At least two U.S. environment-monitoring satellites were interfered with four or more times in 2007 and 2008 via a ground station in Norway, and China’s military is a prime suspect, a draft report to Congress said.
The U.S.-China Economic and Security Review Commission, which reported the interference, said the events had not actually been traced to China. It said it was citing them “because the techniques appear consistent with authoritative Chinese military writings” that have advocated disabling satellite control facilities in any conflict.
Pinpointing responsibility for a cyberattack can be extremely difficult. Hackers typically mask their tracks by routing intrusions through computers on multiple continents and may make an attack appear to come from a third country.
The commission said its account was based largely on a May 12 U.S. Air Force briefing for the 12-member commission, which was set up by Congress in 2000 to report on U.S.-China trade’s national security implications. Its final 2011 report is due to be sent to lawmakers on November 16.
The satellites cited in the report are used for climate and terrain monitoring by the National Aeronautics and Space Administration and the U.S. Geological Survey.
A Landsat-7 earth observation satellite, built by NASA for the USGS, experienced 12 or more minutes of interference in October 2007 and July 2008, the report said.
A NASA-managed Terra AM-1 earth observation satellite was similarly interfered with for two minutes or more on June 20, 2008, and at least nine minutes on October 22, 2008, it said.
Trent Perrotto, a NASA spokesman, confirmed that NASA had spotted two “suspicious events” with its Terra spacecraft in the summer and fall of 2008, but said no commands were successfully sent to the satellite and no data was captured.
NASA notified the Department of Defence, which is responsible for investigating any attempted interference with satellite operations, Perrotto added.
The U.S. Geological Survey, for its part, said the Landsat-7 satellite in the fall of 2007 and the summer of 2008 had detected radio signals from the ground that seemed to be an attempt to “lock on” to it, a step that must be completed before a ground station’s command can be received.
In both cases, the apparent attempts failed and no information was compromised, said USGS spokesman Jon Campbell.
The Defence Department would not comment on the alleged hacking but said it is monitoring China’s development of “counter-space” capabilities.
The department is increasing the resilience of U.S. assets in space and is improving “the ability to operate in a degraded environment,” among other precautions, said Army Lieutenant Colonel James Gregory, a Pentagon spokesman.
Degraded environment refers to any compromise of the U.S. military’s sophisticated high-tech digital networks.
Hackers appear to have worked through Svalbard Satellite Station, or SvalSat, in Spitsbergen, Norway, which routinely connects to the Internet to transfer data, the commission’s draft added in an excerpt provided to Reuters.
Located about 750 miles/1,200 km from the North Pole, SvalSat is well-placed to communicate with satellites in polar orbit, the report said.
But the company that owns the ground station said it saw no sign of the penetration reported by the commission.
“Our systems indicated nothing,” Kongsberg Satellite Services President Rolf Skatteboe told Reuters in Oslo. “We don’t understand where this is coming from.”
Larry Wortzel, a commissioner who is a retired U.S. Army colonel and former military attache in China, said Beijing had conducted numerous tests on space warfare systems in 2007 and 2008.
“I don’t think it is a wild analytical leap to suggest that these hacks could have been part of that matrix of testing,” Wortzel said in an email to Reuters.
The bipartisan commission typically goes much further in publicly outlining perceived security threats from Beijing than have U.S. administrations, which must deal with other issues on which China’s cooperation is critical. These include North Korea’s nuclear program, regional security and matters before the U.N. Security Council.
A spokesman for the Chinese Embassy in Washington did not immediately respond to Reuters’ request for comment.
The report does not spell out the nature of the interference, but says that hackers “achieved all steps required to command” the Terra AM-1 satellite without ever actually exercising that control.
The interference was disturbing because it could be used to access satellites with more sensitive functions, the commission’s draft said.
“For example, access to a satellite’s controls could allow an attacker to damage or destroy the satellite. The attacker could also deny or degrade as well as forge or otherwise manipulate the satellite’s transmission,” the report said.