Report says two U.S. satellites were hacked in 2007 and 2008, attacks resemble Chinese military literature

China appears to be taking its cyber-skirmishes with the U.S. to a new level.  A recent government report reveals that attackers gained access to two U.S. satellites.  Meanwhile, China -- the suspected culprit -- has internally revealed that it's developing capabilities to cripple an enemy satellite network via either outright destruction or planted misinformation.

The potential of a Chinese cyber-attack crippling U.S. defense satellites is an alarming one.  

I. Foreign Nation Gains Access of Two U.S. Satellites in 2007-2008

The disturbing commentary on the satellite breaches was published by the U.S.-China Economic and Security Review Commission (USCC), a government panel established in 2000 by Congress for the purpose of examining how China's growing military and technological power could impact U.S. security.

The report [PDF] was the ninth by the panel and it offers some of the most interesting -- and frightening -- commentary yet.  It describes attacks on two America orbiters, which appeared to be proof-of-concept probing infiltrations given the satellites' non-vital roles.

The first satellite attacked was Terra (EOS-AM-1), the flagship satellite in a series of National Aeronautics and Space Agency orbiters, designed to monitor the Earth's climate.  The satellite was attacked twice in 2008, with attackers gaining command-and-control access level.

Terra satellite
NASA's Terra satellite (EOS AM-1) [Image Source: NASA]

The second satellite was a U.S. Geological Survey satellite, Landsat-7.  This spacecraft is designed to take high-resolution images of the Earth's terrain, delivering 582 images a day.  These images are publically available and are often color-balanced and enhanced by commercial entities for use in services such as Google Maps (at the highest zoomed-out resolution).  They're also used by the USGS to create 3D maps.  

The USGS Landsat-7 satellite in the lab, and during its 1999 launch. [Images Source: USGS]

Like Terra, Landsat-7 saw two compromises, each of which lasted less than a quarter of an hour.  However, the Landsat-7 intrusions only gained full access to non command-and-control functionality.

The report describes (pg. 216):
  • On October 20, 2007, Landsat-7, a U.S. earth observation satellite jointly managed by the National Aeronautics and Space Administration and the U.S. Geological Survey, experienced 12 or more minutes of interference. This interference was only discovered following a similar event in July 2008 (see below).
  • On June 20, 2008, Terra EOS [earth observation system] AM–1, a National Aeronautics and Space Administration-managed program for earth observation, experienced two or more minutes of interference. The responsible party achieved all steps required to command the satellite but did not issue commands.
  • On July 23, 2008, Landsat-7 experienced 12 or more minutes of interference. The responsible party did not achieve all steps required to command the satellite.
  • On October 22, 2008, Terra EOS AM–1 experienced nine or more minutes of interference. The responsible party achieved all steps required to command the satellite but did not issue commands. 
The U.S. Department of Defense (DoD) was informed of these incidents, and the systems were presumably restored.

II. China Trains Soldiers on How to Destroy American Satellites

Partial infiltration could allow the attacker to share data from the compromised satellite, though this would likely be detected given the limited bandwidth of the orbiter (likely part of how the current attacks were identified).  On this type of threat, the report comments (pg. 217):
A high level of access could reveal the satellite’s capabilities or information, such as imagery, gained through its sensors. Opportunities may also exist to reconnoiter or compromise other terrestrial or space- based networks used by the satellite. 

Command-and-control infilitration could give more useful capabilties, most notably the ability to trigger some sort of mechanical/electrical overdrive, which could damage critical devices like imaging lenses or the communications antenna.  Or they could be used to provide equally damaging misinformation to the victim.

On the destructive potential it reads:

If executed successfully, such interference has the potential to
pose numerous threats, particularly if achieved against satellites with more sensitive functions. For example, access to a satellite’s controls could allow an attacker to damage or destroy the satellite. The attacker could also deny or degrade as well as forge or otherwise manipulate the satellite’s transmission.

ABC News correspondent Jason Ryan offers an interesting twist, claiming that his government sources have confirmed that these attacks "had to come from a nation power."

Officially, the report is careful to clarify it does not have the evidence to pin the attacks on China, but that (pg. 217):

These events are described here not on the basis of specific attribution information but rather because the techniques appear consistent with authoritative Chinese military writings. For example, according to  Military Astronautics, attacks on space systems "generate tremors in the structure of space power of the enemy, cause it to suffer from chain effects, and finally lose, or partly lose, its combat effectiveness." One tactic is "implanting computer virus and logic bombs into the enemy’s space information network so as to paralyze the enemy’s space information system."

(The report's excerpts are taken from the Chinese military training textbook Military Aeronautics.)

China's PLA
China's People's Liberation Army, during a military exercise [Image Source: Defense Today]

The important take home message, which the U.S. Military commanders are surely aware of is this: If agents of China's People's Liberation Army were able to infiltrate NASA and other U.S. agencies' satellite systems to the extent of a having command-and-control capabilities, it may have implanted "logic bombs" which it can remotely activate at any time, should the necessity rise.

III. Chinese Counterspace: Kryptonite to U.S. Military Space Edge

China still weaker than the U.S. in space logistical capabilities (communications, surveillance, etc.), according to the expert panel:

Despite pockets of considerable capabilities, China has weak or moderate military space capabilities in other areas. China has few communications satellites available for military purposes, even assuming that the PLA would appropriate Chinese government-controlled assets during a crisis.

That weakness could be lessened given its reliance on low-bandwidth devices and its strong underground internet cable network in local conflicts:

Many PLA military platforms have modest bandwidth requirements, which, when combined with the PLA’s heavy reliance on buried fiber-optic military communications networks, may offset this disadvantage in the context of a potential, near-term U.S.-China contingency on China’s periphery.

But at present, the nation would be at a disadvantage in long range conflicts with the U.S.:

However, naval forces at sea and ground forces operating outside the Chinese mainland (even as close as Taiwan) would still require secure, mobile communications for military functions such as command and control.

The report suggests China may invest in new satellite or drone capabilities to remedy that weakness.  In the near term, though the U.S.'s advantage could be negated by China's cyberprowess and investigation into "hard" counterspace options (pg. 218):

China's counterspace programs seek the capability to compromise, disrupt, deny, degrade, deceive, or destroy U.S. space assets. These efforts could prevent the U.S. military’s use of space for functions such as communications; intelligence, surveillance, and reconnaissance; and guided weapons applications. 

This opinion is reinforced with quotes from top military leaders (pg. 218):

Notwithstanding China’s increasing reliance on space for military and civil purposes, Chinese military planners still view space assets as an attractive target. Ambassador Schulte testified that with "geography the way it is, we are probably always going to find ourselves more reliant on space than [China] . . . so for the foreseeable future, that’s an asymmetry they’re going to look to exploit as they pursue an antiaccess/area denial approach." According to General Deptula, "Continued Chinese investment in the design, development, deployment and employment of space and counterspace systems will increasingly challenge our traditional space dominance and could dramatically reduce our freedom of action in the event of a conflict in the region."

The report points to China preparing a two pronged approach to attack the U.S.'s space capabilties.  The first approach is to use traditional attacks like missiles or orbitters to physically assault enemy satellites (the so-called "hard" attack).  A second "soft" attack approach involves instead using cyberattacks to cripple or interfere with foreign satellites. 

Air Force satellites
China could bring the U.S. "down to its level" technologically with targeted counterspace strikes.
[Image Source: U.S. Air Force]

On the hybrid hard-attack/soft-attack approach, the authors state (pg. 216):

Chinese military theorists take a holistic view of counterspace operations. They advocate for the use of both "soft" kill (i.e., informational, temporary, or reversible) attacks and "hard" kill (i.e., destructive or permanently disabling) attacks against every aspect of space power: ground-based systems, space-based systems, and communications links.

In other words, China is actively preparing redundant options to bring the U.S. down to its level in terms of space combat readiness.

The report elaborates on fascinating potential tests of hard-attack possibilites:

IV. The Danger Ahead

The USCC suggests some big and possibly extensive programs/studies to be conducted to prepare the U.S.'s defenses against counterspace activities.  It suggests that:
  • The DoD test its logistical systems to make sure they're "secure from a cyberattack".
  • "Congress assess the adequacy of Department of Defense capabilities to conduct major operations in a degraded command, control, communications, computer, intelligence, surveillance, and reconnaissance environment for an extended period of time."
  • Provide Congressional encouragement to the administration to "work diplomatically and militarily" with region allies (e.g. Japan, South Korea) to "improve their capacity to resist China’s Area Control Strategy capabilities."
  • The DoD and critical commercial sector partners assess their preparedness for "Chinese counterspace activities".
  • The DoD institute a worst-case scenario war game, which "simulate the destruction, denial, degradation, or manipulation of U.S. space assets".

    (These suggestions were cut down from a longer list on multiple topics.)
At this point China's efforts, based on what this report and past reports have stated, appear to be limited to:
  1. Learning/infilitration activities designed to prepare the nation to cripple its adversaries in the event of conflict.
  2. Infiltrating commercial and government systems in order to gain a socioeconomic advantage over its foreign economic competitors.
In that regard, the current cyber-skirmishes between China's PLA and the U.S. government/private sector firms appear to be designed not as an endgame move, but as a carefully played strategy aimed at putting all the cards in the growing nation's hand.    

[Image Source: Radio Free Penzance]

Militarily, the biggest danger appears to be if China attacked a neighbor like South Korea or Taiwan to achieve greater financial dominance.  In such a scenario China's counterspace abilities could play a key role in stifling U.S. assistance.

Commission, Martin C. Libicki, a senior management analyst at the RAND Corp. (RAND), describes such a scenario, commenting (pg. 194):

China takes steps to complicate and hence delay the U.S. transit of the Pacific, so that by the time the United States does arrive, the war [with Taiwan] will be over, or at least the Chinese will have a secure lodgment on the island. So, [PLA forces] carry out a full-fledged operational cyberattack on the United States military information systems with the hopes of turning data into unusable nonsense.

[The report also contains commentary on other recent Chinese military technological developments like the J-20 stealth fighter, making it worth a read if you have some time.]

China launched its first space station module two months ago.  The new station is designed to compete with the International Space Station project, which China refused to participate in.  The station is named Tiangong-1, which means "Heavenly Place-1", and is scheduled for completion sometime between 2020 and 2022 completion.

Sources: USCC, ABC News

"I mean, if you wanna break down someone's door, why don't you start with AT&T, for God sakes? They make your amazing phone unusable as a phone!" -- Jon Stewart on Apple and the iPhone

Most Popular Articles

Copyright 2018 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki