Hackers Briefly Controlled US Government Satellites 261
Orome1 writes "Two U.S. satellites have been tampered with by hackers — possibly Chinese ones — in 2007 and 2008, claims a soon-to-be released report by the the U.S.-China Economic and Security Review Commission. The two satellites, Landsat-7 and Terra AM-1, had been interfered with on four separate occasions, allowing the attackers to be in command of the satellites for two to over twelve minutes each time. Luckily, both of the satellites are used only for observing the Earth's climate and terrain, and the hackers never actually misused their control over them in any way."
Re:WTF! (Score:5, Informative)
WTF? it's not hard to start messing with a satellite C&C. IT's not like they are on the internet and the older ones have completely open interfaces.
All it takes is a PC with a sound card, custom software, and some ham radio gear and a nice big antenna array. if you can overwhelm the C&C signal from the main control point you can certainly start messing with it, non GEOSYNC birds typically are only communicated with when needed so it's easy to just contact it and send a command.
Hell if a hacker made a big enough antenna array they can screw with Mars rovers.
A little bit of education in how things you rely on work will turn your WTF! into a DUH!. mostly because most older satellites don't even require a username and password to connect and control it.
Re:Not this time: (Score:3, Informative)
Re:Security through Geometry? (Score:5, Informative)
I work on the Landsat project.
Yes, Landsat 7 is controlled from Sioux Falls. But every downlink station (and we have over a dozen of them, including one in China [usgs.gov]) has the ability to communicate with the satellite to trigger a download of recorded imagery. I assume that's all the hackers did, which means all they would be able to do is wipe some imagery out of the archive. That's a hair-raising scenario for us but not significant for most people.
Only EROS has the ability to upload flight commands to the satellite. That's not to say that Svalbard couldn't, they just don't have the software and one would hope they don't have the documentation needed to form the command syntax. But if they had those things and a hacker took control of them, they could burn the satellite into the atmosphere or send it careening around in its orbital neighborhood. Chances of it hitting another satellite and breaking into a million disaster-causing pieces are minor but not zero.
This is a scary news story for us. I'm interested in seeing the full report when it's finally released.
Re:Imagery not good enough... (Score:5, Informative)
You don't think the government satellites don't have that type of imagery yet?
Nope. Do the math [wikimedia.org], the resolving power dR of an optically perfect instrument of diameter D and focal length L using light of wavelength W at working distance equal to focal length is given by:
dR=1.22 W L/D
So for a really thick pube of diameter 0.1mm, using blue light of wavelength 0.0004mm, the L/D must not exceed 204. For low orbit, L is at least 50 kilometers, which suggests D must be at least 250 meters. The larger spy satellites have imperfect mirrors of only 2 or 3 meters, so good luck with scaling their diameters up by two orders of magnitude (i.e. 4 orders of magnitude in area for a simple scaling).
Google Earth scares the shit out of me b/c I cannot imagine WTF the government has with their technology.
You're probably thinking of the aerial photography by USGS and others. Not satellite imagery. It's good, but more than an order of magnitude away from resolving a pube, however.