Chinese Military Suspected in Hacker Attacks on U.S. Satellites
http://www.businessweek.com/news/2011-10-27/chinese-military-suspected-in-ha... Chinese Military Suspected in Hacker Attacks on U.S. Satellites October 27, 2011, 12:27 AM EDT By Tony Capaccio and Jeff Bliss Oct. 27 (Bloomberg) -- Computer hackers, possibly from the Chinese military, interfered with two U.S. government satellites four times in 2007 and 2008 through a ground station in Norway, according to a congressional commission. The intrusions on the satellites, used for earth climate and terrain observation, underscore the potential danger posed by hackers, according to excerpts from the final draft of the annual report by the U.S.-China Economic and Security Review Commission. The report is scheduled to be released next month. b Such interference poses numerous potential threats, particularly if achieved against satellites with more sensitive functions,b according to the draft. b Access to a satellitebs controls could allow an attacker to damage or destroy the satellite. An attacker could also deny or degrade as well as forge or otherwise manipulate the satellitebs transmission.b A Landsat-7 earth observation satellite system experienced 12 or more minutes of interference in October 2007 and July 2008, according to the report. Hackers interfered with a Terra AM-1 earth observation satellite twice, for two minutes in June 2008 and nine minutes in October that year, the draft says, citing a closed-door U.S. Air Force briefing. The draft report doesnbt elaborate on the nature of the hackersb interference with the satellites. Chinese Military Writings U.S. military and intelligence agencies use satellites to communicate, collect intelligence and conduct reconnaissance. The draft doesnbt accuse the Chinese government of conducting or sponsoring the four attacks. It says the breaches are consistent with Chinese military writings that advocate disabling an enemybs space systems, and particularly b ground-based infrastructure, such as satellite control facilities.b U.S. authorities for years have accused the Chinese government of orchestrating cyber attacks against adversaries and hacking into foreign computer networks to steal military and commercial secrets. Assigning definitive blame is difficult, the draft says, because the perpetrators obscure their involvement. The commissionbs 2009 report said that b individuals participating in ongoing penetrations of U.S. networks have Chinese language skills and have well established ties with the Chinese underground hacker community,b although it acknowledges that b these relationships do not prove any government affiliation.b Chinese Denials China this year b conducted and supported a range of malicious cyber activities,b this yearbs draft reports. It says that evidence emerging this year tied the Chinese military to a decade-old cyber attack on a U.S.-based website of the Falun Gong spiritual group. Chinese officials long have denied any role in computer attacks. The commission has b been collecting unproved stories to serve its purpose of vilifying Chinabs international image over the years,b said Wang Baodong, a spokesman for the Chinese Embassy in Washington, in a statement. China b never does anything that endangers other countriesb security interests.b The Chinese government is working with other countries to clamp down on cyber crime, Wang said. Defense Department reports of malicious cyber activity, including incidents in which the Chinese werenbt the main suspect, rose to a high of 71,661 in 2009 from 3,651 in 2001, according to the draft. This year, attacks are expected to reach 55,110, compared with 55,812 in 2010. Relying on the Internet In the October 2008 incident with the Terra AM-1, which is managed by the National Aeronautics and Space Administration, b the responsible party achieved all steps required to command the satellite,b although the hackers never exercised that control, according to the draft. The U.S. discovered the 2007 cyber attack on the Landsat-7, which is jointly managed by NASA and the U.S. Geological Survey, only after tracking the 2008 breach. The Landsat-7 and Terra AM-1 satellites utilize the commercially operated Svalbard Satellite Station in Spitsbergen, Norway that b routinely relies on the Internet for data access and file transfers,b says the commission, quoting a NASA report. The hackers may have used that Internet connection to get into the ground stationbs information systems, according to the draft. While the perpetrators of the satellite breaches arenbt known for sure, other evidence uncovered this year showed the Chinese governmentbs involvement in another cyber attack, according to the draft. TV Report A brief July segment on China Central Television 7, the governmentbs military and agricultural channel, indicated that Chinabs Peoplebs Liberation Army engineered an attack on the Falun Gong website, the draft said. The website, which was hosted on a University of Alabama at Birmingham computer network, was attacked in 2001 or earlier, the draft says. The CCTV-7 segment said the Peoplebs Liberation Armybs Electrical Engineering University wrote the software to carry out the attack against the Falun Gong website, according to the draft. The Falun Gong movement is banned by the Chinese government, which considers it a cult. After initially posting the segment on its website, CCTV-7 removed the footage after media from other countries began to report the story, the congressional draft says. Military Disruption The Chinese military also has been focused on its U.S. counterpart, which it considers too reliant on computers. In a conflict, the Chinese would try to b compromise, disrupt, deny, degrade, deceive or destroyb U.S. space and computer systems, the draft says. b This could critically disrupt the U.S. militarybs ability to deploy and operate during a military contingency,b according to the draft. Other cyber intrusions with possible Chinese involvement included the so-called Night Dragon attacks on energy and petrochemical companies and an effort to compromise the Gmail accounts of U.S. government officials, journalists and Chinese political activists, according to the draft. Often the attacks are found to have come from Chinese Internet-protocol, or IP, addresses. Businesses based in other countries and operating in China think that computer network intrusions are among the b most serious threats to their intellectual property,b the draft says. The threat extends to companies not located in China. On March 22, U.S. Internet traffic was b improperlyb redirected through a network controlled by Beijing-based China Telecom Corp. Ltd., the state-owned largest provider of broadband Internet connections in the country, the draft said. In its draft of last yearbs report, the commission highlighted Chinabs ability to direct Internet traffic and exploit b hijackedb data. --Editors: John Walcott, Jim Rubin. To contact the reporters on this story: Jeff Bliss in Washington at jbliss@bloomberg.net; Tony Capaccio in Washington at acapaccio@bloomberg.net To contact the editor responsible for this story: Mark Silva in Washington at msilva34@bloomberg.net
participants (1)
-
Eugen Leitl