Hacking Environmental Satellites

Well, this is interesting…

As if we didn’t have enough to worry about in data quality, it looks like the Chinese might be hacking the environmental satellites of the west. Why? Well, if you want the other guy to screw up and lose in the race to dominance, how about screwing up his planting and harvesting planning? Tell him to go dig mines where there is no gold? Maybe even get him to shut down his energy infrastructure as a sacrifice to the God of Gaia…

No, no evidence yet that they have had success at exploiting the hack. However, when you’ve got folks ‘knocking on the door’ and caught at it, the thing you must ask is “Has someone better already gotten inside?”. I don’t see that being asked. (Then again, any decent forensics guy will never let the state of the investigation be known. Maybe issue a false statement that “Nothing found, everything looks good.” to encourage them to continue so you can catch them, but never ever state your actual status of investigation. That goes only to the client.) So do we KNOW that the satellite data is clean, pure, and unchanged? Nope. All we know is that we have it, and the Chinese are reputed to be trying to hack it. Everything else is speculative.

The source? Bloomberg, in my case:

http://www.bloomberg.com/news/2011-10-27/chinese-military-suspected-in-hacker-attacks-on-u-s-satellites.html

Chinese Military Suspected in Hacker Attacks on U.S. Satellites
By Tony Capaccio and Jeff Bliss – Oct 27, 2011 12:01 AM ET

Computer hackers, possibly from the Chinese military, interfered with two U.S. government satellites four times in 2007 and 2008 through a ground station in Norway, according to a congressional commission.

The intrusions on the satellites, used for earth climate and terrain observation, underscore the potential danger posed by hackers, according to excerpts from the final draft of the annual report by the U.S.-China Economic and Security Review Commission. The report is scheduled to be released next month.

I would just add “That we know of”… Given my experience trying to get a military base in Hawaii to care about the fact that a hacker was inside their router (probably of Russian origin) and all they wanted to do was hush things up… well, I’m not so sure that there has been a thorough look into the data sanctity of all the satellites…

The bounce off of Norway is interesting. Norwegians are usually pretty good. So they got hacked first, then a bounce off them as a ‘usually trusted source’. Nice finesse. Speaks to pretty good skill, too. Then again, it was probably a US Ground Station just located on Norwegian soil… if so, well, then it’s not that much finesse…

A Landsat-7 earth observation satellite system experienced 12 or more minutes of interference in October 2007 and July 2008, according to the report.

Hackers interfered with a Terra AM-1 earth observation satellite twice, for two minutes in June 2008 and nine minutes in October that year, the draft says, citing a closed-door U.S. Air Force briefing.

The draft report doesn’t elaborate on the nature of the hackers’ interference with the satellites.

That we know of…

In the October 2008 incident with the Terra AM-1, which is managed by the National Aeronautics and Space Administration, “the responsible party achieved all steps required to command the satellite,” although the hackers never exercised that control, according to the draft.

The U.S. discovered the 2007 cyber attack on the Landsat-7, which is jointly managed by NASA and the U.S. Geological Survey, only after tracking the 2008 breach.

The Landsat-7 and Terra AM-1 satellites utilize the commercially operated Svalbard Satellite Station in Spitsbergen, Norway that “routinely relies on the Internet for data access and file transfers,” says the commission, quoting a NASA report.

The hackers may have used that Internet connection to get into the ground station’s information systems, according to the draft.

While the perpetrators of the satellite breaches aren’t known for sure, other evidence uncovered this year showed the Chinese government’s involvement in another cyber attack, according to the draft.

So we have decent recordings and we were able to go back to the 2007 tapes and find that Landsat-7 was hacked too. Well, better than nothing, and it gives some encouragement that we might actually be able to figure out what was hacked, and what was not. Still, they had control, and they had a year of free access to Landsat-7? Has anyone done a full reboot? Scrubbed the system? Re-calibrated everything?

There is more at the Bloomberg link. A google search turns up a lot more

So to the list of other things we get to worry about in the AGW scare, we now get to add “Potentially bogus data from satellite hacking”. Oh bother…

It really would be nice if someone in the west would realize that China is not our friend. They are playing hardball, for keeps, and have no interest in fairness or the common good. Yes, you can do business with them. BUT, only if you are working constantly on a defensive strategy against the inevitable exploits and deceptions, the inevitable frauds and cheats. Realizing that from their cultural point of view “All is fair in commerce and war” (to warp an old saying of the west…) and it is up to YOU to prevent them from taking the gifts you offer them through your stupidity. Maybe we will realize that once our economy has been strip mined of anything useful…

Subscribe to feed

About E.M.Smith

A technical managerial sort interested in things from Stonehenge to computer science. My present "hot buttons' are the mythology of Climate Change and ancient metrology; but things change...
This entry was posted in AGW and GIStemp Issues, Earth Sciences, Economics - Trading - and Money, Political Current Events and tagged , , , . Bookmark the permalink.

8 Responses to Hacking Environmental Satellites

  1. It would be ironic if they had bollixed up the data from the Cassini mission to Saturn that gave us a first peek at the weather on its largest moon: The code name for the Chinese hacker group is “Titan Rain.”

    We have handicapped ourselves: any bright programmer that attempts to find out more about these folks is shut down by the US government, and in some cases rather forcefully.

    ===|==============/ Keith DeHavelle

  2. Pingback: China hacking US environment satellites? « TWAWKI

  3. Chuckles says:

    I read this a couple of days ago, but largely discounted it as ‘usual clueless journalistic raving’, and I must be honest, it’s by no means clear to me me what exactly has been ‘hacked’.

    Is there a suggestion that there are internet portals scattered all over, to allow J Random Hacker to input some new yaw, pitch or ephemeris data to one of the Landsat satellites? I don’t think so.

    Any sensor data from the satellites is usually QA’d and heavily post processed into standard products before they get anywhere near an end user, so I’m not sure what desperate damage could be suffered, or whether anyone could even get anywhere near the raw datastream.
    Finding some clear days without cloud cover in equatorial regions sounds like a much bigger challenge to me.

    Or is the suggestion that these mighty hackers are bollixing up the postprocesseddata on some ftp site or other, ?

  4. E.M.Smith says:

    @Chuckles:

    The assertion is simply that when you have been hacked, you have no idea what is valid and what is not. You may HOPE, but…

    “Hope is not a strategy. -E.M.Smith”

    We know that, at minimum, a couple of sats had their controls under someone else’s thumb for a while. Did they “adjust” anything else along the food chain? Unknown. (Perhaps unknowable in some cases, if done very well…).

    We know that the “system” is under attack and that at least a couple of the attacks were a success. Were the other parts also attacked? Did they succeed? We don’t know (and may never know).

    Basically, it says “Things are not as pristine as we’d thought before”.

    So you can trust, but maybe not verify…

    That, as they say, is a real pisser. At minimum it means we need to figure out how to defend against further attacks AND re-validate the past data. Until then, it has a cloud over it.

  5. Chuckles says:

    Er, yes and no, there really is a huge difference between ‘command and control’ of the sat and data downloads –
    e.g. Terra is a Direct Broadcast system, bit like the weather sats of old – point an antenna and grab the feed –

    Click to access FINAL-METOP.pdf

    Landsat 7 may well be the same, I’m not sure. I do know it has about 100 gigs of solid state store on board, but the older Landsat systems dowloaded data under Ground Station control, so they may have stayed with that.
    With that approach, huge quantities of data are zapped down to a ground station and straight onto tape, and then shipped off to a processing centre for further work. The satellite just failry mindlessly trundles round in it’s orbit performing the exact same data acquisition over every part of the earths surface. There is nothing to fiddle or adjust other than the sat orbit and attitude, the data acqusition is fixed and invariant.
    So the one set of data, anyone with a receiver can get, and the other, you need some serious high speed optical or similar tape drives to store the bursts.

    My point is more that if you want to ‘hack’ one of these sats at the command and control level, it’s probably easier to point an S or X Band antenna at the thing and have at it, than lurking round the internetlooking for back-doors into Sat Ground Stations.

    This does suggest that there is some precedent for manoeuvering co-operation, so the ‘internet hacker’ thing does sound feasible if not fruitful

    Click to access Solving_the_Cross-Domain_Command_and_Control_Challenge.pdf

    There’s huge amounts of freely available info out there for anyone to grab, but as the first one mentions, the amount of QA and post processing done to the raw data makes any ‘fiddling’ pretty moot.

    http://landsathandbook.gsfc.nasa.gov/ground_system/prog_sect4_2.html

    Click to access igs.pdf


    Click to access dfcb_vol_1.pdf


    http://books.google.co.uk/books?id=GZgrAAAAYAAJ&pg=PA94&lpg=PA94&dq=landsat+command+and+control&source=bl&ots=BO4h_kd3dK&sig=s1R_jzMwp4nNrYWZj9uKOtjxE4w&hl=en&ei=Fx-vTozyOMzq8QOcg9CiAQ&sa=X&oi=book_result&ct=result&resnum=7&ved=0CEAQ6AEwBg#v=onepage&q=landsat%20command%20and%20control&f=false

  6. E.M.Smith says:

    Unless, of course, one has gotten control of the onboard computing and put in some nice little ‘adjust then broadcast’ code…

    Please note: I am not saying this happened, only that it must be shown to have not happened before we can return to prior levels of trust in the data. As long as ‘ground control’ can upload code updates, we’ve got a potential issue if someone else has taken over ground control. And that means we need to document that it didn’t happen…

  7. Chuckles says:

    E.M. While I agree with you completely, I just find the choice of targets extremely strange.
    There’s just no upside to it, other than as practice, test run or similar. Or a bunch of script kiddies getting their jollies.

    All the data produced is whole earth, and is freely available to anyone, for free, from multiple locations.

    Now this sort of thing…..

    http://www.theregister.co.uk/2011/11/01/french_nuke_firm_mystery/

    is definitely on the ‘Yes, Worry’ list.

  8. E.M.Smith says:

    @Chuckels:

    Well, not that I have any experience in the area… but I’ve heard it reported by other more despicable sorts that sometimes you hit the target you can rather than the one that you want… When ‘hacking about’ it is an exercise in exploration, and if one door is very firmly closed, well, you jiggle the other handles and see what opens… Or so I’ve been told…

Comments are closed.