SV-AC-7
Weak communication protocols. Ones that don't have strong encryption within it
Informational References
-
CENTRA - Cyber Threats to Satellite Networks
Lowest Threat Tier to
Create Threat Event: III
Notional Risk Rank Score:
High-Level Requirements
The Program shall only use acceptable secure communication protocols in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.
Low-Level Requirements
| Requirement |
Rationale/Additional Guidance/Notes |
|
The Program shall define acceptable secure communication protocols available for use within the mission in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. {SV-AC-7} {SA-4(9)}
|
|
|
The spacecraft shall only use [Program-defined] communication protocols within the mission. {SV-AC-7} {SA-4(9)}
|
|
|
The spacecraft shall protect the confidentiality and integrity of [all] transmitted information. {SV-AC-7} {SC-8}
|
|
|
The spacecraft shall implement cryptographic mechanisms to prevent unauthorized disclosure of, and detect changes to, information during transmission unless otherwise protected by alternative physical safeguards. {SV-AC-7} {SC-8(1),SI-7(6)}
|
|
|
The spacecraft shall maintain the confidentiality and integrity of information during preparation for transmission and during reception. {SV-AC-7} {SC-8(2)}
|
|
|
The spacecraft shall implement cryptographic mechanisms to protect message externals unless otherwise protected by alternative physical safeguards. {SV-AC-7} {SC-8(3)}
|
|
Related SPARTA Techniques and Sub-Techniques
| ID |
Name |
Description |
| REC-0005 |
Eavesdropping |
Threat actors may seek to capture network communications throughout the ground station and radio frequency (RF) communication used for uplink and downlink communications. RF communication frequencies vary between 30MHz and 60 GHz. Threat actors may capture RF communications using specialized hardware, such as software defined radio (SDR), handheld radio, or a computer with radio demodulator turned to the communication frequency. Network communications may be captured using packet capture software while the threat actor is on the target network. |
|
REC-0005.01 |
Uplink Intercept |
Threat actors may capture the RF communications as it pertains to the uplink to the victim SV. This information can contain commanding information that the threat actor can use to perform other attacks against the victim SV. |
|
REC-0005.02 |
Downlink Intercept |
Threat actors may capture the RF communications as it pertains to the downlink of the victim SV. This information can contain important telemetry such as onboard status and mission data. |
| EXF-0003 |
Eavesdropping |
Threat actors may seek to capture network communications throughout the ground station and communication channel (i.e. radio frequency, optical) used for uplink and downlink communications |
|
EXF-0003.01 |
Uplink Intercept |
Threat actors may target the uplink connection from the victim ground infrastructure to the target SV in order to exfiltrate commanding data. Depending on the implementation (i.e., encryption) the captured uplink data can be used to further other attacks like command link intrusion, replay, etc. |
|
EXF-0003.02 |
Downlink Intercept |
Threat actors may target the downlink connection from the victim SV in order to exfiltrate telemetry or payload data. This data can include health information of the SV or whatever mission data that is being collected/analyzed on the SV. |
| EXF-0005 |
Proximity Operations |
Threat actors may leverage the lack of emission security or tempest controls to exfiltrate information using a visiting SV. This is similar to side-channel attacks but leveraging a visiting SV to measure the signals for decoding purposes. |
Related SPARTA Countermeasures
| ID |
Name |
Description |
NIST Rev5 |
D3FEND |
ISO 27001 |