WASHINGTON, D.C. – Bipartisan legislation authored by U.S. Senator Gary Peters (MI) to require the Cybersecurity and Infrastructure Security Agency (CISA) to provide voluntary cybersecurity resources to commercial satellite owners and operators has advanced in the Senate. Commercial satellites provide data and information used for navigation, agriculture, technology development, scientific research, and more. Industrial Control Systems – the technology involved in operating critical infrastructure networks like pipelines, and water and electric utilities – are also heavily reliant on commercial satellites. Peters’ legislation will help ensure these systems – which are critical to our national and economic security – are secure from online attacks. The Senate Homeland Security and Governmental Affairs Committee, where Peters serves as Chair, approved the legislation following recent reports that the Russian government was behind a cyber-attack on an American-based satellite company, which provides broadband services to Europe, in order to disrupt Ukrainian military communications at start of the invasion.
“Foreign adversaries, including the Russian government, and cybercriminals continue to target satellites that provide essential services. If they are able to successfully breach these networks, the consequences for the American people could be catastrophic,” said Senator Peters. “This bipartisan bill will help ensure small businesses and other organizations that own and operate commercial satellites have the necessary resources and information to secure their own networks.”
Experts have shown increasing concern that commercial satellite hacks could have dire economic and security consequence. The Department of Defense has also raised concerns about this threat and recently sponsored a competition for white hat hackers to attempt breaching an active satellite. In 2014, American officials accused the Chinese government of hacking a National Oceanic and Atmospheric Administration weather satellite. As commercial satellites become more pervasive, hackers could shut satellites down, denying access to their service or jam signals to disrupt electric grids, water networks, transportation systems, and other critical infrastructure. Peters’ legislation will ensure the United States is prepared to address these threats as malicious hackers increasingly target commercial satellite systems.
The Satellite Cybersecurity Act will require CISA to consolidate voluntary satellite cybersecurity recommendations to help companies understand how to best secure their systems. Some of these resources will be specific to small businesses who own and operate commercial satellite systems. Additionally, the bill requires CISA to develop a publicly available, online resource to ensure companies can easily access satellite-specific cybersecurity resources and recommendations to secure their networks. The legislation will also require the Government Accountability Office to perform a study on how the federal government supports commercial satellite industry cybersecurity. It will ensure a better understanding of how network vulnerabilities in commercial satellites could impact critical infrastructure.
As Chairman of the Homeland Security and Governmental Affairs Committee, Peters has led efforts to increase our nation’s cybersecurity defenses. His landmark bill to require critical infrastructure owners and operators to report to CISA if they experience a substantial cyber-attack or if they make a ransomware payment was signed into law as a part of the recent government funding legislation. Peters’ bill to enhance cybersecurity assistance to K-12 educational institutions across the country was also signed into law. Additionally, Senator Peters secured several provisions in the bipartisan infrastructure law to bolster cybersecurity – including $100 million fund to help victims of a serious attack recover quickly.
###