Deccan Chronicle

Space: New cybercrime battlefield?

Deccan Chronicle| Jayanth Murali

Published on: May 26, 2019 | Updated on: May 26, 2019

Satellites and Space Stations, despite being in space, are susceptible to cyberattacks.

In October 2007 and July 2008, a Landsat-7 Earth observation satellite built by NASA and managed by the US Geological Survey experienced 12 or more minutes of interference.

In October 2007 and July 2008, a Landsat-7 Earth observation satellite built by NASA and managed by the US Geological Survey experienced 12 or more minutes of interference.

20th Century Fox's Independence Day released on July 4, 1996, was a blast - A sci-fi disaster film about an alien spacecraft that attacks Earth on Fourth of July weekend. But, the scene at the climax where Jeff Goldblum uses a Mac laptop to upload a computer virus to the alien mothership disabling the attacking ships, felt downright unbelievable to the fans.

In the same vein, is it believable for a virus to infect a space station orbiting at a distance of over 330 km above the earth? It shocked astronauts on board to find their Windows XP-based laptops on the International Space Station (ISS) infected with a virus called W32.Gammima in 2008. Gammima.AG worm is a malware that gathers and transmits sensitive gaming data to an attacker. Investigations later revealed that unsuspecting Russian cosmonauts had inadvertently carried infected USB storage devices aboard the station
spreading computer viruses to the connected computers. The damage by the malware to the computer systems of the ISS is unknown to date.

Eugene Kaspersky, head of security firm Kaspersky labs, maintains that the virus epidemic took hold of the space-based computers, including dozens of laptops. Following which the authorities concerned took a decision to migrate from the Windows XP operating system to a more secure GNU/Linux operating system.

Satellites and Space Stations, despite being in space, are susceptible to cyberattacks. In fact, regularly over the years, the orbiting stations and satellites have become infected by malware.

Similar to computers, satellites communication systems are vulnerable to hacking. In September 2014, the US National Oceanographic and Atmospheric Administration reported that a serious hacking incident took its Satellite Data Information System offline denying high volumes of data to weather forecasting agencies around the world for 48 hours. Prior to this episode, in October 2007 and July 2008, a Landsat-7 Earth observation satellite built by NASA and managed by the US Geological Survey experienced 12 or more minutes of interference. Similarly, a NASA-managed Terra AM-1 Earth-observation satellite suffered interference for two minutes or more on a single day in June 2008, and at least nine minutes on one day in October 2008. This is not futuristic science fiction - it is real, and it is happening right now.

For instance, in the 1990s, radio technologists in Brazil discovered that they could latch on to the UHF frequencies dedicated to satellites in the Navy's Fleet Satellite Communication system, or FLTSATCOM. Hackers in Brazil used high performance antennas and home brew gear to turn US Navy Satellites to their own CB communicators. Since then, apart from truckers and others, drug dealers have been using the link to traffic drugs and tree fellers have been using it to transmit warnings to other loggers when the authorities begin operations against them. After the US came to know of the misuse of their Navy Satellite links by the Brazilians, they forced the Brazil government to launch a crackdown called "Operation Satellite" During which, police arrested truckers, farmers, university professors, and electricians for hacking into the US Navy Satellite.

Similarly, Turla APT (Advanced Persistent Threat) a sophisticated Russian cyber-espionage group, believed to be sponsored by the Russian government, has targeted a number satellites and abused satellite based Internet connections to siphon sensitive data of government, military, embassy, research, and pharmaceutical organisations in over 45 countries, including China, Vietnam, and the United States. They have been doing so by exploiting the loopholes available in the orbiting satellites.

The UK-based newspaper Sunday Business had carried a story stating that computer hackers had attacked the UK's military communications satellite Skynet which the Ministry of Defence was quick to deny but the computer fraud detectives at the Scotland Yard said they were investigating the matter. As much of the UK's military intelligence from places such as Kosovo comes through Skynet, the attack on satellite was being considered a dangerous breach of security.

Terrorists and criminals, of late, have been focusing on satellite technologies. Who can forget    the manner in which Lashkar -e-Taiba utilised GPS to sail into Mumbai and once in Mumbai they used Google Earth to navigate inside the city to intended places of attack from where they launched attacks by receiving instructions over satellite phones all the way from Karachi?  

Similarly, Shia insurgents from Iraq have intercepted live video feeds from unmanned US Predator drones using a software called SkyGrabber made by a Russian company called SkySoftware.

 $26 software is actually an Internet downloaded software which intercept videos, music, photos, etc. Users don't need an internet connection but just a customised satellite dish to grab the desired satellite signals.

The militants used SkyGrabber to tap into feeds from the Predator drones that were increasingly being used in operations in Afghanistan and Iraq. Militants could do so because the feeds being sent by the drones to the ground stations we're not encrypted. Americans discovered this problem when the US military arrested a Shiite militant and found him in possession of a laptop containing intercepted drone feeds. They later discovered similar feeds in laptops belonging to many other militants, which led them to believe that, militants groups had received training in drone interception.

And likewise, Gendarmerie Air Transport (GTA)-a division of the National Police in France-is looking into the possibility of someone having  tampered with the satellite communications systems of the widely reported Malaysia Airlines aircraft (flight MH370) that disappeared in 2014.

Satellites confer many benefits on humankind. Has anyone wondered what would be our fate if the satellites suddenly ceased to function? If the satellites stop functioning, making international calls could become impossible, our favourite TV programmes reaching us through the satellite dish would become unavailable, our GPS systems would crash and governments would lose grip over communications systems. All this could happen if we let the hackers hack satellites. Hackers hack satellites by exploiting the vulnerabilities and security back-doors. Here's a shocker, some satellite systems even today run on Windows XP or Windows 95. In fact, there are reports that the UK's Royal Navy uses Windows ME, which, if you did not know, is a predecessor to Windows XP. Hackers interested in satellite hacking exploit such technological gaps .They also spoof and jam satellite signals. I have chosen not to discuss spoofing and jamming of satellites, as I have previously dealt with them elaborately here.

Are you aware that, several multi-ton satellites with Windows-95 operating systems are orbiting our planet faster than the speed of sound? These satellites are responsible for everything from GPS, weather forecasts, television signals, mobile signals and the Internet. The countries that own these satellites consider them invaluable for the services they provide. Countries that own these satellites do not take these satellites down despite being old and susceptible to hacking because it's prohibitively expensive. Such old satellites with outdated systems become prime targets for satellite attacks.  

A Cyber-criminal who wishes to hack a satellite would fake his IP address, which provides information about his computer and location. After which he gains entry into the satellite's computer system. Once he gains foothold inside the system, he manipulates the satellite and controls where the satellite goes or what it does. He could jam the radio transmission from earth disabling it. The cost of such an attack could be huge. If a satellite stops functioning, then people on earth will get deprived of GPS, Internet, and cell phone communications. What's even worse is, knocking out of a part or an entire satellite out of its orbit could create a domino effect and cause extreme damage to other satellites.

Finding out the culprit who caused the attack on satellite is tough because scientists can't access these computer systems from earth. Just imagine, what would happen if terrorists altered the flight paths and crashed the satellites into other satellites. China, in fact, has provided such ideas to malicious actors by obliterating one of its own aging satellites unnerving the US and other governments.

A type of miniature satellites called Cubesats are being used for tracking terrorists besides interplanetary missions .Cubesats are less expensive to build and operate. Cubesats are so small they fit in the palm of one's hand. For the police and military, watching terrorists from space has unique advantages over ground-and air-based systems. Cubesats are becoming indispensable for  "high-value target" missions, such as the raid on Al-Qaeda chief Osama Bin Laden.US recently launched several cubesats to track high value targets like ISIS and Al-Qaeda, through SpaceX rocket. Special Reconnaissance, Surveillance and Exploitation program in Special Ops Command, USA, has several programs designed to help locate high-value targets using covert tracking tags.Cubesats has opened up an inexpensive way of exploring planets on a shoestring. NASA's Jet Propulsion Lab could launch two Cubesats Marco-1 and Marco-2, to voyage Mars at a low cost of US $13 million.

The reason for cyber-conflicts in space could be many. States or non-state actors could indulge in gaining military advantage or governments could use it to steal strategic intellectual property or criminal gangs could use it to steal cash or groups/ governments might want to cause Kessler Effect which is to initiate a cascade of collisions to deny all the use of space in the foreseeable future.

Just like other digital networked systems, satellites their ground stations and other space assets are vulnerable to cyberattacks. There is a need for a global organised effort to counter these threats. Other than some sporadic efforts being made by the United Nations, there is no international body fully dedicated to cyber-security in space. Establishing an international body to assess risks, establish safeguards and promote best practices can go a long way in filling in this gap.

Space and space technology offers enormous benefits and has helped humankind improve life on earth. On the negative side, space assets in the outer cosmos may have attracted the Cyber-criminals. The inner cosmos has attracted spiritual seekers to traverse its depths in search of eternal bliss and wisdom. Congruously, astronauts who viewed earth from space have reported spiritual feelings of awe, interconnected euphoria, and global consciousness.

(Dr K. Jayanth Murali, an IPS officer, is Director DVAC, Chennai)

About The Author
Latest News
Most Popular