Disruption

Measures designed to temporarily impair the use or access to a system for a period of time. Threat actors may seek to disrupt communications from the victim spacecraft to the ground controllers or other interested parties. By disrupting communications during critical times, there is the potential impact of data being lost or critical actions not being performed. This could cause the spacecraft's purpose to be put into jeopardy depending on what communications were lost during the disruption. This behavior is different than Denial as this attack can also attempt to modify the data and messages as they are passed as a way to disrupt communications.

ID: IMP-0002

Sub-techniques: No sub-techniques

Related Aerospace Threat IDs: SV-AV-1 SV-AV-2 SV-AV-3 SV-AV-4 SV-AV-5 SV-AV-6 SV-MA-2 SV-MA-3 SV-MA-5 SV-MA-7 SV-MA-8 SV-SP-1 SV-SP-3 SV-SP-4 SV-SP-5 SV-SP-9

Related MITRE ATT&CK TTPs: No related MITRE ATT&CK TTPs

ⓘ

Tactic: Impact

Created: 2022/10/19

Last Modified: 2023/07/18

Countermeasures

ID		Name	Description	NIST Rev5	D3FEND	ISO 27001
CM0000		Countermeasure Not Identified	This technique is a result of utilizing TTPs to create an impact and the applicable countermeasures are associated with the TTPs leveraged to achieve the impact	None		None

Related CWE Classes

Priority 1	Priority 2	Priority 3	Priority 4
CWE-118: Incorrect Access of Indexable Resource ('Range Error')	CWE-345: Insufficient Verification of Data Authenticity	CWE-1023: Incomplete Comparison with Missing Factors	CWE-114: Process Control
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer	CWE-404: Improper Resource Shutdown or Release	CWE-400: Uncontrolled Resource Consumption	CWE-642: External Control of Critical State Data
CWE-1263: Improper Physical Access Control	CWE-684: Incorrect Provision of Sensitive Information	CWE-657: Violation of Secure Design Principles	CWE-669: Incorrect Resource Transfer Between Spheres
CWE-1384: Insecure Default Variable Initialization	CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')	CWE-671: Lack of Accounting for Security Implications in Design	CWE-913: Improper Control of Dynamically-Managed Code Resources
CWE-1391: Improperly Implemented Security Check for Standard	CWE-912: Hidden Functionality	CWE-704: Incorrect Type Conversion or Cast	CWE-922: Insecure Storage of Sensitive Information
CWE-172: Encoding Error
CWE-20: Improper Input Validation
CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-506: Embedded Malicious Code
CWE-610: Externally Controlled Reference to a Resource in Another Sphere
CWE-662: Improper Synchronization
CWE-665: Improper Initialization
CWE-667: Improper Locking
CWE-696: Incorrect Behavior Order
CWE-732: Incorrect Permission Assignment for Critical Resource
CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-834: Excessive Iteration

Indicators of Behavior

ID	Name	Description	STIX Pattern

References

https://www.doctrine.af.mil/Doctrine-Publications/AFDP-3-14-Counterspace-Ops/
Space Security Index 2012. (2012). Retrieved on February 14, 2013, from http://swfound.org/media/93632/SSI_FullReport_2012.pdf
Steinberger, Jessica A. (2008). A Survey of Satellite Communications System Vulnerabilities. Retrieved on
Thuraya Telecom Services Affected by Intentional Jamming in Libya. (2011). Retrieved on February 16, 2013,
Jayawardhana, Walter. (2007). 2007 Intelsat to turn off LTTE beam. Retrieved on February 14, 2013, from http://www.dailynews.lk/2007/04/13/news01.asp
Wohlmuth, Radek. (2007). Umělci napadli vysílání ČT 2. Podívejte se jak. Retrieved on February 20, 2013, from
Sonne, Paul and Fassihi, Farnaz. (2011). In Skies Over Iran, a Battle for Control of Satellite TV. Retrieved on
Space Security Index 2012. (2012). Retrieved on February 14, 2013, from
Atkinson, S.:Bahrain TV station struggles as signal blocked Url: https://www.bbc.co.uk/news/business-15699332 November 2011 Retrieved 08/07/2019
O’Carroll, L.: Al-Jazeera: jamming traced to sites near Egyptian military bases Url: https://www.theguardian.com/media/2013/sep/03/al-jazeera-jamming-traced-egyptian-military September 2013 Retrieved 09/07/2019
Resilient Navigation and Timing Foundation: GPS Jammer Delays Flights in France Url: https://rntfnd.org/2017/09/15/gps-jammer-delays-flights-in-france/ September 2017 Retrieved 09/07/2019
Arabsat.com: Arabsat is subject to Jamming and its Engineers succeed in locating its source Url: https://www.arabsat.com/NewsDetails.aspx?pageid=428&lang=2 May 2014 Retrieved 09/07/2019
Leyden, J.: Hamas hacks Israeli TV sat channel to broadcast pics of Gaza wounded Url: https://www.theregister.co.uk/2014/07/15/hamas_hack_israeli_sat_tv/ July 2014 Retrieved 09/07/2019
The American Gaddafist: Gaddafists Hack Libyan TV Signal March 5, 2017: https://www.youtube.com/watch?v=QwjAZGoGjPo&app=desktop Retrieved 09/07/2019
Symantec.com: Thrip: Espionage Group Hits Satellite, Telecoms, and Defense Companies Url: https://www.symantec.com/blogs/threat-intelligence/thrip-hits-satellite-telecoms-defense-targets June 2018 Retrieved 09/07/2019
ViaSat, Inc., KA-SAT Network cyber attack overview, https://news.viasat.com/blog/corporate/ka-sat-network-cyber-attack-overview, 2022, Retrieved October 27, 2022.
Santamarta, R., VIASAT incident: from speculation to technical details, https://www.reversemode.com/2022/03/viasat-incident-from-speculation-to.html, 2022, Retrieved October 27, 2022.
https://cromulence.com/blog/hack-a-sat-2022-finals-teams-on-the-attack
http://jmichaelwaller.com/wp-content/uploads/2016/08/IM-Telstar-Aug2003.pdf
http://news.bbc.co.uk/1/hi/sci/tech/4602674.stm
https://deadline.com/2022/10/french-satellite-operator-eutelsat-satellites-jammed-iran-1235137968/
https://ecadforum.com/2011/06/30/china-accused-of-jamming-tv-websites-in-ethiopia-computerworld-reported/
https://freebeacon.com/national-security/moscow-accuses-ukraine-of-electronic-attack-on-satellite/
https://twitter.com/elonmusk/status/1500026380704178178?s=20&t=rjlQDwlgJOec1Zic3zVblw
https://www.spiegel.de/international/world/silencing-unwanted-coverage-iran-jams-satellite-signals-carrying-foreign-media-a-686670.html
https://twitter.com/Cyberknow20/status/1593718963497672705
https://www.linkedin.com/feed/update/urn:li:activity:6983446841275084801
https://www.linkedin.com/feed/update/urn:li:activity:6983753241767337984
https://www.linkedin.com/feed/update/urn:li:activity:6985237641747120128
https://www.reuters.com/article/us-nasa-hacking-idUSTRE81803S20120209