BBC
..
The claim is made in a draft paper prepared for the US-China Economic and Security Review Commission, according to the Bloomberg news agency.
It said the incidents involved the Landsat-7 and Terra AM-1 earth observation systems which were targeted through a ground station in Norway. The satellites are used to observe the earth's climate and terrain.
The report highlights the risks that would have been posed had the breaches involved satellites with "more sensitive functions".
The draft document notes that previous penetrations have involved individuals linked to the Chinese underground community. The Chinese government has repeatedly denied its role in computer attacks.
The BBC asked three security experts for their views:
If there really has been a serious security problem with these two satellites, I would argue that to be entirely due to negligence by its designers or operators.
It has long been basic computer-science textbook knowledge how to implement
"cryptographic end-to-end message authentication", a very effective technique to prevent unauthorized parties executing commands on remote devices.
This story appears to be little more than someone gaining temporary access to some remote computer that steers a satellite dish.
These link stations merely forward messages to and from satellites, like a postal delivery service.
The security of the satellite does not have to rely on the security of any particular remote dish antenna.
A serious security risk to a satellite would be someone disrupting all communication with it by jamming its uplink frequencies.
But that is hardly practical for these polar orbiting satellites, which fly very low and are therefore visible from any point on Earth only for a few minutes at a time.
If such a satellite cannot talk to one link station, it must be prepared to use the next one on its path.
In a well-designed satellite system, it should not make much difference if one ground antenna is unavailable for a while, be it due to some teenage hacker or just heavy snowfall.
The thing to remember about satellites is that they do not just support military operations, but they also provide the backbone infrastructure for commercial operations.
Sky TV and the global automotive industry are just two examples.
As with any infrastructure components, these systems are reliant on ground based computers to provide elements of command-and-control.
They send data and equipment where they need to be, and can tell them what to do.
This opens up an opportunity to circumvent security - depending on how it is being applied.
Recent news stories have reported that US unmanned drone military aircraft were infected with a virus that gathered information.
If a malicious code is able to infect such a sensitive project, it is highly possible there could be other attacks targeting the information on military satellites satellites via system-to-system conversations.
I think that for years the basic information security assumption by military and government agencies was that they should keep their data on isolated networks that were not connected in any way to commercial and public communication infrastructure.
With this assumption and staff screening, they believed that the systems were safe.
However, in today's reality most military and government systems are interconnected and have substantial data links - some online and some offline - to public and commercial systems and networks.
Hence, once the "total isolation" assumption proved to be false, the traditional military security model collapsed in a magnificent way.
The latest, alleged, Landsat incident is a clear example of that. While the system is operated mainly from military facilities and systems, it can be accessed from a commercial station in Norway which in turn is connected to the internet.
The report hints that the attack on the control system was indeed related to this commercial control system.
This is yet another wake up call for these organisations to gradually abandon their older model and start deploying in-depth layered security into their information systems, much like the commercial organizations do.
We should remember though that making this change - both mentally and logistically - is a long process given the huge scope of these systems.
..
The report claims the Landsat-7 satellite experienced at least 12 minutes of interference
Hackers interfered with two US satellites four times between 2007 and 2008, according to reports.
It said the incidents involved the Landsat-7 and Terra AM-1 earth observation systems which were targeted through a ground station in Norway. The satellites are used to observe the earth's climate and terrain.
The report highlights the risks that would have been posed had the breaches involved satellites with "more sensitive functions".
The draft document notes that previous penetrations have involved individuals linked to the Chinese underground community. The Chinese government has repeatedly denied its role in computer attacks.
The BBC asked three security experts for their views:
Dr Markus Kuhn, University of Cambridge computer laboratory
It has long been basic computer-science textbook knowledge how to implement
"cryptographic end-to-end message authentication", a very effective technique to prevent unauthorized parties executing commands on remote devices.
This story appears to be little more than someone gaining temporary access to some remote computer that steers a satellite dish.
These link stations merely forward messages to and from satellites, like a postal delivery service.
The security of the satellite does not have to rely on the security of any particular remote dish antenna.
A serious security risk to a satellite would be someone disrupting all communication with it by jamming its uplink frequencies.
But that is hardly practical for these polar orbiting satellites, which fly very low and are therefore visible from any point on Earth only for a few minutes at a time.
If such a satellite cannot talk to one link station, it must be prepared to use the next one on its path.
In a well-designed satellite system, it should not make much difference if one ground antenna is unavailable for a while, be it due to some teenage hacker or just heavy snowfall.
Prof John Walker, computing and informatics, Nottingham Trent University
Sky TV and the global automotive industry are just two examples.
As with any infrastructure components, these systems are reliant on ground based computers to provide elements of command-and-control.
They send data and equipment where they need to be, and can tell them what to do.
This opens up an opportunity to circumvent security - depending on how it is being applied.
Recent news stories have reported that US unmanned drone military aircraft were infected with a virus that gathered information.
If a malicious code is able to infect such a sensitive project, it is highly possible there could be other attacks targeting the information on military satellites satellites via system-to-system conversations.
Amichai Shulman, chief technology officer at Imperva
With this assumption and staff screening, they believed that the systems were safe.
However, in today's reality most military and government systems are interconnected and have substantial data links - some online and some offline - to public and commercial systems and networks.
Hence, once the "total isolation" assumption proved to be false, the traditional military security model collapsed in a magnificent way.
The latest, alleged, Landsat incident is a clear example of that. While the system is operated mainly from military facilities and systems, it can be accessed from a commercial station in Norway which in turn is connected to the internet.
The report hints that the attack on the control system was indeed related to this commercial control system.
This is yet another wake up call for these organisations to gradually abandon their older model and start deploying in-depth layered security into their information systems, much like the commercial organizations do.
We should remember though that making this change - both mentally and logistically - is a long process given the huge scope of these systems.
Comments