Critical Infrastructure Protection:

Commercial Satellite Security Should Be More Fully Addressed

GAO-02-781: Published: Aug 30, 2002. Publicly Released: Oct 3, 2002.

Additional Materials:

Contact:

David A. Powner
(202) 512-3317
contact@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

Government and private-sector entities rely on satellites for services such as communication, navigation, remote sensing, imaging, and weather and meteorological support. Disruption of satellite services, whether intentional or not, can have a major adverse economic impact. Techniques to protect satellite systems from unauthorized use and disruption include the use of robust hardware on satellites, physical security and logical access controls at ground stations, and encryption of the signals for tracking and controlling the satellite and of the data being sent to and from satellites. When using commercial satellites, federal agencies reduce risks by securing the data links and ground stations that send and receive data. However, federal agencies do not control the security of the tracking and control links, satellites, or tracking and control ground stations, which are typically the responsibility of the satellite service provider. It is important to the nation's economy and security to protect against attacks on its computer-dependent critical infrastructures (such as telecommunications, energy, and transportation), many of which are privately owned. In light of the nation's growing reliance on commercial satellites to meet military, civil, and private sector requirements, omitting satellites from the nation's approach to protecting critical infrastructure leaves an important aspect of our nation's infrastructures without focused attention.

Recommendations for Executive Action

  1. Status: Closed - Implemented

    Comments: In February 2002, the President released the National Strategy to Secure Cyberspace, which included satellites within the information and telecommunications infrastructure. Further, in November 2002, the President signed the Homeland Security Act of 2002 (P.L. 107-296), which also included satellites within the information technology and telecommunications critical infrastructure.

    Recommendation: Considering the importance of satellites to the national economy, the government's growing reliance on them, and the threats that face them, the Assistant to the President for National Security Affairs, the Assistant to the President for Homeland Security, and the Special Advisor to the President for Cyberspace Security should consider recognizing the satellite industry as either a new infrastructure or part of an existing infrastructure.

    Agency Affected: Executive Office of the President: Office of Management and Budget

  2. Status: Closed - Implemented

    Comments: In February 2002, the President released the National Strategy to Secure Cyberspace, which included satellites within the information and telecommunications infrastructure. Further, in November 2002, the President signed the Homeland Security Act of 2002 (P.L. 107-296), which also included satellites within the information technology and telecommunications critical infrastructure.

    Recommendation: Considering the importance of satellites to the national economy, the government's growing reliance on them, and the threats that face them, the Assistant to the President for National Security Affairs, the Assistant to the President for Homeland Security, and the Special Advisor to the President for Cyberspace Security should consider recognizing the satellite industry as either a new infrastructure or part of an existing infrastructure.

    Agency Affected: Executive Office of the President: Office of the Assistant to the President for National Security Affairs

  3. Status: Closed - Implemented

    Comments: OMB's release of Memorandum M-04-15, "Development of Homeland Security Presidential Directive (HSPD)--7 Critical Infrastructure Protection Plans to Protect Federal Critical Infrastructure and Key Resources" provides guidance for coordination with the private sector and in particular, collaboration on use of commercial satellites. Furthermore, OMB's Memorandum M-05-16, "Regulation on Maintaining Telecommunication Services During a Crisis or Emergency in Federally-owned Buildings" sets forth general requirements to initiate a review of telecommunication capabilities in the context of planning for contingencies and continuity of operations (COOP) situations. Further action taken by the President's National Security Telecommunications Advisory Committee included the formation of the Satellite Task Force, comprised of federal agency and industry officials, which in February 2004 studied the sensitivity of commercial SATCOM satellites to vulnerabilities and made recommendations on ways to improve infrastructure protection for commercial satellites.

    Recommendation: In pursuing the draft policy submitted to the Office of Management and Budget (OMB) for completion and the recommended review of U.S. space policies, the Director of OMB and the Assistant to the President for National Security Affairs should review the scope and enforcement of existing security-related space policy and promote the appropriate revisions of existing policies and the development of new policies to ensure that federal agencies appropriately address the concerns involved with the use of commercial satellites, including the sensitivity of information, security techniques, and enforcement mechanisms.

    Agency Affected: Executive Office of the President: Office of the Assistant to the President for Cyberspace Security

  4. Status: Closed - Implemented

    Comments: OMB's release of Memorandum M-04-15, "Development of Homeland Security Presidential Directive (HSPD)--7 Critical Infrastructure Protection Plans to Protect Federal Critical Infrastructure and Key Resources" provides guidance for coordination with the private sector and in particular, collaboration on use of commercial satellites. Furthermore, OMB's Memorandum M-05-16, "Regulation on Maintaining Telecommunication Services During a Crisis or Emergency in Federally-owned Buildings" sets forth general requirements to initiate a review of telecommunication capabilities in the context of planning for contingencies and continuity of operations (COOP) situations. Further action taken by the President's National Security Telecommunications Advisory Committee included the formation of the Satellite Task Force, comprised of federal agency and industry officials, which in February 2004 studied the sensitivity of commercial SATCOM satellites to vulnerabilities and made recommendations on ways to improve infrastructure protection for commercial satellites.

    Recommendation: In pursuing the draft policy submitted to the Office of Management and Budget (OMB) for completion and the recommended review of U.S. space policies, the Director of OMB and the Assistant to the President for National Security Affairs should review the scope and enforcement of existing security-related space policy and promote the appropriate revisions of existing policies and the development of new policies to ensure that federal agencies appropriately address the concerns involved with the use of commercial satellites, including the sensitivity of information, security techniques, and enforcement mechanisms.

    Agency Affected: Executive Office of the President: Office of Management and Budget

  5. Status: Closed - Implemented

    Comments: In February 2002, the President released the National Strategy to Secure Cyberspace, which included satellites within the information and telecommunications infrastructure. Further, in November 2002, the President signed the Homeland Security Act of 2002 (P.L. 107-296) that also included satellites within the information technology and telecommunications critical infrastructure.

    Recommendation: Considering the importance of satellites to the national economy, the government's growing reliance on them, and the threats that face them, the Assistant to the President for National Security Affairs, the Assistant to the President for Homeland Security, and the Special Advisor to the President for Cyberspace Security should consider recognizing the satellite industry as either a new infrastructure or part of an existing infrastructure.

    Agency Affected: Executive Office of the President: Office of the Assistant to the President for National Security Affairs

 

Explore the full database of GAO's Open Recommendations »

Sep 30, 2014

Sep 24, 2014

Sep 18, 2014

Sep 17, 2014

Sep 10, 2014

Sep 9, 2014

Sep 8, 2014

Jul 31, 2014

Looking for more? Browse all our products here