Satellite communications are the “number one threat vector” for cyber hackers in the world at the moment and it’s a space where the sector is also lacking in providers of cyber security solutions, Dave DeWalt, one of the cyber security industry’s leaders, said on Thursday.
DeWalt, who was chairman and CEO of FireEye [FEYE] from 2012 until 2016 and remained executive chairman until early 2017, said during his time with the company “I’m watching the major satellite providers essentially all getting attacked and breached and serious exfiltration of their intellectual property by nation states.”
The nation-states hacking the satellite providers were looking for things like how do their communications protocols work, how do they configure their constellations, and what are their vulnerabilities, DeWalt said at the CyberSat18 conference hosted by the satellite magazine Via Satellite.
The nation-states weren’t conducting actual attacks so much as doing research, DeWalt said.
DeWalt also at different times led the cyber security firm McAfee and Documentum, a document management platform now owned by Canada's OpenText Corp. [OTEX]. He is now chairman and CEO of NightDragon Security, which provides funding and investment advice to startups in the cyber security space.
Following the breaches, when incident response began, DeWalt said the unusual discovery was that the data wasn’t being extracted through traditional servers connected via fiber optic links but rather through radio frequency (RF)-based communication.
“We weren’t able to see the exfiltration so suddenly we’re realizing there’s a whole other communication model for exfiltration,” DeWalt said. “Pretty scary.”
DeWalt said one of his investment interests now is in finding ways to build “cyber domes,” basically “firewalls for RF frequency defense around buildings” and “mission critical facilities.”
Eventually, “you realize” that the, data being stolen is “talking” to networks owned by government and corporate entities in Russia and China, DeWalt said.
The “RF world” is full of the “wild, wild west” currently, he said, warning that he can “hardly find any” cyber vendors trying to solve this problem.
“So, I get very worried when I think about this challenge and frankly it’s capitalist too, I look for, what companies can we invest in, what companies can we scale, how do we go about slowing this problem, and there’s a couple interesting technologies emerging, but having said that, not widely deployed,” DeWalt said. There’s also a lack of venture capital being put behind companies and technologies here “where a major offensive and defensive gap exists. And I worry, time is not our friend right now.”
Grant Schneider, the federal chief information security officer and senior director for Cyber Security Policy on the White House National Security Council, said in an opening keynote at the conference that the Trump administration’s new National Cybersecurity Strategy discusses space and, as an extension, satellite systems. He pointed to the growing dependency on land, sea and air on satellite systems, particularly for navigation, not only in terms for how much easier they make every day activities but also their importance to future capabilities like self-driving cars.
He said, “when we look at our space systems, when we look at our satellite systems, they need to be able to endure for years and decades. We’re not going to be able to send someone to the satellite very often to operate it.” This means resiliency needs to be built in.
Schneider said that based on his experience in this “community,” the further you get from people actually working on cyber technologies, they are “less focused on cyber security. And getting the nation more focused on cyber security is really important.”
In addition to the satellite domain, DeWalt said there are seven additional sectors where there are major offensive and defensive cyber security gaps. These include industrial segments such as operational technology, crypto currency markets, and social networks in terms of privacy and security.
DeWalt also warned of threats from small drones, which can be equipped with explosive packages to bomb targets and people.