Cybersecurity – A Growing Need for the Satellite Industry
Rolf Berge, Director of Products, Speedcast
As more data is gathered and transferred than ever before, companies face even greater risks from cyberattacks.
According to the Breach Level Index, more than 9 billion records have been lost or stolen globally since 2013, nearly 2 billion of which were breached in the first half of 2017 alone.
With these statistics becoming harder to ignore, companies that deal with personal and private data can no longer expect to succeed without having an extensive cybersecurity solution in place.
The State of Cybersecurity in the Satellite Industry
When it comes to the satellite industry, the threat of cyberattacks is much the same as that of many corporate networks and the need to take action against these threats is not very different than using terrestrial network technologies.
Additionally, considering the amount of data procured and distributed within the satellite industry, implementing a strong cybersecurity solution and making sure employees are well-versed in security protocols should be a top priority for all companies. Unfortunately, many wait until the last minute or until it is too late before even discussing solutions. This puts undue stress on the company and can put the company’s relationships and reputation on the line.
Visible Web vs. Invisible Web
Protecting Networks Starts with Preparation
Protecting your network starts with preparation. This not only includes having the right software and strategy in place, but also instilling the importance of security among employees, including top-level management, and training them on what to avoid and the signs to look out for while working in the system.
The improper use of the network by employees accounts for surprisingly many of the breaches companies experience, and according to “The Global State of Security Survey,” a study by PricewaterhouseCoopers, 48 percent of companies surveyed had no employee cybersecurity awareness training program.
Even something as small as plugging in a personal smartphone to a company’s computer simply to charge the device can put data at risk from ransomware and other cyberattacks. If an employee is not aware of these types of risks, they may put the company in danger without even realizing it.
Companies should begin training employees by having senior management go through training session first and then work down to lower-level employees. By starting at the top, managers and executives will have a better idea of what needs to be done and how to influence their teams to take risks seriously.
Additionally, having employees participate in mandatory training during the onboarding process and follow-up training workshops at regular intervals can help ensure employees are well-versed in risks and the proper way to mitigate threats.
Other ways that companies can boost their security without having to spend a great deal of money on new technologies are to know their attack surfaces, or the extent of the company’s vulnerability, and apply certain organizational controls on the system that will reduce the company’s surface for attack. This can be done in-house by a company’s IT team and includes having foundational policies and procedures in place to protect against attacks.
Below is a list of steps that can be taken internally to eliminate vulnerabilities and decrease a company’s attack surface.
- Inventory of authorized and unauthorized devices
- Inventory of authorized and unauthorized software
- Secure configurations for hardware and software
- Continuous vulnerability assessment and remediation
- Controlled use of administrative privileges
These updates should be done at least every three months to ensure software is running smoothly and user access and devices are updated when software is updated.
Companies don’t always need a new tool to combat attacks. Often, these foundational security controls are the biggest bang for the security buck. The fundamentals of finding and patching vulnerabilities, making sure systems are securely configured and monitoring systems for change go a long way in maintaining a strong security posture.
However, while these steps can help prepare and protect a company for potential risks, the most effective way to ensure data is safe is to invest in a fully managed cybersecurity solution, whether that means starting from scratch or updating a current one.
Building a Cybersecurity Strategy – Proactive vs. Reactive
The first step companies should take when building or searching for a cybersecurity strategy is to move current processes from reactive to proactive. This means not waiting for an attack to happen before evaluating cybersecurity needs and setting up regulations and instructions on how to deal with a situation before it occurs.
Waiting for attacks and breaches to happen makes it harder and more expensive to fix the problems associated with such a catastrophe than it would be to have a strong network set up before one takes place.
When companies begin evaluating cybersecurity needs, they should first try to answer the following questions to assess the type of system they will need.
- What data would be considered high value to a cybercriminal?
- What training and protocols are in place to minimize employee threats?
- Is there a cybersecurity solution already in place?
- If so, is there a formal way to evaluate the effectiveness of the security?
- Is there a disaster recovery plan in case of emergencies?
By knowing the answers to these questions, a company can easily determine next steps in terms of implementing new security solutions or simply enhancing the current solution already in place.
Finding a Solution that Fits Your Needs
Proactive cybersecurity solutions are the best ways to provide a comprehensive and efficient defense against attacks. Companies like Speedcast have developed solutions such as SafePass™ Pro that are a great example of this type of program.
SafePass™ Pro combines top-of-the-line content filtering and monitoring with threat management services, including vulnerability assessments. This combination benefits clients by providing access to Speedcast cybersecurity experts who can help identify system weaknesses, monitor insider threats from untrained or malicious employees, proactively defend the network and respond to incidents.
This program has three different levels available for customers that defend, monitor and prevent cybercrime within the client’s system.
- Defend: Content filtering at internet gateway
- Monitor: Scan data traffic for threats and network vulnerability scanning
- Prevent: Identify vulnerability and threats in Deep Web and DarkNet, provide training, holistic cybersecurity posture and penetration testing.
Overall, this solution expands network resources, diminishes malware and ransomware, enables centralized regulation across all sites, enforces acceptable use and security policies and provides an opportunity to assess and eliminate network weaknesses.
Additionally, some satellite communications companies, like Speedcast, will even sit down with clients who are interested in its services to discuss best practices and find the solution that best fits the customer’s needs. This offering can go a long way for clients who have never implemented a solution and provides much needed support for improving current solutions.
Implementing solutions and technologies like SafePass™ Pro not only helps companies feel more secure in the safety of their data, but also the safety of their checkbook.
SafePass Pro is a 3-tiered offering
Financial Benefits of Investing in a Cybersecurity Solution
As of 2016, cyberattacks and breaches cause $450 billion in damage each year (via Ponemon Institute), and it is projected that cybercrime will cost the world in excess of $6 trillion annually by 2021 (via Cybersecurity Ventures).
With the cost of these breaches reaching hundreds of millions of dollars each year and rising, there are many cost benefits when it comes to investing in cybersecurity solutions and technologies.
Insiders most responsible for data breaches (Source: Ponemon Institute)
Managed services like Speedcast’s SafePass™ Pro cybersecurity solution have many financial benefits that will save companies money in the long run including cost allocation and the ability to retain budget for the retention of in-house experts. Not only that, but these solutions will protect a company’s reputation from unnecessary hits caused by a loss of confidence and trust from their customers.
Without the right cybersecurity solution and strategies in place, a company leaves itself open to all kinds of risks that can cause irreparable damage to its operation, as well as its reputation. While having a program in place helps mitigate these risks, a solution that isn’t properly maintained or updated can be just as susceptible to breaches.
Implement proactive measures to guarantee a company has a system in place that defends the network, monitors traffic and prevents cyberattacks. Set up internal protocols in case of emergencies, train employees to be proactive about the safety of the network they work in and take an inventory of devices and employee access on a regular basis to guard against significant financial loss and reduce stress among operators.
Starting as a Schlumberger network engineering manager in 1994, Rolf Berge has filled many roles in the Speedcast organization including: Managing Director, Vice President of Resource Management, Vice President of EMEA Sales and Chief Technology Officer at Harris CapRock. His vast experience gained working to solve customers’ everyday problems provides a real world application for his technological acumen. Rolf works not only to provide insight on current system implementations and architectures but looks at the future to identify emerging technologies and solutions to keep Speedcast positioned as the market technology and thought leader.
Space: The Next Frontier for Cyber Security?
Yen-Wu Chen, Vice President, Asian Operations, Kratos
Our daily essential services and applications, be they commercial or military, are increasingly dependent on integrated satellite and terrestrial networks. Until recently, satellite networks have been, by and large, stand-alone in design. Increasingly, however, satellite networks are integrated with terrestrial networks, creating a hybrid system. While this integration has extended access to many communications applications, it has also broadened the opportunity for cybersecurity issues and risks.
Cyber-attacks, focused primarily on identity and financial theft in the commercial world, are becoming a critical issue in space. Cyber-attacks on satellites can include jamming, denial of service (DoS), hacking attacks on communication networks and piracy. Piracy, or unauthorized access, occurs when carriers (with content) are transmitted toward a satellite without any prior contract with the satellite operator. Intentional jamming can be the result of one party’s objection to the content (political, cultural, social, etc.) of the targeted carrier, extenuating circumstances (political situation, social unrest, etc.) and in the worst case, intent to disable a satellite to gain a military or economic advantage.
An Increasing Threat
Communications, finance and trade, air and sea transport, energy and weather forecasting are among the infrastructure applications that rely heavily on satellites to fulfill their promise. These functions are so pervasive in our society that we are essentially oblivious to the role satellites play. Should one or more of these satellites be compromised, either by radio frequency jamming or direct physical attack, the results could be catastrophic. Each infrastructure area has a particular set of unique characteristics and vulnerabilities, yet also has much in common with other functional areas due to their interdependencies, which could lead to a cascading effect if even only one sector was compromised.
Among the top data breaches announced in 2017 were:
- Equifax, September 7, 2017: Equifax, one of the three largest credit agencies in the U.S., suffered a breach that may affect 143 million consumers.
- Yahoo, October 3 reported that the huge data breach in August 2013 affected every user on its service: all three billion user accounts, up from the one billion figure Yahoo initially reported.
- Taringa, September 17: The Argentina-based social network Taringa was alerted to a leak of about 28 million user records
A Verizon Data Breach Investigations report states the following for 2017:
- 75% of breaches were perpetrated by outsiders
- 62% featured hacking
- 81 % leveraged stolen or weak passwords
- 51% included malware
- 24% of the victims were financial institutions
- 66% of malware was distributed via infected email attachments
- 61% of the data breach victims in this year’s report are businesses with under 1,000 employees
- 95% of phishing attacks that led to a breach were followed by some sort of software installation
Roots of Vulnerability
Unlike optical fiber or copper cables, satellites send their radio frequency (RF) signals through air and space, creating the opportunity for anyone with the appropriate knowledge, means and motivation to interfere with the RF signal. This can be accomplished by jamming, variations of which include blocking undesirable radio and television broadcasts from being transmitted into a country and blocking satellite navigation signals. Increasingly, with the use of Commercial-Off-The-Shelf (COTS) products such as open-source software, vulnerabilities are multiplied. It is one thing to protect proprietary products from latent malware being inserted during development, but the risk is compounded when acquiring the products from a long supply chain.
Another challenge is the speed with which technology advances, coupled with the fact that it can take two to three years to build and launch a satellite designed for a 10-15 year lifespan. In these cases one not only has to embed cybersecurity defenses in the satellite during the design stage; but must be prepared to retro-fit on-orbit satellites with newer cyber defenses during the satellite’s life span.
Of all the vulnerabilities those with the most potential for severe disruption are satellite-based navigational systems…Galileo in Europe, BeiDou in China, GLONASS in Russia, the Indian Regional Navigation Satellite System (IRNSS), and the U.S. global positioning system (GPS), which is the most pervasive and supports much of the world’s civil infrastructure.
These vulnerabilities are driving change in military space, as well as in the commercial world, and countering them requires more resilience, agility, and speed in order to predict, pre-empt, and prevent the growing range of threats.
Aside from disruption of civil infrastructure, cyber-attacks on satellites could weaken responses to military threats, by compromising satellite command and control (C2), operational monitoring and payload performance. Doug Loverro, former U.S. Deputy Assistant Secretary of Defense for space policy outlined six major areas the military needs to invest in, which he dubbed “D4P2”:
- Disaggregation — Separating missions that have different purposes, so that a single satellite is not carrying both conventional and nuclear systems or surveillance and communication systems.
- Diversity — Using multiple systems to achieve the same goal, such as having U.S. equipment that can use both GPS and Europe’s Galileo navigation system.
- Distribution — Spreading out capabilities across multiple satellites, so that no one satellite is fundamental to the system working.
- Deception — Not letting adversaries know which satellites are carrying which systems.
- Protection — Hardening satellites to defend against threats.
- Proliferation — Deploying multiple satellites to conduct the same mission, where a single satellite can carry out the complete capability while the others provide redundancy.
Direct attacks on space-based assets are more likely to result in jamming and denial of service scenarios as previously discussed. However, attacks mounted via a compromised ground station network may potentially yield access to sensitive data or the ability to manipulate command and control systems resulting in considerably greater impact.
Approaches to Cyber Defense in Space
While the U.S. Department of Defense plans to spend $2 billion over the next five years on a new constellation of Global Positioning System satellites that will be hardened to withstand electronic interference from hostile nations, satellite ground systems need to be protected as well. In making the announcement U.S. Air Force Secretary Heather Wilson said the Air Force is motivated to move ahead with this new constellation amid growing concerns that a growing number of nations are developing electronic weapons to jam or interfere with GPS signals. “All those things are an obvious awareness of American dominance in space. I cannot think of a military mission that doesn’t depend on space. Our potential adversaries know it, and we need to protect those vital assets.”
Contending with the reality of future attacks, the strategy of investing in more agile, resilient satellite capabilities is being bolstered by new space. Newly planned LEO and MEO constellations (by OneWeb, SpaceX, O3B and others), are radically changing the economics, lowering the cost of satellites an order of magnitude that makes the concept of resilience through numbers and basic protection capabilities viable. As space becomes an ever more contested environment, small satellites can act as pawns on a chessboard…protecting large military and commercial satellites…the Kings, Queens, and Bishops of space!
Protecting a few critical and expensive satellites, which are obvious targets, with larger numbers of cheaper, yet agile satellites–pawns if you will–creates a more defensible space.
…And on the Ground
In a recent interview with Via Satellite Magazine (March 2018), KPN Chief Information Security Officer (CISO) Jaya Baloo said that with respect to cyber vulnerability, she would focus on the ground station to determine how one could spoof or clone the communications over a poorly authenticated or an un-authenticated channel. The hacker would assume that on the un-authenticated channel, there would be one or two bands you could communicate with from your ground station to the satellite. If it was un-authenticated, the hacker could then pirate your signal communications to that satellite, she explained.
Approaches to Cyber Security
For terrestrial and space environments Kratos offers a range of cybersecurity testing, monitoring and hardening solutions to reduce vulnerability and minimize risk:
Deliberate jamming, or RFI, is one of the more prevalent attacks. Traditional approaches to resolving interference require identifying the source and when possible working with the interfering party to mitigate the effects. SigX® is a proactive signal cancellation solution from Kratos that offers an alternate approach to resolving interference without relying on cooperation from the interfering party. SigX directly mitigates RF interference (RFI) as shown in Figure 1 by simultaneously canceling up to four CW (Continuous Waveform) or sweeping CW signals in real-time to protect valuable bandwidth and help assure application and/or mission effectiveness.
Figure 1: SigX cancels CW interference signals in real-time to protect valuable bandwidth.
Information Assurance (IA) hardening is another approach to protecting operating systems to ensure system software, firmware and applications are updated to stay ahead of exploits that attack flaws in the underlying code. Kratos RT Logic has a proven history of executing IA hardening for both commercial and government organizations. It now offers IA hardening as a service that provides consistent IA hardened operating system (OS) updates on a quarterly basis and is fully compliant with the U.S Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) hardening requirements.
Satellite operators use traditional security monitoring tools as well as those uniquely designed for satellites. Kratos offers a SATCOM Cybersecurity Assessment service that addresses the increasing threats and unique requirements of the satellite industry. Cybersecurity Assessments help satellite organizations identify and prioritize threats and their mitigation. The result is a detailed view of satellite network preparedness along with recommended steps required to mitigate risks and ensure compliance with applicable regulations, standards and guidelines.
CyberC4 is an integrated family of products designed for the unique cyber defense needs of satellite ground network environments including situational awareness, and active defense for total protection from cyber-attacks. Kratos protected communications products and services continuously monitor SATCOM networks for cyber threats, harden SATCOM equipment against exploits and defend against insider threats.
The global military cyber security market is expected to be worth nearly US$10 billion in 2017 and is expected increase to reach almost US$14 billion by 2027(1), representing a CAGR of about 3.5% during the forecast period. According to the “Global Military Cyber Security Market 2017-2027” report, the global market for military cyber security is expected to be valued at over US$130 billion during the forecast period, and is expected to be dominated by North America, followed by Asia-Pacific and the European markets.
The cyber threat to satellites is not a US, European, or Asian threat…it is of global concern. While anti-cyber technologies and strategies that can anticipate threats as well as react to them will be key to neutralizing cyber-attacks.…they will be far more effective if nations work together, share information, develop industry-led standards for knowledge exchange, risk assessment and management, and share technology advances in a timely manner. Just as industrial stove-piped structures can cripple innovation, so to can a stove-piped national approach to cyber security defeat its purpose.
Yen-Wu Chen is Vice President of Asian Operations at Kratos Communication based in Lanham, Maryland U.S.A. He has 40 years’ experience in the IT and satellite sectors and is responsible for Kratos Communications’ Asian business. Mr. Chen has worked at Kratos for over 30 years and has held several engineering and management positions with Singer Link Simulation Systems and Integral Systems, prior to its acquisition by Kratos.
(1) Final global numbers for 2017 not yet published. Date for this report is November 2017
Satellite Security Requires Commitment to Strategy and Collaboration
Vinit Duggal, Vice President and Chief Information Security Officer, Intelsat
Even the casual observer is aware that the threat of cyberattacks is increasing and these attacks are becoming more sophisticated each year. This is not just a concern for satellite operators but for every telecommunications company.
As we see growth in the use of Big Data, the Internet of Things and machine-to-machine applications, there will be vastly greater amounts of data moving across all networks. As a result, there will be more potential points of entry where the network can be compromised. This means every part of the complex chains that serve enterprises, cellular networks, ships and vehicles, and IoT devices must be secured.
Faced with the multifaceted new threats inherent with more data and more access points, seasoned cybersecurity professionals continue to succeed in implementing the right security posture. An effective posture is not only one that prevents attacks but also grants security teams the visibility and controls needed to mitigate active issues when discovered.
At Intelsat, we understand these escalating cyber threats. For that reason, we constantly assess our counter measures and keep abreast of the emerging threats that we and our customers will face in the future.
We also seek outside counsel and adhere to third-party compliance measures to ensure we are consistently hardening our security posture. We are the only satellite operator that has gone through independent auditing firm KPMG and completed a Service Organization Control 3 (SOC3) review of our security controls. This successful review process provides commercially accepted validation that our products, services and flight operations are offered in an appropriately secure environment.
Security Cannot Happen in a Silo
As connectivity services continue to evolve to meet consumer demand, the solutions that are supporting them are becoming more complex, integrating varying technologies from multiple vendors. Services can only be as secure as their weakest link. It’s the responsibility of each ecosystem partner to ensure that security is addressed. It’s also imperative that customers demand security is addressed in products and services that they are procuring.
As a satellite operator, that means we need to have open conversations with our vendors, partners and customers to discuss the threat landscape, what they are facing, and how they are managing the exchange of data that passes through the collective network. Resiliency is of utmost importance. When you consume services in a more connected world, you also opening the door for different types of attacks and you must be prepared to stop them at every level of the network ecosystem.
The expectation of the customer should be that the network is secure. If a customer is paying to use a network that includes satellites, it is the operator’s responsibility to commit to building and testing the security of every portion of the service chain. It is also the operator’s responsibility to understand the threat vectors of the customer and ensure that everyone is collectively working to prevent issues.
At Intelsat, we meet that responsibility by insisting on adherence to the three core tenets of security: availability, confidentiality and integrity. Ensuring these tenets is a joint responsibility including the customers.
Security at Intelsat starts with how we manage our space assets. The secure command and control is of utmost prominence here at Intelsat. Our control networks are segmented behind multiple layers of security controls and are tied to any public means.
Availability is the key aspect when we are securing our transport services. We evaluate and design services that address and support multiple points of connectivity, ensuring path redundancy and assessing our vendors and partners that help us deliver products to the marketplace. Additionally, our security framework mandates that we have third-party assessments and audits to evaluate our corporate, service and operational tiers against industry-best standards. Security is a mandatory gate early in our product development life cycle.
It’s our expectation that our customers expect a completely secure network and don’t want vendors to play the blame game when a security issue may arise. While everyone in the service chain must take security seriously, we ensure that we are stitching the pieces together in way to meet the standards we have defined for ourselves and our customers. It is imperative that the cost of providing that security is built into the pricing of a product or service.
Security is a Budget Requirement, Not an Option
Providing the level of security that meets our high standards and satisfies customer expectations is a cost of doing business. When we design new satellites, make changes to our infrastructure, or add new services to our portfolio, we view incorporating cybersecurity measures as a key part of the process – so those costs are always addressed in our budget process.
In the big picture, cybersecurity is not an exorbitant expense, probably accounting for only about 5 percent of overall information technology budgets when we look at the total capital expenditures for services. We also are very careful about what we buy. The best solution is not necessarily the most expensive security product on the market.
The complexities of our networks and of our customers’ operations create more security attack opportunities all along the communications chain. But in the business world today, every company involved in serving our customers has an obligation to provide the highest level of cybersecurity, even if they are not being paid for it. The price of not hardening the network at every access point and then encountering a security breach cannot be understated. Security needs to be at the forefront of every network discussion.
With Intelsat since 2002, Vinit Duggal is responsible for the development of an information security program that fits the business needs of both the corporate and service-provider entities that comprise Intelsat’s service portfolio. He has 22 years of experience as an information security professional. He is a featured presenter at many top industry events, including CyberSat, GVF, SANS, CSI, Applied Network Security Foundation and the National Security Information Exchange. He is an active member of many industry forums, where he is helping create the standards to that will ensure a secure future.
Interview with John Branscum, President, Comtech EF Data
John Branscum, President of Comtech EF Data, the recognized global leader in satellite bandwidth efficiency and link optimization. Comtech EF Data’s advanced communication solutions encompass the Advanced VSAT Solutions, Modems, WAN Optimization, Managed Bandwidth and RF products. The Company is recognized as a technology innovator, and has a reputation for exceptional product quality and reliability. John Branscum is also President of Comtech Xicom Technology and SVP of Comtech Telecommunications. He has 25+ years in the High Power Microwave Amplifier industry, previously holding positions at Communications and Power Industries, Litton Industries and Varian Associates.
What are your thoughts on the satellite communications industry of today and where do you see most of the growth in our industry moving forward?
It’s an exciting time for the satellite industry and we are very bullish on its potential. The pace of spacecraft and ground equipment innovation has increased dramatically. Satellite service providers are demanding entirely new price-for-performance levels to remain competitive with terrestrial options to be able to penetrate new markets. This requires everyone in the value chain, from those that manufacture and operate the satellites to those that provide the ground portion of the overall solution, to push the envelope of what is possible and offer products to the satellite service provider that allow them to succeed for the long term.
We believe the majority of industry growth will lie in the areas of mobility, backhaul, government and commercial fixed networks with higher throughput applications leading the charge. Higher throughput offerings drive profitability for the service provider and therefore are an attractive target, driving the market as a whole. This focus has forced ground equipment manufacturers to offer more powerful, efficient and intelligent solutions to the market.
How has Comtech EF Data approached this innovation?
We have spent a great deal of time sitting and listening to our customers to understand their challenges and have worked to provide innovative solutions that solve their business problems. As the service provider’s cost basis is tied to MHz while revenues are tied to Mbps, efficiency is key to allow for a competitive (and profitable) pricing structure versus alternatives.
Efficiency comes in many levels, from pure spectral efficiency to intelligent bandwidth sharing to powerful compression techniques. Just as important as efficiency is the ability to offer graceful and dynamic high-throughput duplex connections teamed with robust traffic handling abilities to ensure that applications are able to function optimally. I believe the phrase “purposeful innovation” would summarize our approach to the market.
Can you dive a bit more into how the mobility market has driven growth?
Mobility has been an excellent growth engine for the satellite communications industry over the past decade as users on moving vehicles are expecting to receive a similar experience to that which they experience while at home. Entire spacecrafts have been uniquely designed to meet the demands of this market while ground antenna innovations have created small footprint solutions to render moving vehicle connectivity not only viable but also quite cost competitive.
In the maritime market cruise ship operators in particular have seen a significant increase in requirements and are pushing the industry to innovate and enable economical connectivity at dramatically higher throughputs. They are looking to maximize the passenger Quality of Experience (QoE), getting them to at-home levels, which has forced ground equipment providers to develop two-way, high-speed connectivity solutions that follow the user wherever they may go.
You mention innovation on two levels above, one focused on space (the spacecraft) and one regarding the ground equipment. Do these need to happen at the same time or should one lead the other?
It’s important that these innovations happen in parallel to ensure that product roadmaps and the plans of the ground solutions provider (such as Comtech) are aligned with that of the satellite operator. We all know that Satellite Operators are moving to High Throughput Satellites (HTS) to drive innovation, and especially to drive their costs down. That said, no two HTS solutions are alike so it’s imperative that ground equipment providers like Comtech spend as must time as possible sharing ideas and collaborating with the different satellite operators, each of which may be targeting different vertical markets.
We have placed a great deal of effort and focus on working with both global and regional satellite operators to ensure we are providing purpose-built solutions today that allow the service provider to optimize its satellite and ground solutions choices for profitable and sustainable services beyond 2020.
What are your thoughts on the different orbital options available in the market today, namely GEO, MEO and LEO?
The industry has seen innovation across all orbits, which had produced new price points and new business opportunities for the service provider. We believe that while each type of orbit has its own advantages and disadvantages, including different latency and throughput capabilities, it comes down to the market and, more importantly, the applications to be supported, as to which solution makes sense for the service provider.
Most market analysts predict huge revenue growth for satellite service providers that are able to interconnect the Internet of Things (IoT). Do you agree?
Absolutely. “Big Data” is getting bigger and end users are requiring a digital nervous system to allow real-time decision making to be available and for this entire process to be automated. As sensors become smaller and economical so that they can be placed in remote locations, the challenge of getting to that golden data becomes more difficult. Narrowband solutions have been readily available for low data rates for some time now but as the sheer mass of data to be transmitted from increasingly remote locations continues to increase, broadband solutions of an aggregation of sensors and devices will become more prevalent.
Which verticals do you believe will see the most growth from IoT?
We see growth across all of our verticals, including mobility, backhaul, government and commercial fixed networks. But again, the higher throughput applications will lead the charge and it’s imperative that service providers that are targeting IoT choose ground equipment solutions that offer the headroom needed to scale as remote to central site throughout demands continue to accelerate.
Any final thoughts you’d like to share?
We feel the satellite industry is at a tipping point in 2018 and are optimistic on its potential. The main opportunities lie with those that have positioned themselves to offer a future-proof differentiated service that can quickly and gracefully scale as end user demands increase. We look forward to working with those service providers that are looking to deliver on these opportunities.
Cyber-Security: Value-Add or Must-Have for Maritime SATCOM Players?
Brad Grady, Senior Analyst, NSR
Attend any satellite industry event these days, and beyond the worry about satellite capacity pricing trends, debates about the viability of the LEO constellations, or examination of new flat panel antennas coming to market is a focus on cyber security. With details emerging from the Maersk cyber-attack, and the $300M+ impact, satellite communication service provider are beefing up their offerings by investing in people, services, and technology to get ahead of this emerging area.
Just as satcom markets enter a period of tremendous growth in terms of bandwidth demand and capacity available, cyber threats against satellite networks and transiting over satellite networks are only going to expand. According to NSR’s Global Satellite Capacity Supply and Demand Study, 14th Edition there was over 0.5 Tbps of global satellite communications traffic spread out across FSS and HTS in 2017 – increasing to well over 7 Tbps of traffic by 2026. With most of that traffic coming from IP-centric verticals, the issue of cyber security quickly moves to the forefront.
An IP-based world Brings Terrestrial Problems
While the satellite sector continues to adjust to the impact these IP-centric verticals have across the value-chain, greater adoption of terrestrial technologies across the value-chain continue to reduce the barriers between terrestrial-focused attacks and their ability to be used against and over satellite networks. Distributed Denial of Service (DDoS) attacks are a relatively common occurrence, able to generate traffic exceeding 1 Tbps against a victim, or double the entire amount of satellite capacity demand in 2017. In March 2018, GitHub reported a DDoS attack exceeding 1.35 Tbps of traffic – more than the planned capacity of ViaSat-3 expected to launch in the future. In 2016, a DDoS attack against U.S. DNS provider Dyn caused outages at sites such as Twitter, Spotify and more than 1,200 domain names for which Dyn provided look-up services. With the ongoing pivot towards IP-based infrastructure across the value-chain, DDoS and other terrestrial threats only increase the threat vectors into and across satellite networks.
Not all is doom and gloom. In years past the satellite sector might have subscribed to the failed mantra of “Security through Obscurity”; however, satellite operators, service providers, terminal manufacturers, and end-users themselves are all investing tremendous resources into cyber security. Using a multi-faceted approach, players are focused on enabling a suite of cyber security solutions focused on securing the network and the data moving over the network. The problem is also not a “Satellite Operator” or a “Service Provider” or a “Hardware Manufacturer” problem – it is an entire end-to-end solution; a solution which must be continuously tested and updated.
There is perhaps no recent cyber security breach that hits closer to home than that of Maersk Group’s recent attack – a maritime company whose operations regularly require usage of satellite connectivity. Over ten days, the entire IT infrastructure for the group had to be rebuilt – 4,000 servers, 45,000 PCs, and 2,500 ‘applications’. To continue operations, the company resorted to apps like WhatsApp, Twitter, etc. to sustain operations at close to 80% until new systems could be brought online. Although reports state that shipboard systems were unaffected, that would only be at best a minor victory for the maritime satellite communications sector.
New Opportunities for Maritime Service Providers
Instead, new research continues to emerge around the relative vulnerabilities of shipboard infrastructure. There too, the maritime industry must quickly adjust to an “IP-enabled and networked” world. Shipboard infrastructure such as electronic charting, bilge pumps, and air conditioning equipment are gaining an Ethernet port and connected to an onboard IP-based network. Where equipment was once immune from a large majority of threats, or limited to only infected USB devices, they are now subject to a quickly changing, ever increasing threat matrix. The “Connected Vessel” is quickly emerging as a complex security environment.
With over 57,000 broadband enabled maritime vessels per NSR’s Maritime SATCOM Markets, 5th Edition report as of 2017, as well as an additional group of vessels which have access to some form of narrowband IP connectivity at-sea, these connected vessels provide challenges and opportunities to satellite communications service providers. Not only are they demanding more throughput in more places around the world, but they have a complex network of devices behind the satellite terminal. Just as other satellite sectors are facing challenges with falling capacity prices, maritime service providers are looking beyond pure connectivity plays to find new sources of revenues.
At over $2.1 Billion in retail revenues for maritime satellite connectivity in 2017, 20% of which will be from Asia and the Pacific Ocean region, the question remains how to monetize cyber security offerings. Unlike the recent moves into Crew Video on Demand, Electronic Chart Updates or the host of other Application-centric revenue streams emerging from the likes of Speedcast, Marlink, KVH, Inmarsat and others – is maritime cyber security ‘baked in’ or can it truly be ‘value-added’ (i.e. Monetizable)?
The short answer is both. Satellite operators and terminal providers will have cyber security baked into the solutions (and the price) they provide to the satellite industry. Collaboration amongst the different layers of the value-chain (including end-users) will allow continuous testing, updating, and re-testing against various emerging threats and exploits. However, service providers will have a more challenging time – at what rate or level can they ‘charge extra’ for additional cyber security services (and who defines “what’s extra”?)
Maritime-focused groups such as the IMO, class societies such as DNV, and others are in the process of creating cyber security guidelines, largely focused on the merchant sector. When those standards are developed, maritime end-users will have to decide how they implement those standards across their operations – both onshore and offshore. That implementation process will be an opening for maritime service providers to monetize existing and future cyber security offerings, just as they have with other areas of maritime IT operations like crew calling cards.
IP connectivity not only has untold impacts on the business of satellite connectivity – shifting business plans from video to data, it also requires a greater focus on an increasing threat matrix. While challenges exist, one can no longer rely on a static security environment, and an increased focus on cyber security related challenges brings with it new opportunities to add new revenue streams.
Brady Grady has been involved in the Satellite Communications industry since 2005, joining NSR in 2010. He is NSR’s Energy market subject matter expert, and a core member of NSR’s mobility research practice for both civil and government markets. He regularly provides his insights and analysis to NSR’s single-client consulting practice, and is also a regular contributor to leading industry publications and forums. Before joining NSR, Grady served as the Sustainable Development Projects Coordinator Intern with the Global VSAT Forum where he worked regularly with the GVF Secretariat and the Regulatory Working Group on many of the forum’s initiatives. Working with the Regulatory Working Group, Grady helped develop and implement various RWG initiatives aimed at protecting satellite spectrum, increasing awareness of satellite services, and working to promote regulatory reforms across the globe.
Q & A with Ali Akhtar, Winner of 2017 APSCC Young Talent Award
The APSCC Young Talent Award is the latest initiative of APSCC to ensure a healthy future for the satellite industry and to attract and retain young talent to the satellite and space industries in Asia-Pacific region.
Ali Akhtar, Head of Commercial, Satellite Services, Supernet, Pakistan, was selected as the winner of 2017 APSCC Young Talent Award at APSCC 2017 Satellite Conference & Exhibition,10-12 October 2017, Tokyo, Japan.
To give the best of the young staff encouragement and public recognition of their contributions, the winner received full scholarship sponsored by the International Space University and ASTROSCALE for the 2018 Southern Hemisphere Space Studies Program (SH-SSP). The Southern Hemisphere Space Studies Program from 15 January to 16 February 2018 is an intensive, five week, live-in experience in the southern hemisphere summer, involving the international, intercultural, and interdisciplinary educational philosophy for which the International Space University (ISU) is renowned.
Q&A with Ali Akhtar takes an opportunity to share his experience with potential award winners and young professionals in the satellite industry.
Can you tell us a little about your background?
Ali Akhtar: After graduating as a telecommunications engineer in 2010, I have been a part of the satellite communications industry ever since. I started off as a systems engineer, moving on to product management and now as a key executive of the satellite communications industry in Pakistan and Head of Commercial at Supernet, Pakistan’s largest satellite communications system integrator and service provider, I play a lead role in the materialization of practical solutions to connect the unconnected in the country. I work closely with our clients across multiple verticals and the players in our supply chain – equipment manufacturers, satellite operators and other system integrators to ensure that the satellite industry in Pakistan contributes to and benefits from the prevalent technology as well as the global roadmap.
What was the highlight of your careers in the satellite industry?
Ali Akhtar: For a tough Pakistani cellular market with one of the lowest ARPU in the world, closing business cases for the mobile network operators for upgrading existing networks and launching new services in remote areas has been nothing short of ‘mission impossible’. And my work there definitely stands out for me.
If I have to cherry pick, one would definitely be the solution I came up with for one of the leading MNOs in the country using C-band GEO HTS. Taking full advantage of cellular traffic optimizations techniques, bandwidth cancelation techniques and the highest modcod on a commercial C-band network resulted in transporting 750 Mbps of voice traffic in 72 MHz – about 11 bits/Hz from the MNOs point of view. This network serves a sizeable population in the north and south of the country. The MNO achieved substantial savings, had their faith renewed in the commercial viability of satellite networks and were compelled to consider pushing back their plans to expand the reach of terrestrial networks in these areas. And I have been informed that this may very well have been a world record for a commercial and operational C-band network.
With the fairly recent deployments of more HTS based solutions, the launch of 3G/4G services over satellite has also been achieved for the first time in the country. The growth of the cellular backhaul market with cost effective, efficient and innovative solutions carrying over 2.5 Gbps of cellular traffic is definitely something that I can look back and be happy about.
What is the greatest advantage you feel you gained through your Young Talent Award winning? What does it bring to your professional career?
Ali Akhtar: Having won the first edition, the greatest takeaway has been the encouragement that the award brings for someone who’s as relatively young as I am in an industry comprising of people who are more advanced in years and experiences. With my efforts appreciated at the prestigious platform that the APSCC, the drive to improve the quality and impact of my work is in a higher gear. And the recognition that the YTA brings definitely helps in getting your voice heard when you have a seat on the table filled by strong personalities.
What have you learned from your winning prize – the Southern Hemisphere Space Studies Program?
Ali Akhtar: The SHSSP offered a multidisciplinary overview of all things space covering science and exploration, applications, space flight, life sciences, technology, policy, economics, business, law and regulatory matters. With about 50 participants from 15 different countries and from various fields – scientists, engineers, doctors, business people, it was a great experience to learn about space activities from the viewpoint of multiple professions. I ended up doing things I did not imagine myself doing before such as designing and launching a rocket and bringing it back and launching a balloon into the stratosphere. The program definitely broadened my perspective about the dynamics of the new space age. On top of all this, I walked away with a bigger network and friendships that I will cherish till the end.
What advice would you give young people in the satellite industry or considering careers in it?
Ali Akhtar: Be persistent in whatever you do. You will be faced with doubt from others and from within yourself but be persistent and do not give up. If you feel you are stuck, ask for help, camaraderie, friendships, these are important to getting ahead in life. Pick up the history books or read up the stories of successful people alive today and you’ll find that there were always other people who have contributed to their success. Friends, mentors, your human network – ask for help and offer help. Evolve. Learn constantly. Learning doesn’t only mean sticking your nose in a book. It comes from everything and everyone around us. Learn, observe and constantly strive to improve yourself, your skills.
A telecommunications engineer, Ali Akhtar has been with the satellite communications industry since 2010. As a key executive of the satellite communications industry in Pakistan and Head of Commercial at Supernet, Pakistan’s largest satellite communications system integrator and service provider, Ali has a lead role in coming up with practical solutions to connect the unconnected in the country. Ali has worked closely with equipment manufacturers and satellite operators ensuring that the satellite industry in Pakistan stays abreast of and contributes to the global technological roadmap. Envisioning the potential of High Throughput Satellites, Ali made certain that the needs of Pakistani entities are met with the right technical and commercial HTS based solutions enabling them to reap the full benefits of the new age satellite communications technologies.