Feeds

Inside the mysterious US satellite hacking case

Ground station denies hack, US cyber general baffled

5 things you didn’t know about cloud backup

Chinese whispers

The report suggests the Chinese might have been trying out these tactic on a real, albeit non-military, satellite network. There's no evidence that this is what happened however and even the committee admits the attack has not been traced back to China.

The National Aeronautics and Space Administration confirmed two suspicious events related to the Terra EOS satellite in 2008 and the U.S. Geological Survey confirmed two anomalous events related to the Landsat-7 satellite in 2007 and 2008.

If executed successfully, such interference has the potential to pose numerous threats, particularly if achieved against satellites with more sensitive functions. For example, access to a satellite’s controls could allow an attacker to damage or destroy the satellite. The attacker could also deny or degrade as well as forge or otherwise manipulate the satellite’s transmission. A high level of access could reveal the satellite’s capabilities or information, such as imagery, gained through its sensors. Opportunities may also exist to reconnoiter or compromise other terrestrial or space-based networks used by the satellite.

These events are described here not on the basis of specific attribution information but rather because the techniques appear consistent with authoritative Chinese military writings. For example, according to Military Astronautics, attacks on space systems ‘‘generate tremors in the structure of space power of the enemy, cause it to suffer from chain effects, and finally lose, or partly lose, its combat effectiveness.’’ One tactic is ‘‘implanting computer virus and logic bombs into the enemy’s space information network so as to paralyze the enemy’s space information system.’’

The apparently hawkish Congressional committee warns the Pentagon and NASA to stay alert against "potential Chinese counterspace activities". An opening address (PDF) by committee chairman William A. Reinsch on Wednesday makes mention of the politician's concern about China's intentions in space. Reinsch also criticises China's alleged cyberspying activities against Western government and hi-tech firm.

While all nations have the right to develop the means to defend themselves, the Commission continues to be concerned with the opacity of China’s military development and intentions, which invites misunderstanding. And, in particular, our report notes China’s development of its cyber capabilities, focusing on the growing evidence that Beijing sponsors or condones computer network intrusions against foreign commercial and government targets. When combined with the military’s excessive focus on other disruptive military capabilities, such as counterspace operations, it presents an image of Chinese intentions that diverges significantly from Beijing’s official policy of peaceful development.

The Chinese government has previously denied having anything to do with the hacking of two US satellites when the allegations first surfaced last month. Embassy officials repeated these denials on publication of the commission's final report this week.

Embassy officials told Reuters that it "obvious that the commission is entrusted with the mission of vilifying China’s image and spreading China threat theory by patching up unwarranted allegations against China."

"We urge the commission to stop issuing such reports for the good of increasing mutual trust between our two countries while China will continue to play a responsible role in both the realistic and the virtual worlds," Wang Baodong, an embassy spokesman, in an email to the news agency.

Concerns about the security of US space systems have been raised before.

The US-China Economic Security and Review Commission's report comes eight months after an official audit of NASA's network concluded that the space agency faces a high risk of cyberattack.

Experts from the Office of the Inspector General (OIG) warned that vulnerabilities in the space agency's network left it open to defacement, denial of service or information-stealing attacks. In particular, six unnamed IT systems – which included systems that control spacecraft – were wide open to attack as a result of unpatched software vulnerabilities.

"We found that computer servers on NASA's Agency-wide mission network had high-risk vulnerabilities that were exploitable from the internet," OIG said. "Specifically, six computer servers associated with IT assets that control spacecraft and contain critical data had vulnerabilities that would allow a remote attacker to take control of or render them unavailable." ®

Bootnote

* The Landsat Program is a series of Earth-observing satellite missions jointly managed by NASA and the US Geological Survey. Terra is a scientific satellite programme managed by NASA looking for evidence on climate change, among other functions.

The essential guide to IT transformation

More from The Register

next story
One HUNDRED FAMOUS LADIES exposed NUDE online
Celebrity women victimised as Apple iCloud accounts reportedly popped
Rubbish WPS config sees WiFi router keys popped in seconds
Another day, another way in to your home router
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
NZ Justice Minister scalped as hacker leaks emails
Grab your popcorn: Subterfuge and slur disrupts election run up
HP: NORKS' cyber spying efforts actually a credible cyberthreat
'Sophisticated' spies, DIY tech and a TROLL ARMY – report
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?