WASHINGTON, D.C. – U.S. Senator Gary Peters (D-MI), Chairman of the Homeland Security and Governmental Affairs Committee, introduced bipartisan legislation requiring the Cybersecurity and Infrastructure Security Agency (CISA) to provide cybersecurity resources to commercial satellite owners and operators. Commercial satellites provide data and information used for navigation, agriculture, technology development, scientific research, and more. Industrial Control Systems – the technology involved in operating critical infrastructure networks like pipelines, and water and electric utilities – are also heavily reliant on commercial satellites. Peters’ legislation will help ensure these systems – which are critical to our national and economic security – are secure from online attacks.
“Hackers have already successfully attacked government satellites and it’s only a matter of time before they begin to more aggressively target commercial satellites. Vulnerabilities in these systems present an opportunity for foreign adversaries and cybercriminals to significantly disrupt American lives and livelihoods,” said Senator Peters. “It’s clear the government must provide more cybersecurity support to small businesses and other companies that own and operate commercial satellites before it’s too late. This bipartisan bill will help ensure these organizations – who often do not have enough resources – are able to protect their own networks.”
Experts have shown increasing concern that commercial satellite hacks could have dire consequences for the American people. The Department of Defense has also raised concerns about this threat and recently sponsored a competition for hackers to attempt breaching an active satellite. In 2014, American officials accused China of hacking a National Oceanic and Atmospheric Administration weather satellite. As commercial satellites become more pervasive, hackers could shut satellites down, denying access to their service or jam signals to disrupt electric grids, water networks, transportation systems, and other critical infrastructure. Peters’ legislation will ensure the United States is prepared to address these threats as hackers increasingly target commercial satellite systems.
The Satellite Cybersecurity Act will require CISA to develop voluntary satellite cybersecurity recommendations to help companies understand how to best secure their systems. Some of these resources will be specific to small businesses who own and operate commercial satellite systems. Additionally, the bill requires CISA to develop a publicly available, online resource to ensure companies can easily access satellite-specific cybersecurity resources and recommendations to secure their networks. The legislation will also require the Government Accountability Office to perform a study on how the federal government supports commercial satellite industry cybersecurity. It will also ensure a better understanding of how network vulnerabilities in commercial satellites could impact critical infrastructure.
As Chairman of the Homeland Security and Governmental Affairs Committee, Peters has led efforts to increase our nation’s cybersecurity defenses. His bill to enhance cybersecurity assistance to K-12 educational institutions across the country was signed into law. Peters secured several provisions in the bipartisan infrastructure law to bolster cybersecurity – including $1 billion to help state, local, tribal, and territorial governments deter attacks from malicious cyber actors and modernize systems to protect sensitive data, information, and public critical infrastructure. Peters’ bills to bolster federal cybersecurity and require critical infrastructure owners and operators to report to CISA if they experience a cyber-attack, and other organizations to notify the federal government if they make a ransom payment have advanced in the Senate.
###