Bengaluru: China launched a “computer attack” against Indian satellite communication in 2017 as part of a range of “counterspace-related testing and operations”, a new report by US-based China Aerospace Studies Institute (CASI) has said.
The report on Chinese threats, which was published last week, carried a single line about the attack against Indian satellite communication. However, it owes its origin to a New Indian Express report in November 2017.
According to the Express report, a “high-profile government meeting”, which took place in September 2017 and involved video conferencing, was compromised by Chinese hackers.
The hacked video call was in Chinese control for about 4 to 5 minutes before Indian cybersecurity teams were able to launch a counterattack, eventually neutralising the breach, said the report. It quoted anonymous Indian sources, saying the attack breached the country’s “most sophisticated and secret link”.
The Indian cybersecurity patrolling team that neutralised the link was unable to verify if the attack came from the Chinese state or non-state cybercriminals.
A leaked Intelligence Bureau (IB) note had warned the Indian government about the threat of growing attacks in cyberspace, said the Express report.
“There is no let-up in targeting of a large number of Indian computers for data pilferage. Whereas government has taken several steps to address security concerns emanating from cyberspace, sources of threats to Indian cyberspace have become varied and unrelenting,” the report quoted the IB note as saying.
This Express report had formed the basis of a 2019 report by US-based think-tank Center for Strategic and International Studies (CSIS), which has now been cited by the CASI report.
In 2019, unconfirmed reports indicated that alerts were reportedly sent to ISRO about threats from North Korean hackers just before the Vikram lander’s scheduled landing. In response, former ISRO chairman K. Kasturirangan said he wasn’t aware of any such alerts, but the space agency has mechanisms in place to deal with hacking.
Increasing Chinese cyber espionage
Both the CASI and CSIS reports list out the various cyberattacks carried out by Chinese operators since 2007.
In October 2007 and July 2008, Chinese cyberattacks targeted the Landsat-7 remote sensing satellite, operated by the US Geological Survey. The attacks were routed through a ground station in Norway, and each attack lasted 12 minutes although the Chinese players did not gain control of the satellite.
In June and October 2008, Chinese hackers attacked NASA’s Terra Earth observation satellite, where the hackers “achieved all steps required to command the satellite but did not issue commands”.
In September 2014, the US National Oceanographic and Atmospheric Administration’s (NOAA) satellite information and weather systems were hacked, leading NOAA to take their system offline and stop transmitting satellite images for two days.
In June 2018, cyber researchers at Symantec reported a “sophisticated hacking campaign” from China “burrowed deeply” into satellite operators, defence contractors and telecommunications companies. Two US-based satellite companies were targeted.
Symantec researchers could not determine which systems had been accessed but they said “the hackers infected computers that controlled the satellites, so that they could have changed the positions of the orbiting devices and disrupted data traffic”.
China shows no signs of slowing its investment in developing counterspace capabilities, concluded the CSIS report.