Military secure satellite communications capacity is evolving rapidly
The capacity and capabilities of military satellite communications systems are evolving, but so are the multifaceted security challenges they now face.
The secure satellite communications (SATCOM) equipment used by the U.S. military is currently undergoing impressive capacity and performance advances; at the same time, it faces increasing security threats on several fronts.
In 2014, researchers at security firm IOActive in Seattle, Washington, identified serious design flaws and vulnerabilities within the firmware of popular SATCOM devices that could allow remote attackers to intercept, manipulate, block, and even take full control of critical communications systems on terminals used on the ground, in the air (except in space), and at sea. [The products involved in IOActive’s study were manufactured or marketed by Harris, Hughes Network Systems, Cobham, Thuraya Telecommunications, Japan Radio Company, and Iridium Communications.]
“Fortunately, some of the SATCOM devices and related infrastructures are now more secure than two years ago,” says Ruben Santamarta, principal security consultant for IOActive. “There’s been a significant push from companies to introduce security into the common life cycles of products. We recommend taking security seriously – by deploying a security development life cycle from the very beginning.”
How are SATCOM terminals being attacked? “They can be compromised in different ways, closely related to the threat scenario,” Santamarta says. “Physical attacks, which involve taking the terminal apart and installing a new hardware module or a malicious firmware, are the most difficult to prevent. This type of attack, however, also requires significant resources and even human intelligence. Remote attacks are feasible, but should always be analyzed on a case-by-case basis. And some systems end up exposed to the Internet due to improper configurations. The problem is that a single compromised device may serve as the entry point for a wider attack that affects other assets.”
One of the biggest problems is that “encryption use isn’t as common as it should be,” according to Santamarta. “SATCOM services are expensive and data charges are a major drawback when introducing secure communications.”
Broadband services and technology company ViaSat in Carlsbad, California, confirms that hacking attempts are indeed a significant concern. “Encryption is necessary, but even that isn’t sufficient to defend against the denial-of-service (DoS) threats we’re seeing,” says Jerry Goodwin, chief operating officer of ViaSat Inc.’s Government Systems Division. “Most networks are being attacked at the system level – hackers are finding weaknesses within systems that allow them to maneuver around encryption. Traditional IT approaches don’t address the real-time nature of these attacks.”
The biggest threat ViaSat is experiencing comes in the form of DoS attacks. “In terms of the layers of security involved, users usually encrypt their data end-to-end … and they decide how to do it. Governments, for example, have their own encryption solutions,” Goodwin explains. “And we provide security in the transmission system and have protection in place to deal with DoS attacks in our infrastructure.”
ViaSat’s security approach involves traditional best IT practices, firewalls, intrusion-detection systems, and analytics – known as “defense in depth,” with layered security. “But we’re trying to figure out a more real-time and comprehensive solution,” Goodwin says.
This situation is particularly difficult when facing down a multifaceted challenge. “If someone is trying to steal your data it’s encryption’s job to protect it,” Goodwin points out. “When someone’s trying to prevent you from transmitting, it might be because they’re trying impact your ability to serve your customers by jamming the satellite. Part of our response is designing satellite networks to be resistant to jamming and to respond automatically to threats.”
On the ViaSat-1 satellite, significant effort went into developing an automated DoS threat response. “Every day, our service networks see bot-based DoS attacks. These attacks are constantly directed toward the infrastructure, which we can visualize on our threat-mitigation screens,” Goodwin says. “You can actually see the traffic rising up and attacking one of the nodes.”
To counter this type of attack, ViaSat designed a system on the edges of the network to look at the threat, recognize it, and start dumping those bits into what it calls a “bitbucket” so the network doesn’t try to deliver them. “We have arrangements with our ground infrastructure partners to do some of this automatically. That’s an example of what we’re trying to do, not just with that type of threat, but all threats. It’s a whole-network systems approach,” Goodwin notes.
ViaSat’s next-gen satellite’s security infrastructure will feature “distributed cybersensors, visualization techniques, and greater automation of attack response,” Goodwin says. “Many things are occurring at machine time, and people can’t respond quickly enough to the threats. So there’s a lot of research going on to figure out better ways to handle it.”
As IOActive’s Santamarta sums it up: “In terms of military strategy, you always need to take into account capabilities, not intentions, because these can change overnight. So it seems reasonable to assume critical military communications, including SATCOM, are now and will continue to be a valuable target in the future.”
AEHF designed for resiliency
Potential security threats are among the reasons that the engineers working on Lockheed Martin’s Advanced Extremely High-Frequency (AEHF) satellite communications designed it to be one of the world’s most resilient satellite communications systems. AEHF serves not only the U.S., but also partner nations Canada, the Netherlands, and the United Kingdom.
“AEHF provides a necessary assured-communications link for national leaders and military commanders transmitting sensitive information in contested areas,” says Iris Bombelyn, vice president of Lockheed Martin’s Protected Communications mission area in Bethesda, Maryland. (Figure 1.)
What makes AEHF so resilient? It’s made up of nuclear-hardened communications satellites designed to stave off high-tech jammers, eavesdropping, and cyberattacks. “Onboard signal processing and satellite-to-satellite crosslinks insulate communications from vulnerability by eliminating the need for ground-relay stations,” Bombelyn explains. “We also use an extremely wide bandwidth to transmit the signal and antennas that can pinpoint and eliminate jammers. All of these features and capabilities combine to protect against, deflect, and overpower threats.”
While there are many secure satellite communications systems serving both the civil and military sectors, AEHF “is the only current system protected against the full spectrum of threats,” she points out.
As the worldwide need for data increases, communications satellites must be capable of providing the requested bandwidth when and where needed. With this in mind, “AEHF was designed to significantly increase capacity for the U.S. government,” Bombelyn notes. “Compared to its predecessor Milstar, a single AEHF satellite has a greater total capacity than the entire Milstar constellation.”
AEHF satellites provide expansive global coverage to enable data-transfer capabilities that promote increased flexibility during worldwide military operations. “AEHF offers faster connections up to 8.2 Mbps, as much as five times faster than the legacy constellation,” she adds.
With these speeds, AEHF “rapidly transmits tactical military communications, such as real-time video, battlefield maps, and targeting data,” Bombelyn says. “Lockheed Martin is also exploring capabilities that will be required for the satellites of tomorrow, and has developed concepts that provide users with even more bandwidth and flexibility to support their missions.”
Capacity advances on the way
Lockheed Martin isn’t alone in making capacity advances: Also increasing capacity significantly is ViaSat.
“For decades, the industry has focused on how to eke the last bit of efficiency out of the modem side of the link. The problem is that modems are operating at near-theoretical performance, and it isn’t going to get much better,” ViaSat’s Goodwin says.
ViaSat contends that the problem is in space, not on the ground. “It’s how the satellite is organized and designed,” Goodwin continues. “Today, we can put more than 700,000 customers on a single satellite. And with ViaSat-2, which will launch in 2017, we’ll double the capacity from ViaSat-1. When the ViaSat-3 constellation launches in 2019, it’ll offer 1 Tbps per satellite and will deliver 100 Mbps to each user.” (Figure 2.)
Can ViaSat make the data go faster? “Yes – we could make it 200 Mbps, but 100 Mbps seems like the right rate for that time frame. A conventional satellite does 2 Gbps per satellite, so ViaSat-3 will be 500 times that amount and will give us more flexibility in the service plans we offer,” Goodwin says.
Costs, as always, a factor
Satellite communications traditionally have been dominated by the cost of the capacity, even more than the cost of equipment on the ground. “In a commercial market, the cost of capacity is directly related to how much it took to put that capacity into space, as well as supply and demand,” Goodwin says. “Capacity costs completely dominate over equipment costs for the life span of the equipment.”
To this end, ViaSat is changing the space side of the equation because “it provides more benefit to customers,” he adds. “We’re building satellites focused on capacity for communicating large amounts of data. We’re also breaking with tradition by designing satellites to support two-way communication.”
On Lockheed Martin’s end of things, although the U.S. government is currently studying military communication architectures beyond the planned AEHF 5 and 6, it is “already working to develop low-cost, follow-on options that leverage economies of scale by using standardized components from commercial satellite contracts,” Bombelyn notes.
Use of commercial off-the-shelf (COTS) products in AEHF must first be evaluated to determine whether they’re robust enough for the environments Lockheed Martin intends to use them in, according to Bombelyn. “Our mission requires that we are the communications channel that stands when all others fail,” she points out.
Another challenge looming on the horizon comes in the form of quantum computing, which may arrive years earlier than expected and head directly to space.
China has announced its intention to launch a quantum space satellite (known as QUESS) in July 2016. The satellite will be operated by China’s Academy of Sciences, which claims QUESS “may provide the path to an uncrackable communications system by turning messages quantum and taking them into space.”
Does the U.S. have its own quantum goals for securing its military satellite communications? If so, they’re keeping it a secret.
“Although I can’t specifically discuss quantum communications, safeguarding and preserving our satellites and their missions is of the utmost importance, and continued advancement in protective technologies by the entire industry must remain a top priority,” says Lockheed Martin’s Bombelyn.
The biggest challenge Bombelyn sees ahead for military communications is providing systems that are capable of handling a variety of threats from adversaries at an affordable price point. “Solving this problem will require combining design solutions from our commercial satellite systems, common satellite components, and new technologies,” she says. “Space has typically been a cooperative environment, with spacefaring entities working together for the greater good. With new entrants to this arena, the future is unclear.”