Chinese Hackers May have Attacked U.S. Satellites
Upcoming congressional report highlights attacks on two satellites, Bloomberg report says
By Jaikumar Vijayan
October 27, 2011 — Computerworld — Suspected Chinese hackers interfered with two U.S. satellites on four separate occasions in 2007 and 2008.
On one occasion, the attackers had enough access to take complete control of one of the satellites but chose not to doso, according to a Bloomberg Businessweek story that cites a soon-to-be published report by a congressional commission.
According to Bloomberg, a Landsat-7 earth observation satellite managed by NASA and the U.S. Geological Survey and a Terra AM-1 satellite managed by NASA were both attacked by hackers thought to be from China.
The attackers appear to have gained access to the satellites via compromised ground control systems at the Svalbard Satellite Station in Spitsbergen, Norway, Bloomberg said.
Hackers "interfered" with the Terra AM-1 satellite twice in 2008 -- once for about two minutes in June and again for nine minutes in October. The Landsat-7 system, meanwhile, experienced more than 12 minutes of interference in October 2007 and July 2008.
The October 2007 attack on the Landsat-7 satellite was discovered only when the July 2008 interference was being investigated.
"Such interference poses numerous potential threats, particularly if achieved against satellites with more sensitive functions," the draft report says, according to Bloomberg. "Access to a satellite's controls could allow an attacker to damage or destroy the satellite. An attacker could also deny or degrade as well as forge or otherwise manipulate the satellite's transmission."
The report does not directly accuse the Chinese government or its military of being behind the attacks. But it does note that the disruptions are consistent with Chinese military strategies that advocate the disabling of enemy space systems and ground-based satellite control systems, Bloomberg said.
China's stated strategy in a conflict is to "compromise, disrupt, deny, degrade, deceive or destroy" U.S. space and computer systems, the report says, according to Bloomberg.
A spokesman for the Chinese embassy in Washington is quoted as denying any involvement in the attacks and accusing the commission of collecting unsubstantiated stories for the purposes of "vilifying" China.
Though Chinese officials have denied involvement in such attacks, China has frequently been suspected of being behind cyberattacks against U.S government, military and commercial targets. Privately many security experts say that such attacks allow multiple terabytes of sensitive data and IP to be siphoned out of the country. So far, few have been able to or willing to substantiate those claims publicly.
Based on the Bloomberg story, the incidents described in the report appear similar to a scenario described earlier this year in the U.S. Air Force's Strategic Studies Quarterly.