Within recent months current and former Intelligence Community leaders have testified to Congress and reported to the public the increased threat to data integrity from adversarial data manipulation. Consequently to meet the standards of security and data integrity sought by the DoD, commercial telecom and SATCOM providers will have to improve their defenses against emerging and evolving cyber threats.
Cyber threats against command and data files used in a variety telecommunications architectures have achieved a high level of sophistication, exemplified by advanced persistent threats (APTs) that conduct long-term, covert adversarial activities on target systems and hide themselves well. Such attackers may enter a system, manipulate data or computer instruction sets then cover their tracks, for example, by removing evidence from system event and log files, tampering with security policies, altering white listed file signatures and altering network configurations – resources that should be mostly invariant whether they are employed in a locked-down ground station configuration or on an aerospace vehicle in flight or on orbit.
The newly formed Guardtime Federal LLC is offering access to technology and infrastructure that will enable architecture opportunities that include employment of the immutable properties of blockchain technology to continuously monitor the states of program and data loads that should remain invariant during execution. The application of these technologies offers configuration verification of immutable signatures of key programs, files and event logs enabled by very low band communication to a repository of root and calendar hash values used to verify the authenticity of employed file and system level signatures.
While this use of blockchain technology for security applications was originally designed for monitoring transaction of private records at national and internet scale, these same approaches can be used to verify authenticity of configurations and executable files transmitted between ground stations and UAS or SATCOM systems. Employing these techniques while instruction sets are executing, the continuous monitoring of memory loads, event logs and security policies denies this attack space for APTs. Further, files used in white listing techniques can also be verified as authentic to further remove this attack vector from the menu of approaches available to an APT.
Such implementations included in SATCOM architecture could be used to verify uploaded files in situ to verify that they have not been subject to APT alternation prior to execution and continuously monitored while executing. Guardtime Federal LLC looks forward to the opportunity to integrate these offerings to enhance security for government operations.
Innovative Approaches for Enhanced SATCOM Security
Reuters recently reported that the Pentagon is stepping up demand for commercial services as the U.S. Defense Department (DoD) seeks to cut costs and shore up security of military and spy satellites against attacks by China and other potential foes.