicles : Firefighter, Policeman, Police cruiser, Ambulance
Vehicles : Fire truck, Ambulance, Police boat
People : Policemen
Towers : Towers on a ridge
Computers : monitor array
Home
Current Topics
Organization
Committees
Events-Meetings
Participate-Volunteer
Resources
About Us
Library
Joint Cybersecurity Advisory (CSA) AA22-076A: Strengthening Cybersecurity of SATCOM Network Providers and Customers
March 18, 2022
FYSA SAFECOM Logo
SAFECOM Members,
The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA) to help organizations protect their satellite communication (SATCOM) networks against possible cyber threats to U.S. and international networks, attached.  Critical infrastructure organizations and other organizations that are either SATCOM network providers or customers are strongly encouraged to review and implement the mitigations in this CSA.
Successful intrusions into SATCOM networks could create risk in SATCOM providers' customer environments and this advisory provides several actions that can help strengthen SATCOM network cybersecurity.  The advisory is titled, "Strengthening Cybersecurity of Satellite Communications Network Providers and Customers."
Summary
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are aware of possible threats to U.S. and international satellite communication (SATCOM) networks.  Successful intrusions into SATCOM networks could create risk in SATCOM network providers' customer environments.
Given the current geopolitical situation, CISA's Shields Up initiative requests that all organizations significantly lower their threshold for reporting and sharing indications of malicious cyber activity.  To that end, CISA and FBI will update this joint Cybersecurity Advisory (CSA) as new information becomes available so that SATCOM providers and their customers can take additional mitigation steps pertinent to their environments.
CISA and FBI strongly encourages critical infrastructure organizations and other organizations that are either SATCOM network providers or customers to review and implement the mitigations outlined in this CSA to strengthen SATCOM network cybersecurity.
Actions to Take Today:
  • Use secure methods for authentication.
  • Enforce principle of least privilege.
  • Review trust relationships.
  • Implement encryption.
  • Ensure robust patching and system configuration audits.
  • Monitor logs for suspicious activity.
  • Ensure incident response, resilience, and continuity of operations plans are in place.
    • CONTACT
    All organizations should report incidents and anomalous activity to CISA 24/7 Operations Center at report@cisa.gov or (888) 282-0870 and/or to the FBI via your local FBI field office or the FBI's 24/7 CyWatch at (855) 292-3937 or CyWatch@fbi.gov.
    RESOURCES
  • National Security Agency (NSA) Cybersecurity Advisory:  Protecting VSAT Communications
  • NSA Cybersecurity Technical Report:  Network Infrastructure Security Guidance
  • Office of the Director of National Intelligence (ODNI):  Annual Threat Assessment of the U.S. Intelligence Community, February 2022
  • CISA Tip:  Choosing and Protecting Passwords
  • CISA Capacity Enhancement Guide:  Implementing Strong Authentication
    • Regards,
    Cybersecurity and Infrastructure Security Agency (CISA)
    Integrated Operations Division (IOD)  |  CISA Central  |  COMM-ISAC
    Office:  (703) 235-5080  |  Fax:  (703) 235-5078  |  NCC@CISA.dhs.gov
    SMC (CTR)  |  EM  |  JJO
    CISA Logo
    Copyright © 2003–2022.  All rights reserved.
    NPSTC is a federation of organizations whose mission is to improve public safety communications and interoperability through collaborative leadership
    Home  |  Have a Voice in Public Safety  |  Calendar  |  Contact Us  |  FAQs  |  Site Map  |  Admin Login
    Full View
    Copyright © 2005-2024.  National Public Safety Telecommunications Council.  All rights reserved.