Satellite communications are an integral part of many industrial control systems across many sectors, but their usage specifically in critical infrastructure continues to be misunderstood by the industry. While there has been multiple investigations into vulnerabilities and exploitation vectors of satellite systems, less attention has been given to threat vectors and how they actually impact the environments that rely on them - much buzz was generated by the Viasat outages in February and their effect on European wind turbines, but not on how much the service disruption actually impacted these systems. Furthermore, a lot of guidance into securing satellite communication systems focuses heavily on military applications, which can have different architectures and needs than those deployed in critical infrastructure networks. Drawing on lessons learned from recent incident responses involving satellite companies and systems, this talk will cover the basics of how different sectors rely on satellite communications, trust relationships of the satellite provider ecosystem that could be potentially abused by threat actors, how various attack methods could actually impact infrastructure processes, and potential detection methods of abuse.
