Information Assurance: The U.S. Military’s Growing Need for What Commercial SATCOM Providers Offer

information assurance

Satellite Operations Center in Tysons Corner, Virginia

When the U.S. military began using satellite communications many decades ago, space was a sanctuary. That’s no longer the case today. New potential adversaries and a proliferation of non-kinetic techniques have increased the risks to satellite communications even as the military’s reliance on this technology grows. Meanwhile, the commercial industry’s efforts to improve SATCOM resiliency illustrates the discrepancy between military and commercial satellites.

Todd Harrison, director of the aerospace security project and defense budget analysis at the Center for Strategic and International Studies, noted in an interview with Via Satellite that the United States military is operating outdated satellites that are mostly undefended and unprotected, originally built with the mindset that space was a sanctuary. “That’s not true anymore,” Harrison said in the article. Such a situation leaves the U.S. military vulnerable at a time when it relies heavily upon satellites for everything from basic communications to GPS to precision-guided weapons.

Non-kinetic weapons like jammers are inexpensive and easy to use, making them widely accessible. And there have even been cited examples of insurgents using jammers to interfere with U.S. satellite communications in Iraq and Syria. “This is coming from a ragtag group of insurgents that aren’t technologically sophisticated, don’t have deep pockets, and don’t have training or technical expertise,” Harrison said.

Meanwhile, the integration of terrestrial and satellite networks “…is massively increasing the security landscape,” Vinit Duggal, Intelsat director and chief information security officer, told SpaceNews.com. “It’s not so much the threat actors that have changed, but (that) they are getting a larger playground to play in.”

The most effective and cost efficient way for the U.S. government to mitigate threats like these is to address security early on in the engineering cycle— or to turn to a commercial SATCOM provider like Intelsat General. According to Duggal, Intelsat spends about five percent of its technology budget on information security. “If you address security upfront and make it part of your engineering cycle, it reduces the cost dramatically,” he told Space News during Satellite 2017.

For example, Intelsat EpicNG is engineered to allow for a more protected level of commercial SATCOM. Low-probability of intercept (LPI) and jamming-resilience greatly enhance anti-jamming capabilities on EpicNG satellites, even to non-hopping modems. They are also engineered to allow customers to change power levels, and Intelsat is looking at the possibility of adding beam shaping to future satellites.

“(With beam shaping), you can change the shape of the beam whenever you want to from the ground,” Mark Daniels, Intelsat General Corp.’s vice president for new technologies and services, said during Satellite 2017. “You would be able to start with a beam shaped for a particular region but if demand changes or there are problems with jamming, you can reconfigure the beam to increase the coverage area or notch out an area to avoid jamming.”

Intelsat EpicNG also features interference-mitigation capabilities like on-board power monitoring and notch filtering of interferers/unauthorized users as well as monitoring, re-routing, geo-location, and identification of interferers.

A defense-in-depth approach to security ensures that Intelsat General’s customers receive the highest quality-of-service. The company meets DoD-mandated security requirements for information assurance by assessing its own infrastructure and third-party networks against the most stringent DoD Instruction 8500.01 and NIST Risk Management Framework (RMF) cyber security recommendations and controls. A comprehensive Information Assurance assessment and remediation program includes annual penetration assessments, organization-wide control assessments, and third-party SOC3 audits of both satellite and terrestrial environments.

Intelsat even pays to have its customers’ VSAT equipment assessed by third-party security firms. “We pay for that ourselves,” Duggal told Space News. “There is an automatic, default expectati0n that security is built into VSAT platforms. It’s not. When we go to market as an industry there are a lot of moving parts.”

By retaining complete control of both the space and terrestrial components of the global Intelsat network, IGC can better detect, prevent, and mitigate cyber threats.

Space is no longer the sanctuary it once was, and the U.S. military cannot afford to take a reactive approach to information security—nor does it have to. The commercial satellite industry offers the protected SATCOM that the military needs today.