This technique is a result of utilizing TTPs to create an impact and the applicable countermeasures are associated with the TTPs leveraged to achieve the impact
ID | Name | Description | |
IMP-0001 | Deception (or Misdirection) | Threat actors may seek to deceive mission stakeholders (or even military decision makers) for a multitude of reasons. Telemetry values could be modified, attacks could be designed to intentionally mimic another threat actor's TTPs, and even allied ground infrastructure could be compromised and used as the source of communications to the SV. | |
IMP-0002 | Disruption | Threat actors may seek to disrupt communications from the victim SV to the ground controllers or other interested parties. By disrupting communications during critical times, there is the potential impact of data being lost or critical actions not being performed. This could cause the SV's purpose to be put into jeopardy depending on what communications were lost during the disruption. This behavior is different than Denial as this attack can also attempt to modify the data and messages as they are passed as a way to disrupt communications. | |
IMP-0003 | Denial | Threat actors may seek to deny ground controllers and other interested parties access to the victim SV. This would be done exhausting system resource, degrading subsystems, or blocking communications entirely. This behavior is different from Disruption as this seeks to deny communications entirely, rather than stop them for a length of time. | |
IMP-0004 | Degradation | Threat actors may target various subsystems or the hosted payload in such a way in order to rapidly increase it's degradation. This could potentially shorten the lifespan of the victim SV. | |
IMP-0005 | Destruction | Threat actors may destroy data, commands, subsystems, or attempt to destroy the victim SV itself. This behavior is different from Degradation, as the individual parts are destroyed rather than put in a position in which they would slowly degrade over time. | |
IMP-0006 | Theft | Threat actors may attempt to steal the data that is being gathered, processed, and sent from the victim SV. Many SVs have a particular purpose associated with them and the data they gather is deemed mission critical. By attempting to steal this data, the mission, or purpose, of the SV could be lost entirely. |
ID | Description |
Requirement | Rationale/Additional Guidance/Notes |
---|