Analysis: The US Space Force and Rise of Satellite Hacking Systems

A lot of these negative attitudes come from fictional representations of future space travel, which feature a lot of combat. That may be the case during the development of space travel but currently it is more efficient to put satellites into orbit and defend them with robotic systems. It is currently too expensive and dangerous to use people. Early space program managers were aware of this but it was easier to obtain public support for the enormously expensive space programs by putting some people up there, even if some of them would be lost.

Not surprisingly the Space Force is the smallest military service, with about 10,000 personnel initially. Space Force is a separate service controlled by the Department of the Air Force. This is a similar arrangement to the Department of the Navy controlling two military services’ the navy and marine corps.

Personnel strength will soon reach over 15,000 as the other services transfer their personnel who currently do space force jobs. Space Force currently controls 77 spacecraft (satellites) plus two reusable X-37 OTVs (Orbital Test Vehicles) or “space places” that are put into orbit like a satellite but return and land like an aircraft. Unlike the Space Shuttle, the X-37 has no crew and is robotic. Space Force also controls billions of dollars’ worth of space development programs. Most of the Space Force personnel, units and programs came from the U.S. Air Force Space Command.

Borrowing another feature of the Marine Corps, the Space Force will receive many support services from the air force. Initially this support will be more extensive than the logistics, medical care and transportation services the navy provides to the marines because the Space Force will also depend on the air force for recruiting and training of new enlisted personnel

The Air Force and other American defense organizations transferred existing weapons systems that are suitable for the Space Force. One of these is an upgraded (in 2014) version of CCS (Counter Communications System) the air force has been using since 2004 as a ground-based satellite communications jamming system. With CCS version B10.2 the United States has a satellite jammer comparable to systems used by other countries, especially Russia.

Similar Russian systems are something of a mystery. Since 2014 many EW (electronic warfare) devices have been used in eastern Ukraine and Syria for testing “under combat conditions.” This is a unique opportunity to discover weaknesses, fix them and then promote export sales with a “combat proven” item. Equipment still in development is also tested. One example of that was the truck-mounted Tirada-2 orbital jamming system that showed up during early 2019 in eastern Ukraine. Tirada-2 was there help to hack the control signals and video feeds from American RQ-4B Global Hawk UAVs that regularly operate over eastern Ukraine. A successful hack would provide a look at what these UAVs see when they monitor Russian activity. Some RQ-4Bs are equipped with “space satellite quality” electronic sensors and the Russians were hoping to get an opportunity to monitor and perhaps hack those systems. Ukrainian and Western intelligence was aware of the existence of Tirada-2 if only because a less capable export model was being offered for sale. A more capable non-export Tirada-2 later showed up in Eastern Ukraine (Donbas). As one would expect, no one provided any details of who has been able to do what to whom. The fighting in Ukraine escalated in 2022 with a Russian effort to take control of all Ukraine. So far, the Ukrainians are holding their own when it comes to hacking Russian systems and civilian space-based systems like the photo satellites that provide journalists with current satellite photos of what is happening on the ground. In this sense these commercial satellite operators are guardians of the truth.

Hacking and jamming satellites is nothing new. Even Islamic terrorists are active in this area. For example, in 2015 a major French TV network (TV5) was hijacked by hackers working for ISIL (Islamic State in Iraq and the Levant). Calling themselves the CyberCaliphate, this group had apparently spent weeks getting past the formidable network security and did some major damage. TV5 satellite feeds send programming to over 250 million individual and business customers worldwide. All eleven TV5 channels were dark for three hours before a temporary data feed was established to put something on customer TV screens. It took over a week to clean the network of all the hacker malware and begin work on improving security. Other French media companies were informed of the threat and joint efforts were underway to improve security. Whatever enthusiasm there was for better security will probably not last because this was not the first time something like this happened. The Space Force is supposed to monitor this situation and take action as needed.

It’s not that the satellite control threat was ignored or underestimated. Officially the hacker threat is taken very seriously by media companies, especially those who broadcast via satellite. Starting in the late 1990s, growing reliance on data networks and satellite distribution of programming resulted in more and more attacks on these networks by groups seeking to get some attention by briefly seizing control of or shutting down these systems.

These attacks reached something of a crescendo in 2007 when a Chinese satellite television channel was taken over by hackers. For about 90 minutes, the government had no control over the feed, which was replaced by anti-government material. The Chinese government tried to keep details of how this happened out of the news but, because over 130 million Chinese then had access to the Internet and even more had cell phones, it was impossible to completely blackout details of what happened. Senior officials were quite upset, especially because since 2002 there had been over a dozen incidents worldwide of hijacking satellite television signals. Several of these took place in China, but until 2007 the government assured everyone that the “problem” was fixed.

After 2000 the increasing number of incidents of space satellites being “hacked” was believed to be largely the result of an increase in the number of satellites up there, and the number of ground stations broadcasting information up into the sky. Many of these early “hacks” turned out to be satellite signals interfering with one another. Same with cases where people believe their GPS or satellite communications signals were being jammed. On further investigation, the real reasons tend to be less interesting and a lot more technical. All this usually had a large element of human error mixed in. But some of the disruptions were deliberate.

The 2007 China incident clearly indicated a security problem. If you have the proper passwords and security information, you can send commands to the satellite and do whatever you want. The Chinese had a security problem and to Chinese rulers that was more frightening than, well, just about anything. China has since greatly improved its satellite security but as TV5 discovered that is not always enough. Russian EW developers watched all this with great interest and considered the possibility of improving and “weaponizing” these hacking capabilities.

All of the accidental jamming incidents demonstrated to hackers how easy it was to do it on purpose. There were a growing number of examples of that. In response, the U.S. Air Force has long (decades) been developing electronic tools for attacking and defending satellite communications, and the satellite operators themselves were already training people to attack and defend space satellites. This effort involved figuring out new or improved ways to jam satellites. Then you keep that stuff secret, in case potential enemies have not figured this out themselves. Next, you work on ways to defeat the weapons developed. Most of this is playing around with the signals. You can unjam a jamming signal with another signal. However, a lot of trial and error is required, and you want to get that done way in advance of any actual war. When you do have to use this stuff for real, you have to expect that the enemy may well have come up with some angle you missed. There will be some rapid improvisation, and you will have more time and resources for this if you have worked out, ahead of time, the details of disasters you have already anticipated. No one releases much information about this, for obvious reasons. There isn’t much discussion from any government unless there is a terrorist attack using these techniques. Now that has happened in a very public fashion, and it was done using clever and determined hacking of the ground-based networks that control the programming and the satellites. This mobilization of resources in an emergency capability is another task Space Force can handle.

Some satellite “hacking” problems have been solved. For example, it has been shown that if there is government jamming that could be identified as such. This was demonstrated back in 2003 when satellite broadcasters transmitting television shows to Iran found their signals being jammed. The source of the jamming was quickly traced to Cuba. A satellite signal is very difficult to jam as it comes down from the satellite. But if you are close to the ground station that beams the signal up to the satellite, you can more easily interfere with that. At first, it was thought that the Cuban government, using an old Soviet era electronic eavesdropping facility outside Havana, was doing the jamming as a favor to Iran, which buys Cuban support with supplies of cut-rate oil. Back then the Chinese had already paid Cuba a lot of money to take over and revive the old Soviet facility electronic monitoring. The Cuban government denied it had anything to do with the jamming and said it would find out where the jamming was coming from, and they did. Soon the Cuban government reported that they had traced the jamming signal to a suburban compound owned by the Iranian embassy. The Cubans ordered the jamming to stop, and it did.

There have been few additional efforts like this, mainly because it was obvious that you could not easily hide a jammer. Satellite broadcasters also took measures to make such jamming much more difficult to do. There were also efforts to improve defense against hackers, but for TV5 the defenses were not robust enough.

Russia quietly worked on ways to not only hack satellite control and data signals but to easily eavesdrop and monitor them. Encrypted signals can be decrypted and if you can do that you do not talk about it. But now the Russian satellite signal monitoring and hacking equipment are coming out of the development shadows and practicing on American equipment.

The U.S. Space Force and its guardians have inherited most American efforts in this area. This is an effort to make these offensive and defensive efforts more efficient and effective. That remains to be seen, as is the case with any major reorganization.

Strategy Page / News Monitors

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s