Sens. Gary Peters, D-Mich., and John Cornyn, R-Texas, introduced legislation last week to protect commercial satellites from cybersecurity threats.
If passed, the Satellite Cybersecurity Act would direct the Cybersecurity and Infrastructure Security Agency (CISA) and Government Accountability Office (GAO) to provide cybersecurity resources to commercial satellite owners and operators.
The legislation would require CISA to develop voluntary cybersecurity recommendations for satellites to help commercial satellite companies secure their systems. CISA would also be required to create a public online resource with satellite-specific cybersecurity resources for companies. The legislation would also require GAO to perform a study on how the Federal government supports the commercial satellite industry regarding cybersecurity. The objective behind the study is to obtain a better understanding of “how network vulnerabilities in commercial satellites could impact critical infrastructure,” read an announcement from the senators.
Commercial satellites are integral to the country’s infrastructure. They provide data and critical information for navigation, agriculture, technology development, scientific research, and more. Industrial control systems, which help operate critical infrastructure networks like pipelines, and water and electric utilities, are also heavily reliant on commercial satellites.
“Commercial satellites are an integral part of our infrastructure network and must be protected from cyberattacks by bad actors that would compromise our national security,” said Cornyn.
Additionally, commercial satellites also play a big role in the United States’ evolving space industry. According to a report by the Satellite Industry Association, commercial satellites are considered a major driver of the space industry overall, accounting for nearly 73 percent of the total space business.
“It’s clear the government must provide more cybersecurity support to small businesses and other companies that own and operate commercial satellites before it’s too late. This bipartisan bill will help ensure these organizations – who often do not have enough resources – are able to protect their own networks,” said Peters.
The increased concern of potential hacks to satellites is not a far-reaching notion. In 2007 and 2008, hackers were able to gain access to NASA and U.S. Geological Survey satellites. Later in 2014, U.S. officials accused China of hacking a National Oceanic and Atmospheric Administration weather satellite. Peters and Cornyn noted that the Department of Defense has also raised concerns about this threat.
“Hackers have already successfully attacked government satellites, and it’s only a matter of time before they begin to more aggressively target commercial satellites. Vulnerabilities in these systems present an opportunity for foreign adversaries and cybercriminals to significantly disrupt American lives and livelihoods,” said Peters.