TECHNIQUES

SPARTA

Reconnaissance

Gather Spacecraft Design Information

Software

Firmware

Cryptographic Algorithms

Data Bus

Thermal Control System

Maneuver & Control

Payload

Power

Fault Management

Gather Spacecraft Descriptors

Identifiers

Organization

Operations

Gather Spacecraft Communications Information

Communications Equipment

Commanding Details

Gather Launch Information

Flight Termination

Eavesdropping

Uplink Intercept

Downlink Intercept

Proximity Operations

Gather FSW Development Information

Development Environment

Security Testing Tools

Monitor for Safe-Mode Indicators

Gather Supply Chain Information

Hardware

Software

Known Vulnerabilities

Gather Mission Information

Resource Development

Acquire Infrastructure

Ground Station Equipment

Commercial Ground Station Services

Spacecraft

Compromise Infrastructure

Mission-Operated Ground System

3rd Party Ground System

3rd-Party Spacecraft

Obtain Capabilities

Exploit/Payload

Cryptographic Keys

Stage Capabilities

Identify/Select Delivery Mechanism

Upload Exploit/Payload

Initial Access

Compromise Supply Chain

Software Dependencies & Development Tools

Software Supply Chain

Hardware Supply Chain

Compromise Software Defined Radio

Crosslink via Compromised Neighbor

Secondary/Backup Communication Channel

Ground Station

Receiver

Rendezvous & Proximity Operations

Compromise Emanations

Docked Vehicle / OSAM

Proximity Grappling

Compromise Hosted Payload

Compromise Ground Station

Compromise On-Orbit Update

Malicious Commanding via Valid GS

Rogue External Entity

Rogue Ground Station

Rogue Spacecraft

Trusted Relationship

Mission Collaborator (academia, international, etc.)

Vendor

User Segment

Exploit Reduced Protections During Safe-Mode

Auxiliary Device Compromise

Assembly, Test, and Launch Operation Compromise

Execution

Position, Navigation, and Timing (PNT) Geofencing

Trigger Single Event Upset

Replay

Command Packets

Bus Traffic

Flooding

Erroneous Data

Valid Commands

Modify Authentication Process

Compromise Boot Memory

Exploit Hardware/Firmware Corruption

Design Flaws

Malicious Use of Hardware Commands

Disable/Bypass Encryption

Time Synchronized Execution

Absolute Time Sequences

Relative Time Sequences

Exploit Code Flaws

Flight Software

Operating System

Known Vulnerability (COTS/FOSS)

Inject Malicious Code

Exploit Reduced Protections During Safe-Mode

Modify On-Board Values

Registers

Internal Routing Tables

Memory Write/Loads

App/Subscriber Tables

Scheduling Algorithm

Science/Payload Data

Propulsion Subsystem

Attitude Determination & Control Subsystem

Electrical Power Subsystem

Command & Data Handling Subsystem

Watchdog Timer (WDT)

System Clock

Poison AI/ML Training Data

Side-Channel Attack

Spoofing

Time Spoof

Bus Traffic

Sensor Data

Exfiltration

Side-Channel Attack

Power Analysis Attacks

Electromagnetic Leakage Attacks

Traffic Analysis Attacks

Timing Attacks

Thermal Imaging attacks

Replay

Eavesdropping

Uplink Intercept

Downlink Intercept

Out-of-Band Communications Link

Proximity Operations

Modify Software Defined Radio

Compromised Ground Station

Compromised Developer Site

Compromised Partner Site

Persistence

Memory Compromise

Backdoor

Hardware

Software

Ground System Presence

Replace Cryptographic Keys

Defense Evasion

Disable Fault Management

Prevent Downlink

Inhibit Ground System Functionality

Jam Link Signal

Inhibit Spacecraft Functionality

Modify On-Board Values

Vehicle Command Counter (VCC)

Rejected Command Counter

Command Receiver On/Off Mode

Command Receivers Received Signal Strength

Command Receiver Lock Modes

Telemetry Downlink Modes

Cryptographic Modes

Received Commands

System Clock

GPS Ephemeris

Watchdog Timer (WDT)

Poison AI/ML Training Data

Masquerading

Exploit Reduced Protections During Safe-Mode

Modify Whitelist

Lateral Movement

Hosted Payload

Exploit Lack of Bus Segregation

Constellation Hopping via Crosslink

Visiting Vehicle Interface(s)

Impact

Deception (or Misdirection)

Disruption

Denial

Degradation

Destruction

Theft

Denial

Threat actors may seek to deny ground controllers and other interested parties access to the victim SV. This would be done exhausting system resource, degrading subsystems, or blocking communications entirely. This behavior is different from Disruption as this seeks to deny communications entirely, rather than stop them for a length of time.

ID: CM0000

Sub-techniques: No sub-techniques

Related Aerospace Threat IDs: SV-AV-1 SV-AV-2 SV-AV-3 SV-AV-4 SV-AV-5 SV-AV-6 SV-MA-2 SV-MA-3 SV-MA-5 SV-MA-7 SV-MA-8 SV-SP-1 SV-SP-3 SV-SP-4 SV-SP-5 SV-SP-9

Related MITRE ATT&CK TTPs: No related MITRE ATT&CK TTPs

ⓘ

Tactic: Impact

Created: 2022/10/19

Last Modified: 2022/10/28

Countermeasures

ID		Name	Description	NIST Rev5	D3FEND	ISO 27001
CM0000		Countermeasure Not Identified	This technique is a result of utilizing TTPs to create an impact and the applicable countermeasures are associated with the TTPs leveraged to achieve the impact	None	None	None

References

Fritz, J.: Satellite Hacking: A Guide for the Perplexed. In: Culture Mandala: Bulletin of the Centre for East-West Cultural and Economic Studies, Vol. 10, No. 1, December 2012-May 2013, pp40(1998 PANAMSAT)
Thuraya Telecom Services Affected by Intentional Jamming in Libya. (2011). Retrieved on February 16, 2013, from http://www.thuraya.com/about/profile/media-releases/thuraya-telecom-services-affected-byintentional-jamming-in-libya
Steinberger, Jessica A. (2008). A Survey of Satellite Communications System Vulnerabilities. Retrieved on
February 15, 2013, from http://www.dtic.mil/dtic/tr/fulltext/u2/a487592.pdf
The Royal Academy of Engineering: Global NavigationSpace Systems:reliance and vulnerabilities Url: https://www.raeng.org.uk/publications/reports/global-navigation-space-systems. March 2011 Retrieved 08/07/2019
Ferrazzani, M. and Zilioli, I.: ESA facing Cyber Security Concerns In: EUSpace Jean Monnet Module 2018 Url: http://www.eu-space.eu/images/2018/document/Slides/Slides-Ferrazzani-Zilioli.pdf Retrieved 08/07/2019
Halliday, J.: BBC fears Iranian cyber-attack over its Persian TV service Url: https://www.theguardian.com/media/2012/mar/14/bbc-fears-iran-cyber-attack-persian March 2012 Retrieved 09/07/2019
Pagliery, J.: U.S. weather system hacked, affecting satellites Url: https://money.cnn.com/2014/11/12/technology/security/weather-system-hacked/index.html December 2014 Retrieved 09/07/2019
Flaherty, M.P. and Samenow, J. and Rein, L.: Chinese hack U.S. weather systems, satellite network Url: https://www.washingtonpost.com/local/chinese-hack-us-weather-systems-satellite-network/2014/11/12/bef1206a-68e9-11e4-b053-65cea7903f2e_story.html?utm_term=.19171e40af67 November 2014 Retrieved 09/07/2019