An adversary who compromised the space resource or the communication channel can leverage his access to collect data. If the communication is unencrypted, the collection corresponds to the channel eavesdropping.
ID | Name | Description | |
T1557 | Adversary in the Middle | Adversaries may attempt to position themselves between two or more networked devices using an adversary-in-the-middle (AiTM) technique. | |
.001 | Unauthenticated gateway or unauthenticated interplanetary node | If unauthenticated gateways or unauthenticated interplanetary nodes are used, an adversary can substitute them with an own resource, to collect or modify transmitted data. | |
.002 | Satellite constellation | A satellite with stolen credential can take place into a dynamic constellation and collect data. | |
T2018 | Data from link eavesdropping | Adversaries can collect data transmitted over a channel, if he is able to decode and decrypt the communication. | |
.001 | Payload eavesdropping | Adversaries can collect data transmitted over the payload channel, if it is used. | |
.002 | Range Data eavesdropping | Adversaries can intercept range data to locate and more accurately target the victim spacecraft. Mitigation from higher level protocols (encryption to assure confidentiality). | |
.003 | TC/TM eavesdropping | An attacker can collect and have access to data transmitted by TT&C if the communication doesn't rely on encryption. |