It certainly sounds ominous: Hackers meddling with satellites controlled by the U.S. government several times over the past four years. What’s more, claims a report by a U.S. congressional commission, the hackers behaved in ways consistent with Chinese military doctrine.
In a draft report due out next month and summarized by Bloomberg, the U.S.-China Economic and Security Review Commission says that two U.S. satellites, used for earth climate and terrain observation, were hacked four times in 2007 and 2008 by way of a ground station in Norway. One, an earth observation satellite, was on the fritz for upwards of 12 minutes between 2007 and 2008, while another was repeatedly hacked at various points in 2008—all that, says the report, per a “closed-door U.S. Air Force briefing,” though the latter offered no insights into the hackers’ goals.
“Such interference poses numerous potential threats, particularly if achieved against satellites with more sensitive functions,” reads the draft report. “Access to a satellite‘s controls could allow an attacker to damage or destroy the satellite. An attacker could also deny or degrade as well as forge or otherwise manipulate the satellite’s transmission.”
The China angle’s sketchier. The report doesn’t outright name China, much less the Chinese government, as the perp, but says that “individuals participating in ongoing penetrations of U.S. networks have Chinese language skills and have well established ties with the Chinese underground hacker community.” Note the broadness of that claim—the report admits it doesn’t “prove any government affiliation”—and that it makes only indirect reference to the satellite hacks. The commission admits that ascribing blame is complicated by the fact that hackers expect to be traced, and take measures to ensure they’re not.
Blaming China for hack attacks has become customary in recent years. In June, China denied accusations by Google that Chinese hackers broke into Gmail, the company’s free online email service, and absconded with the login details of hundreds of senior U.S. and Asian government officials, military personnel, journalists and Chinese political activists. And in August, cyber security experts suggested the country may have been behind massive cyber attacks over the past five years, targeting some 70 international organizations.
China continues to deny responsibility and shrugs off the commission’s position, claiming the USCC’s “been collecting unproved stories to serve its purpose of vilifying China’s international image over the years,” according to Chinese embassy spokesperson Wang Baodong, who adds that his country “never does anything that endangers other countries’ security interests.”
Indeed, the sticking point seems to be whether hacks traceable to Chinese origin points can be attributed to official state-sponsored organizations, or simply rogue China-based hackers and/or cyber criminals.