Landsat-7 and Terra EOS satellites
Hacking is becoming a growing problem on Earth. It may seem strange to mention Earth, as there’s not much to hack outside of our planet’s atmosphere unless you count satellites. Even then, how feasible would it be to gain access to the systems running such devices?
Well, China not only has people working on such things, it has been discovered they actually managed to take control of two NASA satellites for more than 11 minutes.
The successful attacks occurred in 2007 and 2008. The more serious of the two happened in ’08 when NASA had control of the Terra EOS earth observation system satellite disrupted for 2 minutes in June, and then a further 9 minutes in October. During that time, whoever took control had full access to the satellites’ systems, but chose to do nothing with it.
The second hack affected the Landsat-7 satellite on two occasions, one in October of ’07, the other in July of ’08. Unlike the Terra OS incident, this hack did not see control taken away, but access was gained.
Washington D.C. captured by Landsat-7 in 2005
We only know about these hacks because of a report becoming available this month. It is entitled the 2011 Report to Congress of the U.S.-China Economic and Security Review Commission and made available online at the USCC website (link below). The specific details can be found on page 216 of the document, which is actually page 224 of the PDF.
It is suggested such malicious cyber activity in relation to satellites can be carried out to either destroy the system rendering it useless, or to exploit it to see what the “enemy” sees and gain intelligence on “ground-based infrastructure.”
Interestingly, the report points to the use of ground stations outside of the U.S. to control satellites as weak points. The reason being they use the Internet for data access and communication, not a closed link. We don’t know if that is still the case, but we’d hope not, or at least hope that the communication link is using better encryption and security checks.
Read the report online at the USCC website (PDF), via ITWorld
@atulpurohit