Somebody doesn’t like a new website that checks on secret nuclear weapon facilities around the world. On Wednesday, the Project on Crowdsourced Satellite Imagery was taken down by a denial of service attack. The attack came just two days before North Korea's big nuclear test on September 9.
“It’s suspicious timing,” said Melissa Hanham, a senior research associate at the Center for Nonproliferation Studies at the Middlebury Institute of International Studies. “It’s also really frustrating.” The center, based in Monterey, California, launched the imagery site in May. The idea was to buy images of sensitive sites---like the Shahrud Missile Test Facility in Iran or the Nova Zemlya nuclear site that Russia uses on a remote Arctic archipelago---from commercial satellite firms.
By comparing before and after images, eagle-eyed volunteers and trained image analysts might glean details---a funny line in the sand, or a tumble of rocks, or some new parked trucks, for example---that suggest something worrisome is afoot. The group had posted pictures of a suspected chemical weapons depot in Myanmar and a North Korean submarine shipyard that manufactures ballistic missiles that might one day carry a nuclear weapon.
Satellite imagery used to be the exclusive purview of the US and Russian governments. But as the price of commercial satellite imagery fell and the quality improved, non-governmental organizations started accessing the information.
Beginning late Wednesday, Hanham said, the server holding the center’s satellite imagery was taken down. “We are restarting and our security company is looking into as much information about the attack,” she said. “We are going to get it up as soon as possible.”
Hanham can’t say who is responsible, but she is sure the outage was not the result of a technical problem within the center's computers or server. She says the center saw a huge spike in traffic on Wednesday that led to the denial of service at midnight, and that Amazon Web Services confirmed the server was the target of a denial of service attack.
North Korea and Russia are suspects. Both countries have an interest in keeping people from knowing just what's happening at their test sites, and the center has made both countries the focus of its work. Last week, the group posted before and after images of a Russian nuclear site. Russian hackers have been linked to attacks in August on five different Washington-based think tanks, including the Center for Strategic and International Studies, reported Defense One.
And the Punggye-Ri nuclear site in North Korea also is a target of the center's work. Hanham is an expert on North Korea’s nuclear program, and she has thoughts about Friday’s blast, a nuclear test that South Korean officials said created a 5.3 magnitude earthquake.
For one, Hanham says that the formula that Western experts use to judge the size of the blast may not be accurate. That’s because the ratio of seismic shock to kilotons of TNT is based on tests the US military performed in Nevada in the 1950s. It consisted of placing a large, and known, pile of explosives so many feet underground, then measuring the amplitude of the seismic waves. American scientists thoroughly understood the geology of the Nevada test site. Not at Punggye-Ri.
“In North Korea, we have no idea how much they put down, how deep it was and the geology of the area,” Hanham said. “There are three variables that are unknown to us. We can only make our best guess.”
Hanham has been studying images from the Punggye-Ri nuclear test site since 2006. It is ringed by mountains. And it’s not clear if the tunnels where the bombs are being deployed are being drilled horizontally or deep below these mountains. Those details have a big effect on any estimates about the size of a blast.
What's more, the North Koreans are getting better at hiding the gases that escape from these tunnels. Those gases contain radionuclides, which can indicate whether the bomb used highly-enriched uranium or plutonium, for example---key clues for international monitors.
The Comprehensive Nuclear Test Ban Treaty Organization, which monitors compliance with the treaty of the same name, monitors the air for radionucleotides and releases a public report. It hasn't released data about the last nuclear blast in North Korea in January, Hanham said.
Hanham remains optimistic that this cyberattack won’t deter the center's goal of using human volunteers and remote sensing to keep an eye on rogue nations. “I had hoped the forces of good could crowdsource and stop this kind of thing,” she says. “It’s frustrating when an actor can disrupt that for you. The project has been doing very well. Our security company will analyze this pretty quickly.”
Even though the servers are still down, Hanham predicts nuclear and chemical bomb-making nations won’t be able to hide for long. She said there is new satellite imaging technology available soon that will peer through clouds and see at night. In Friday, it was cloudy over Punggye-Ri.
