Hurricane Sandy earned its place in history as the second-costliest hurricane in United States history, causing more than $60 billion in damages across the Northeast—second only to Hurricane Katrina. “Superstorm Sandy” affected a total of 24 US states, killing 160 people, destroying homes, leaving millions without power and disrupting telecommunications services.
A full week into the storm, there were areas still suffering through a total blackout, with communities reverting to printed paper and bullhorns to share what little information they possessed.
A major lesson learned was the need to better factor communications into emergency preparedness, both in terms of network restoration protocol as well as the use of multiple contact paths to decrease reliance on any one device when outages occur.
While restoring communications in haste is a core component of any disaster or catastrophe recovery plan, network security must also be woven into network restoration. In fact, security should be embedded into the very architecture of the new network.
Cyber security is largely missing from the post-Sandy commentary—this is an unfortunate commonality with many recent US and global disaster response efforts over the past decade. We might never know what threats these hastily deployed networks are vulnerable to until they are exploited.
As an industry, satellite communications companies can no longer afford to leave network security as an afterthought.
“Just give me the Internet. I don’t care what it takes!”
The above sentence can be attributed to many of the victims, first responders and their on-scene commanders. Restoring communications for, and among, first responders is an essential requirement for successful recovery. On-site responders are often asked to become their best version of MacGyver in order to secure bandwidth… and lots of it, immediately.
More often than not, those who have deployed, operated and maintained fly-away terminals, and those who have enabled temporary networks, did so as fast as is humanly possible—providing unbridled and unmonitored bandwidth to anyone who needed it.
If you have ever deployed a network in-haste, you know how difficult it is. If you have ever deployed a network in haste and connected it to another network that was also deployed in-haste—and you then managed to get them to work together—then you know this feat is just shy of a bona fide miracle.
However, in today’s global threat climate, it’s about more than speed and bandwidth.
Fast... And Secure.
Under the effect of the “fog of war,” even the most seasoned network architect would celebrate connecting major backbones to remote networks, restoring communication to impacted areas, and enabling first responders and recovery crews to do their job; saving lives and property in the process.
Unfortunately, there are those who will take advantage of the vulnerability of disaster recovery as an opportunity to break into a network, waiting for systems administrators (SYSADS) and network operations centers (NOCs) to lower their guard in order to sneak malware or back-doors into networks and applications.
While a primary focus when restoring communications in an emergency is speed, network security should be a close second. Today, governments, NGOs, and relevant organizations need to be cognizant of the ever-evolving cyber threat landscape, taking such into close consideration when developing and implementing emergency communications networks.
No one knows when the next disaster will strike—another disaster is always on the horizon. Rather than reaching out to the first solutions provider or integrator who can land a fly-away kit in the middle of a disaster recovery area, those in charge should consider:
• What real-world experience does the provider have in complex network architectures?
• Do they have experience in IA or cyber security?
• Are their personnel and operators trustworthy?
SATCOM capabilities have advanced in terms of what’s possible in haste under the most dangerous of circumstances; however, there are still few technology providers that bridge across complex network restoration and cyber security expertise.
The industry can no longer afford to think of cyber security as an add-on when building or restoring networks, regardless of the haste required. In the same way that flyaway kits have asserted themselves as a standard protocol, today security is an essential component that must be engineered into the technology and systems that are used and brought to the forefront of emergency preparedness planning.
The mix and interplay of fast, reliable and secure network development and their implementation is the future standard of the SATCOM industry… and that future is now.