Winning: Russian Equipment Losses in 2023

Archives

January 21, 2024: When Russian ground forces are unable to advance, the Russians depend on ballistic and cruise missiles to do some damage. So far, the Ukrainians have managed to intercept most of these attacks with anti-aircraft systems they received from their NATO supporters. In 2023 the Ukrainians destroyed about 3,800 aerial targets. These included 887 cruise missiles, 15 Kh-47M2 Kinzhal ballistic missiles, 41 other ballistic missiles, 2,691 Iran supplied Shahed UAVs, 35 Lancet UAVs plus 131 Orlan and other UAVs, as well as a truck-mounted Tirada-2 orbital jamming system. Destroying a Tirada-2 system was particularly important because these systems are difficult to find and destroy. Tirada-2 systems are expensive to build and destroying one makes a big difference.

Russia has used these systems in Ukraine since 2019 in eastern Ukraine. Tirada-2 was there helping to hack the control signals and video feeds from American RQ-4B Global Hawk UAVs that regularly operate over eastern Ukraine. A successful hack would provide a look at what these UAVs see when they monitor Russian activity. Some RQ-4Bs were equipped with space satellite quality electronic sensors and the Russians were hoping to monitor and perhaps hack those systems.

Ukrainian and Western intelligence was aware of the existence of Tirada-2 if only because a less capable export model was offered for sale. A more capable non-export Tirada-2 showed up in Eastern Ukraine. As one would expect, no one provided any details of who has been able to do what to whom. The fighting in Ukraine escalated in 2022 with a Russian effort to take control of all Ukraine. So far, the Ukrainians are holding their own when it comes to hacking Russian systems and civilian space-based systems like the photo satellites that provide journalists with current satellite photos of what is happening on the ground. In this sense these commercial satellite operators are guardians of the truth.

Hacking and jamming satellites is nothing new. Even Islamic terrorists are active in this area. For example, in 2015 TV5, a major French TV network was hijacked by hackers working for ISIL (Islamic State in Iraq and the Levant). Calling themselves CyberCaliphate, this group had apparently spent weeks getting past the formidable network security and did some major damage. TV5 satellite feeds send programming to over 250 million individual and business customers worldwide. All eleven TV5 channels were dark for three hours before a temporary data feed was established to put something on customer TV screens. It took over a week to clean the network of all the hacker malware and begin work on improving security. Other French media companies were informed of the threat and joint efforts were underway to improve security. Whatever enthusiasm there was for better security will not last because this was not the first time something like this had happened. The American Space Force, established in 2019, is supposed to monitor these situations and act as needed.

It’s not that the satellite control threat was ignored or underestimated. Officially the hacker threat is taken very seriously by media companies, especially those who broadcast via satellite. Starting in the late 1990s, growing reliance on data networks and satellite distribution of programming resulted in more and more attacks on these networks by groups seeking to get some attention by briefly seizing control of or shutting down these systems.

These attacks reached something of a crescendo in 2007 when a Chinese satellite television channel was taken over by hackers. For about 90 minutes, the government had no control over the feed, which was replaced by anti-government material. The Chinese government tried to keep details of how this happened out of the news but, because over 130 million Chinese then had access to the Internet and even more had cell phones, it was impossible to completely blackout details of what happened. Senior officials were quite upset, especially because since 2002 there had been over a dozen incidents worldwide of hijacking satellite television signals. Several of these took place in China, but until 2007 the government assured everyone that the "problem" was fixed.

After 2000 the increasing number of incidents of space satellites being "hacked" was believed to be largely the result of an increase in the number of satellites up there, and the number of ground stations broadcasting information up into the sky. Many of these early hacks turned out to be satellite signals interfering with one another. Same with cases where people believe their GPS or satellite communications signals were being jammed. On further investigation, the real reasons tend to be less interesting and a lot more technical. All this usually had a large element of human error mixed in. But some of the disruptions were deliberate.

The 2007 China incident clearly indicated a security problem. If you have the proper passwords and security information, you can send commands to the satellite and do whatever you want. The Chinese had a security problem and to Chinese rulers that was more frightening than, well, just about anything. China has since greatly improved its satellite security but as TV5 discovered that is not always enough. Russian EW developers watched all this with great interest and considered the possibility of improving and “weaponizing” these hacking capabilities.

All of the accidental jamming incidents demonstrated to hackers how easy it was to do it on purpose. There were a growing number of examples of that. In response, the U.S. Air Force has for decades been developing electronic tools for attacking and defending satellite communications, and the satellite operators themselves were already training people to attack and defend space satellites. This effort involved figuring out new or improved ways to jam satellites. Then you keep that stuff secret in case potential enemies have not figured this out themselves. Next, you work on ways to defeat the weapons developed. Most of this is playing around with the signals. You can unjam a jamming signal with another signal. However, a lot of trial and error is required, and you want to get that done way in advance of any actual war. When you do have to use this stuff for real, you have to expect that the enemy may well have come up with some angle you missed. There will be some rapid improvisation, and you will have more time and resources for this if you have worked out, ahead of time, the details of disasters you have already anticipated. No one releases much information about this, for obvious reasons. There isn't much discussion from any government unless there is a terrorist attack using these techniques. Now that has happened in a very public fashion, and it was done using clever and determined hacking of the ground-based networks that control the programming and the satellites. This mobilization of resources in an emergency capability is another task the Space Force can handle.

Some satellite hacking problems have been solved. For example, it has been shown that if there is government jamming that could be identified as such. This was demonstrated back in 2003 when satellite broadcasters transmitting television shows to Iran found their signals being jammed. The source of the jamming was quickly traced to Cuba. A satellite signal is very difficult to jam as it comes down from the satellite. But if you are close to the ground station that beams the signal up to the satellite, you can more easily interfere with that. At first, it was thought that the Cuban government, using an old Soviet era electronic eavesdropping facility outside Havana, was doing the jamming as a favor to Iran, which buys Cuban support with supplies of low cost oil. Back then the Chinese had already paid Cuba a lot of money to take over and revive the old Soviet electronic monitoring facility. The Cuban government denied it had anything to do with the jamming and said it would find out where the jamming was coming from, and they did. Soon the Cuban government reported that they had traced the jamming signal to a suburban compound owned by the Iranian embassy. The Cubans ordered the jamming to stop, and it did.

There have been few additional efforts like this, mainly because it was obvious that you could not easily hide a jammer. Satellite broadcasters also took measures to make such jamming much more difficult to do. There were also efforts to improve defense against hackers, but for TV5 the defenses were not robust enough.

Russia quietly worked on ways to not only hack satellite control and data signals but to easily eavesdrop and monitor them. Encrypted signals can be decrypted and if you can do that you do not talk about it. But now the Russian satellite signal monitoring and hacking equipment are coming out of the development shadows and practicing on American equipment.

The U.S. Space Force and its technical experts have inherited most American efforts in this area. This is an effort to make these offensive and defensive efforts more efficient and effective. That remains to be seen, as is the case with any major reorganization. Ukraine is the most recent combat zone for jamming and counter jamming. Old techniques have been made obsolete and new methods have been rapidly developed.