According to Bloomberg:
Computer hackers, possibly from theChinese military, interfered with two U.S. government satellitesfour times in 2007 and 2008 through a ground station in Norway,according to a congressional commission.
The intrusions on the satellites, used for earth climateand terrain observation, underscore the potential danger posedby hackers, according to excerpts from the final draft of theannual report by the U.S.-China Economic and Security ReviewCommission. The report is scheduled to be released next month.
“Such interference poses numerous potential threats,particularly if achieved against satellites with more sensitivefunctions,” according to the draft. “Access to a satellite‘scontrols could allow an attacker to damage or destroy thesatellite. An attacker could also deny or degrade as well asforge or otherwise manipulate the satellite’s transmission.”
A Landsat-7 earth observation satellite system experienced12 or more minutes of interference in October 2007 and July2008, according to the report.
Hackers interfered with a Terra AM-1 earth observationsatellite twice, for two minutes in June 2008 and nine minutesin October that year, the draft says, citing a closed-door U.S.Air Force briefing.
The draft report doesn’t elaborate on the nature of thehackers’ interference with the satellites.
Chinese Military Writings
U.S. military and intelligence agencies use satellites tocommunicate, collect intelligence and conduct reconnaissance.The draft doesn’t accuse the Chinese government of conducting orsponsoring the four attacks. It says the breaches are consistentwith Chinese military writings that advocate disabling anenemy’s space systems, and particularly “ground-basedinfrastructure, such as satellite control facilities.”
U.S. authorities for years have accused the Chinesegovernment of orchestrating cyber attacks against adversariesand hacking into foreign computer networks to steal military andcommercial secrets. Assigning definitive blame is difficult, thedraft says, because the perpetrators obscure their involvement.
The commission’s 2009 report said that “individualsparticipating in ongoing penetrations of U.S. networks haveChinese language skills and have well established ties with theChinese underground hacker community,” although it acknowledgesthat “these relationships do not prove any governmentaffiliation.”
China this year “conducted and supported a range ofmalicious cyber activities,” this year’s draft reports. It saysthat evidence emerging this year tied the Chinese military to adecade-old cyber attack on a U.S.-based website of the FalunGong spiritual group.
Chinese officials long have denied any role in computerattacks.
The commission has “been collecting unproved stories toserve its purpose of vilifying China’s international image overthe years,” said Wang Baodong, a spokesman for the ChineseEmbassy in Washington, in a statement. China “never doesanything that endangers other countries’ security interests.”
The Chinese government is working with other countries toclamp down on cyber crime, Wang said.
Defense Department reports of malicious cyber activity,including incidents in which the Chinese weren’t the mainsuspect, rose to a high of 71,661 in 2009 from 3,651 in 2001,according to the draft. This year, attacks are expected to reach55,110, compared with 55,812 in 2010.
Relying on the Internet
In the October 2008 incident with the Terra AM-1, which ismanaged by the National Aeronautics and Space Administration,“the responsible party achieved all steps required to commandthe satellite,” although the hackers never exercised thatcontrol, according to the draft.
The U.S. discovered the 2007 cyber attack on the Landsat-7,which is jointly managed by NASA and the U.S. Geological Survey,only after tracking the 2008 breach.
The Landsat-7 and Terra AM-1 satellites utilize thecommercially operated Svalbard Satellite Station in Spitsbergen,Norway that “routinely relies on the Internet for data accessand file transfers,” says the commission, quoting a NASAreport.
The hackers may have used that Internet connection to getinto the ground station’s information systems, according to thedraft.
While the perpetrators of the satellite breaches aren’tknown for sure, other evidence uncovered this year showed theChinese government’s involvement in another cyber attack,according to the draft.
A brief July segment on China Central Television 7, thegovernment’s military and agricultural channel, indicated thatChina’s People’s Liberation Army engineered an attack on theFalun Gong website, the draft said.
The website, which was hosted on a University of Alabama atBirmingham computer network, was attacked in 2001 or earlier,the draft says.
The CCTV-7 segment said the People’s Liberation Army’sElectrical Engineering University wrote the software to carryout the attack against the Falun Gong website, according to thedraft. The Falun Gong movement is banned by the Chinesegovernment, which considers it a cult.
After initially posting the segment on its website, CCTV-7removed the footage after media from other countries began toreport the story, the congressional draft says.
The Chinese military also has been focused on its U.S.counterpart, which it considers too reliant on computers. In aconflict, the Chinese would try to “compromise, disrupt, deny,degrade, deceive or destroy” U.S. space and computer systems,the draft says.
“This could critically disrupt the U.S. military’s abilityto deploy and operate during a military contingency,” accordingto the draft.
Other cyber intrusions with possible Chinese involvementincluded the so-called Night Dragon attacks on energy andpetrochemical companies and an effort to compromise the Gmailaccounts of U.S. government officials, journalists and Chinesepolitical activists, according to the draft.
Often the attacks are found to have come from ChineseInternet-protocol, or IP, addresses.
Businesses based in other countries and operating in Chinathink that computer network intrusions are among the “mostserious threats to their intellectual property,” the draftsays.
The threat extends to companies not located in China. OnMarch 22, U.S. Internet traffic was “improperly” redirectedthrough a network controlled by Beijing-based China TelecomCorp. Ltd., the state-owned largest provider of broadbandInternet connections in the country, the draft said.
In its draft of last year’s report, the commissionhighlighted China’s ability to direct Internet traffic andexploit “hijacked” data.