Information Warfare: How To Hack A Satellite

Archives

April 20, 2015: On April 8th a major French TV network (TV5) was hijacked by hackers working for ISIL (Islamic State in Iraq and the Levant . Calling themselves the CyberCaliphate the group had apparently spent weeks getting past the formidable network security and did some major damage. TV5 satellite feeds send programming to over 250 million customers (households and businesses) worldwide. All eleven TV5 channels were dark for three hours before a temporary data feed was established to put something on customer TV screens. It took over a week to clean the network of all the hacker malware and begin work on improving security. Other French media companies were informed of the threat and joint efforts were underway to improve security. Whatever enthusiasm there is for better security will probably not last because this was not the first time something like this has happened.

It’s not that the threat was ignored or underestimated. Officially the hacker threat is taken very seriously by media companies, especially those who broadcast. Starting in the late 1990s growing reliance on data networks and satellite distribution of programming resulted in more and more attacks on these networks by groups seeking to get some attention by briefly seizing control of or shutting down these systems.

These attacks reached something of a crescendo in 2007 when a Chinese satellite television channel was taken over by hackers. For about 90 minutes, the government had no control over the feed, which was replaced by anti-government material. The Chinese government tried to keep details of how this happened out of the news but because over 130 million Chinese had access to the Internet and even more have cell phones it was impossible to completely black out details of what happened. Senior officials were quite upset about this incident. Especially because since 2002 there have been over a dozen incidents worldwide of hijacking satellite television signals. Several of these took place in China, but until 2007 the government assured everyone that the "problem" was fixed.

A decade ago the increasing number of incidents of space satellites being "hacked", was believed to be largely the result of an increase in the number of satellites up there, and the number of ground stations broadcasting information up into the sky. Many of these early "hacks" turned out to be satellite signals interfering with one another. Same with cases where people believe their GPS or satellite communications signals are being jammed. On further investigation, the real reasons tend to be less interesting, and a lot more technical. All this usually has a large element of human error mixed in. But some of the disruptions were deliberate.

The 2007 China incident clearly indicated a security problem. If you have the proper passwords and security information, you can send commands to the satellite, and do whatever you want. The Chinese had a security problem and to Chinese rulers that was more frightening than, well, just about anything. China has since greatly improved their satellite security but as TV5 discovered that is not always enough.

All of the accidental jamming demonstrated to hackers how easy it was to do it on purpose. There were a growing number of examples of that. In response the U.S. Air Force has long (decades) been developing electronic tools for attacking and defending satellite communications and the satellites themselves was already training people to attack and defend space satellites. This effort involved figuring out new or improved ways to jam satellites. Then you keep that stuff secret, in case potential enemies have not figured this out themselves. Next, you work on ways to defeat the weapons developed. Most of this is playing around with the signals themselves. You can unjam a jamming signal with another signal. However, a lot of trial and error is required, and you want to get that done way in advance of any actual war. When you do have to use this stuff for real, you have to expect that the enemy may well have come up with some angle you missed. Thus there will be some rapid improvisation, and you will have more time and resources for this if you have worked out, ahead of time, the details of disasters you have already anticipated. No one releases much information about this, for obvious reasons. There isn't much discussion from any government, unless there was a terrorist attack using these techniques. Now that has happened in a very public fashion and it was done using clever and determined hacking of the ground based networks that control the programming and the satellites.

Some satellite “hacking” problems have been solved. For example it has been shown that if there is government jamming that could be identified as such. This was demonstrated back in 2003 when satellite broadcasters transmitting television shows to Iran found their signals being jammed. The source of the jamming was quickly traced to Cuba. A satellite signal is very difficult to jam as it comes down from the satellite. But if you are close to the ground station that beams the signal up to the satellite, you can more easily interfere with that. At first it was thought that the Cuban government, using an old Soviet era electronic eavesdropping facility outside Havana, were doing the jamming as a favor to Iran (which buys Cuban support with supplies of cut rate oil.) Back then the Chinese had already paid Cuba a lot of money to take over and revive the old Soviet facility. The Cuban government denied it had anything to do with the jamming and said it would find out where the jamming was coming from, and they did. Soon the Cuban government reported that they had traced the jamming signal to a suburban compound owned by the Iranian embassy. The Cubans ordered the jamming to stop, and it did.

There have been few additional efforts like this, mainly because it was obvious that you could not easily hide a jammer. Satellite broadcasters also took measures to make such jamming much more difficult to do. There were also efforts to improve defense against hackers, but for TV5 the defenses were not robust enough.

 

 

X

ad

Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contribute. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   contribute   Close