Collection

An adversary who compromised the space resource or the communication channel can leverage his access to collect data. If the communication is unencrypted, the collection corresponds to the channel eavesdropping.

ID: TA0009
Created: 25 August 2022
Last Modified: 14 April 2023

Techniques

Techniques: 2
ID Name Description
T1557 Adversary in the Middle Adversaries may attempt to position themselves between two or more networked devices using an adversary-in-the-middle (AiTM) technique.
.001 Unauthenticated gateway or unauthenticated interplanetary node If unauthenticated gateways or unauthenticated interplanetary nodes are used, an adversary can substitute them with an own resource, to collect or modify transmitted data.
.002 Satellite constellation A satellite with stolen credential can take place into a dynamic constellation and collect data.
T2018 Data from link eavesdropping Adversaries can collect data transmitted over a channel, if he is able to decode and decrypt the communication.
.001 Payload eavesdropping Adversaries can collect data transmitted over the payload channel, if it is used.
.002 Range Data eavesdropping Adversaries can intercept range data to locate and more accurately target the victim spacecraft. Mitigation from higher level protocols (encryption to assure confidentiality).
.003 TC/TM eavesdropping An attacker can collect and have access to data transmitted by TT&C if the communication doesn't rely on encryption.