Chinese Military Hackers Blamed for Attacking Two U.S. Satellites

A draft report from the U.S. China Economic and Security Review Commission said attackers had interfered with two U.S. satellites. The report strongly hinted there was a China connection.

Cyber-attackers interfered with two U.S. government satellites several times over a two-year period, according to an upcoming report from a congressional commission.

The intrusions on the satellite occurred four times in 2007 and 2008, according to a draft of a report from the U.S.-China Economic and Security Review Commission obtained Oct. 27 by Bloomberg BusinessWeek. The report, which is scheduled to be released next month, did not elaborate on the nature of the attacks.

The Landsat-7 satellite, launched by the United States Geological Survey in 1999, encountered 12 or more minutes of interference in October 2007 and July 2008, according to the draft report, BusinessWeek reported. The NASA's Terra AM-1 satellite received interference for two minutes in June 2008 and for nine minutes in October 2008. Both satellites are used to track the earth's climate and terrain.

"Such interference poses numerous potential threats, particularly if achieved against satellites with more sensitive functions," the draft report says, according to BusinessWeek. "Access to a satellite's controls could allow an attacker to damage or destroy the satellite. An attacker could also deny or degrade as well as forge or otherwise manipulate the satellite's transmission."

The attackers seem to have gained access to the satellites through compromised ground control systems at the Svalbard Satellite Station in Spitsbergen, Norway, according to BusinessWeek. At least on one occasion, the attackers had enough access to remotely take control of one of the satellites, but chose not to do so.

The report does not directly point fingers at the Chinese government or military for the attacks and said assigning definitive blame is difficult because perpetrators hide their involvement.

However, the report said the pattern of disruptions is consistent with Chinese military writings that advocate disabling enemy space systems and ground-based satellite control systems, according to BusinessWeek. The news story also said the report claimed China's stated strategy in a conflict is to "compromise, disrupt, deny, degrade, deceive or destroy" U.S. space and computer systems.

It's not the first time a cyber-incident had been linked to Chinese attackers or the Chinese government. Chinese officials have steadfastly denied having a role in computer attacks and have claimed cyber-attackers are striking China as well.

The U.S.-China Economic and Security Review Commission has "been collecting unproved stories to serve its purpose of vilifying China's international image over the years," Wang Baodong, a spokesman for the Chinese Embassy in Washington, told BusinessWeek.

While security experts often warn about jumping to conclusions without real evidence of who the attackers may be, others feel no qualms about pointing a finger at China. Richard Clarke, former White House cyber-security adviser and now an independent security consultant, called out China for cyber-espionage in his keynote speech at MIRcon in Washington, D.C., earlier this month.

He said China is systematically collecting information from U.S. companies for its own use. "Frankly, the government of China is involved in hacking into American companies and taking that information and giving it to Chinese companies. It means our intellectual property is going out the door in petabytes and terabytes," Clarke reiterated in a recent video posted on YouTube.

Defense Department reports of malicious cyber-activity, including incidents in which the Chinese weren't the main suspect, rose to a high of 71,661 in 2009 from 3,651 in 2001, according to the draft report. This year, attacks are expected to reach 55,110, compared with 55,812 in 2010.