Hackers briefly took control of U.S. imaging satellites in 2008

According to a congressional commission report to be released next month, on four separate occasions between 2007 and 2008, hackers (who may or may not have been affiliated with the Chinese government) were able to take complete control of two U.S. satellite systems, Landsat-7 and Terra (EOS AM-1), for up to 12 minutes at a time.

Landsat-7 and Terra are imaging satellites run by NASA and the U.S. Geological Survey. They have high-resolution mutispectral cameras, spectrometers, and other instruments designed to monitor changes to the Earth's surface and the spread of pollution. As far as we know, neither of these satellites are carrying nukes or battle lasers or anything like that, but it's still probably not a good thing that hackers were able to take complete control of them.

"Complete control" means that the hackers were able to do more than just intercept transmitted data. Had they chosen to, they could have forged transmitted data from the satellite, turned off the satellite's transmitter completely, or even commanded the satellite to destroy itself. There have been no indications that the security breaches led to anything like this, but according to the congressional report, it's a certainty that "the responsible party achieved all steps required to command the satellite."

The report also suggests that the aforementioned responsible party may have been Chinese. There's no proof, but attacking ground-based satellite control infrastructure (the breaches originated at a control station in Norway) is consistent with Chinese military tactics, and "individuals participating in ongoing penetrations of U.S. networks have Chinese language skills and have well established ties with the Chinese underground hacker community." Obviously, this is something that the U.S. is taking very seriously, since more sensitive satellites (the ones that probably do have the battle lasers) are also controlled via ground stations that may be vulnerable to similar attacks.

Business Week, via Net-Security

For the latest tech stories, follow us on Twitter at @dvice