U.S. Satellites Hacked

Monday, November 21, 2011 @ 02:11 PM gHale


On at least two occasions, hackers have taken over U.S. satellites and targeted their command-and-control (C&C) systems, said a report by the U.S.-China Economic and Security Review Commission.

The incidents involved two Earth observation satellites. While it may be difficult to trace who hacked the satellites, U.S. officials acknowledged the incidents had to come from a nation power.

RELATED STORIES
Rootkit, Trojan Unite
Busted: Ghost Click Nets Six
Malware Thrives, Remains Undetected
Smart Grid Security Framework Update

U.S. officials cannot clearly trace the incidents to China, but the report released by the congressionally mandated commission noted Chinese military writings made reference to attacks on ground-based space communications facilities.

“Chinese military writings advocate attacks on space-to ground communications links and ground-based satellite control facilities in the event of a conflict. Such facilities may be vulnerable,” the report said. “In recent years, two U.S. government satellites have experienced interference apparently consistent with the cyber exploitation of their control facility.”

The report noted some of the malicious cyber activity involved NASA’s Terra EOS satellite targeted in June 2008 and again in October 2008. The June incident resulted in satellite interfered with for two minutes and the October incident lasted at least nine minutes.

The report noted in both instances, “The responsible party achieved all steps required to command the satellite but did not issue commands.”

NASA confirmed in a separate statement: “NASA experienced two suspicious events with the Terra spacecraft in the summer and fall of 2008. We can confirm that there was no manipulation of data, no commands were successfully sent to the satellite, and no data was captured. NASA notified the Department of Defense, which is responsible for investigating any attempted interference with satellite operations.”

The report noted the Landsat-7 satellite operated by the U.S. Geological Survey experienced similar interference and events in 2007 and 2008 but added the entity behind that incident did not achieve the ability to control the satellite.

The report mentions the serious implications the intrusions could have on the satellite systems, particularly if someone directed them against more sensitive systems such as military or communications satellites.

“If executed successfully, such interference has the potential to pose numerous threats, particularly if achieved against satellites with more sensitive functions. For example, access to a satellite’s controls could allow an attacker to damage or destroy the satellite,” the report read.

“The attacker could also deny or degrade as well as forge or otherwise manipulate the satellite’s transmission,” the report added. “A high level of access could reveal the satellite’s capabilities or information, such as imagery, gained through its sensors. Opportunities may also exist to reconnoiter or compromise other terrestrial or space based networks used by the satellite.”



Leave a Reply

You must be logged in to post a comment.