Risk
10/28/2011
01:23 PM
50%
50%

Chinese Military Blamed For Hacking U.S. Satellites

Congressional investigators say two Earth observation satellites were hacked four times in recent years and it appears the Chinese military is responsible.

NASA, Microsoft Reveal Mars In Pictures
(click image for larger view)
Slideshow: NASA, Microsoft Reveal Mars In Pictures
China's military was likely responsible for hacking two U.S. satellites on four separate occasions several years ago, activity that could pose major threats to these types of operations if more serious intrusions occur, according to a Congressional report.

Two satellites--one controlled by NASA and the other by the space agency and the U.S. Geological Survey--experienced interference several times between October 2007 and October 2008, according to a draft report by the the U.S.-China Economic and Security Review Commission. The report is scheduled to be available publicly next month.

Specifically, Landsat-7--an Earth observation satellite managed by both parties--experienced 12 or more minutes of interference on Oct. 20, 2007. The incident was only discovered when the same satellite had a similar disruption again on July 23, 2008, according to the draft report.

Terra EOS, another Earth observation satellite managed solely by NASA, experienced two or more minutes of interference on June 20,2008, and then nine or more minutes of interference again on Oct. 22, 2008.

Hackers gained access to the satellites through Svalbard Satellite Station, a ground control station in Spitsbergen, Norway.

While these incidents did not cause any major harm or damage, this type of intrusion could pose a major threat to a satellite with "more sensitive functions," according to the draft report.

"For example, access to a satellite's controls could allow an attacker to damage or destroy the satellite," according to the report. "The attacker could also deny or degrade as well as forge or otherwise manipulate the satellite's transmission."

If a hacker gained a "high level of access," it also could access information or imagery from the satellite's sensors, or manipulate other terrestrial or space-based networks used by the satellite, according to the report.

A spokesperson said the commission's draft report could be modified before the final report is made available.

The incidents mentioned in the report are not the first time the commission has brought to light China's hacking of U.S. government operations. A report by the commission released in November revealed an incident on April 8, 2010, when China Telecom diverted U.S. and other foreign Internet traffic through servers in China.

U.S. government activity affected in that incident included traffic going to and from U.S. .gov and .mil sites, including sites for the Senate, the four main armed services branches, the office of the Secretary of Defense, NASA, the Department of Commerce and the National Oceanic and Atmospheric Administration.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Bprince
50%
50%
Bprince,
User Rank: Ninja
10/31/2011 | 3:45:21 PM
re: Chinese Military Blamed For Hacking U.S. Satellites
These types of incidents make me think about the definition of cyber-war. Assuming that this attack could be irrefutably proven to have originated from the Chinese military (highly unlikely for obvious reasons), at what point do hacks become sabotage, and attempts at sabotage become cyber-war?
Brian Prince, InformationWeek contributor
KNINJA000
50%
50%
KNINJA000,
User Rank: Apprentice
10/28/2011 | 8:26:55 PM
re: Chinese Military Blamed For Hacking U.S. Satellites
So what's the problem? This type of attack isnt even dangerous, it's those meddling kids defacing corporate websites that we really need to thunderwack. At least that's how our leaders see it.
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8893
Published: 2015-01-28
Multiple cross-site scripting (XSS) vulnerabilities in (1) mainpage.jsp and (2) GetImageServlet.img in IBM TRIRIGA Application Platform 3.2.1.x, 3.3.2 before 3.3.2.3, and 3.4.1 before 3.4.1.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

CVE-2014-8894
Published: 2015-01-28
Open redirect vulnerability in IBM TRIRIGA Application Platform 3.2.1.x, 3.3.2 before 3.3.2.3, and 3.4.1 before 3.4.1.1 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via the out parameter.

CVE-2014-8895
Published: 2015-01-28
IBM TRIRIGA Application Platform 3.2.1.x, 3.3.2 before 3.3.2.3, and 3.4.1 before 3.4.1.1 allows remote attackers to bypass intended access restrictions and read the image files of arbitrary users via a crafted URL.

CVE-2014-8917
Published: 2015-01-28
Multiple cross-site scripting (XSS) vulnerabilities in (1) dojox/form/resources/uploader.swf (aka upload.swf), (2) dojox/form/resources/fileuploader.swf (aka fileupload.swf), (3) dojox/av/resources/audio.swf, and (4) dojox/av/resources/video.swf in the IBM Dojo Toolkit, as used in IBM Social Media A...

CVE-2014-8920
Published: 2015-01-28
Buffer overflow in the Data Transfer Program in IBM i Access 5770-XE1 5R4, 6.1, and 7.1 on Windows allows local users to gain privileges via unspecified vectors.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
If youíre a security professional, youíve probably been asked many questions about the December attack on Sony. On Jan. 21 at 1pm eastern, you can join a special, one-hour Dark Reading Radio discussion devoted to the Sony hack and the issues that may arise from it.