wolfSSL was at Satellite again this year to engage in a key conversation in the Satellite community: ensuring that satellite devices are as secure as possible. In a world where attackers are more motivated and more sophisticated, the core cybersecurity technologies that wolfSSL provides can give users the assurance that they’re device won’t get bricked, hacker parlance for a useless device, which just happened last month.
The story goes like this: American company providing high-speed satellite internet coverage in Europe was the target of a cyberattack on the morning of February 24. The attack caused an outage of services in Ukraine, and other European countries, including Germany. Commander General Michel Friedling confirmed that this indeed was a cyberattack that had originally targeted KA-SAT SATCOM terminals in Ukraine. It is suspected that the attack targeted the ground stations by being able to exploit a misconfiguration of a management section of the satellite network to gain access and subsequently ‘brick’ the receivers by either mangling or replacing their firmware. This is an example of an attack that could have been mitigated by wolfBoot secure boot and FIPS 140-2 cryptography.
The above referenced company is not the only satellite internet provider being targeted. Starlink activated their service in the Ukraine and has already faced multiple malicious attempts to disrupt the service which prompted this tweet from Elon Musk:
“Important warning: Starlink is the only non-Russian communications system still working in some parts of Ukraine, so probability of being targeted is high. Please use with caution.”
Cybersecurity experts warn of a spillover effect in which these repeated attacks stemming from the Ukraine and Russia conflict could impact global infrastructure. Although the details of the recent attacks are still under investigation, it is in your best interest to consider how wolfSSL fortifies cybersecurity efforts. Our TLS, secure boot and cryptography libraries are used by every branch of the US military, which means we are deployed in everything from tanks and missile systems to satellites and aircraft.
wolfBoot, our secure bootloader, secures satellites by ensuring that any firmware update is signed and verified by our wolfCrypt FIPS 140-3 cryptography library. We also support TLS 1.3 or SSH for secure delivery of the updated firmware, should you be concerned about the security of your network connection and potentially subject to man in the middle attacks. wolfSSL can run ‘over the top’ of the various satellite communications standards.
Help us to help you keep your device from becoming a “Billion Dollar Brick” and contact us to hear more about our wolfSSL library, the wolfCrypt encryption engine, wolfBoot Secure Bootloader, wolfSSL Support for DO-178C DAL A, or to simply meet the wolfSSL team.
Connect with wolfSSL on LinkedIn: https://www.linkedin.com/company/wolfssl/
Email us at firstname.lastname@example.org