Threat Levels to Space Systems

Using a pre-defined, tiered adversary system to calculate likelihood in combination with an unclassified threat model, an example security baseline can be established. Cyber threat likelihood includes aspects such as exploitation difficulty, motivation, and adversary capabilities. The motivation and exploitation difficulty would be program dependent, but the adversary capabilities can be analyzed using a generic approach.

The following table outlines the cyber threat vectors, including their skill level, motivation, and methods:

IScript KiddiesVery lowLowBoredom, thrill seekingDownload and run already-written hacking scripts known as “toolkits”
IIHackers for HireLowModeratePrestige, personal gain, thrill seekingWrite own scripts, engage in malicious acts, brag about exploits
IIISmall Hacker Teams, Non-State Actors OR Disorganized/Non-Advanced State ActorsModerateModeratePower, prestige, intellectual gain, respectWrite scripts and automated tools
IVInsider Threats (e.g., disgruntled employees)Very Low – Very HighVery Low – Very HighUnwitting, ideology, politics, espionageInsider knowledge lowers the barrier of entry. Methods span the spectrum from simple to sophisticated.
VLarge, Well-Organized Teams, Criminal, Non-State, or State ActorsHighHighPersonal gain, greed, revengeSophisticated attacks by criminal/thieves, may be “guns for hire” or involved in organized crime
VIHighly Capable State ActorsVery highVery highIdeology, politics, espionage State sponsored, well-funded cyberattacks against enemy nations
VIIMost Capable State Actors
In this threat model, each tier was evaluated for capabilities around:

  • Ability to Access Networks
  • Ability to Discover & Exploit Vulnerabilities
  • Ability to Defeat Crypto & Authentication
  • Command & Control Sophistication
  • Ability to Affect Cyber/Physical Systems
  • Ability to Gain Physical Access
  • Sophistication of Human Influence

The resulting analysis is reflected in an updated threats vectors diagram with a threat tier overlay as shown below. This diagram can assist in understanding the adversary levels a program could face for specific threat vectors. Not every program will have to be resilient and mitigate threats across Tier I-VII. For example, a program may have a 90-day mission with a small budget and may choose to accept the risk that a Tier IV-VII adversary could successfully end their mission. This program will still want to mitigate threats vectors tied to Tier I-III.