Small Wars Journal

China suspected in cyber attacks on U.S. satellites

This year’s annual report of the U.S.-China Economic and Security Review Commission, due out next month, will report that computer hackers, possibly from the Chinese military, gained electronic access to two U.S. government satellites in 2007 and 2008. Here is an excerpt from the Bloomberg story:

“Such interference poses numerous potential threats, particularly if achieved against satellites with more sensitive functions,” according to the draft. “Access to a satellite‘s controls could allow an attacker to damage or destroy the satellite. An attacker could also deny or degrade as well as forge or otherwise manipulate the satellite’s transmission.”

A Landsat-7 earth observation satellite system experienced 12 or more minutes of interference in October 2007 and July 2008, according to the report.

Hackers interfered with a Terra AM-1 earth observation satellite twice, for two minutes in June 2008 and nine minutes in October that year, the draft says, citing a closed-door U.S. Air Force briefing.

The draft report doesn’t elaborate on the nature of the hackers’ interference with the satellites.

The hackers achieved access through a commercially-operated ground station in Norway. A spokesman for the Chinese embassy in Washington denied involvement by his government.

U.S. reliance on space-based assets has long been seen as a vulnerability during a potential conflict with China. It is logical that China would look to develop a capability to exploit such a vulnerability.

Actually testing that capability presents a dilemma to Chinese decision-makers. On the one hand, they would want to know whether the capability will be effective when needed. On the other, testing the capability, as may have happened in these cases, alerts U.S. defenders and reduces the future element of surprise. An additional complication is whether gaining access to NASA environmental satellites through a commercial ground station in Norway has any relevance to potential attacks on U.S. Air Force reconnaissance, communication, and navigation satellites, which presumably enjoy higher levels of security.

In the meantime, “cyber militias” continue to provide an effective cover to activities that may be orchestrated by governments. And the plausible deniability created by the militias continues to thwart a response by the U.S. government.


Cannoneer No. 4

Fri, 10/28/2011 - 4:59am

What Regular U. S. .mil/.gov Information Operations elements are <i>capable</i> of working by, with, and through more or less friendly Civilian Irregular Information Operators? IMHO, there is a serious "cyber militia gap" between American and Chinese capabilites to exploit the talents of their respective civilian populations in support of network defense, network attack, and psychological operations.

We have pretty much lawfared ourselves out of using hackers and script kiddies who can't get a security clearance.