Command and Control consists of techniques that adversaries may use to communicate with systems under their control. Adversaries commonly attempt to mimic normal, expected traffic to avoid detection .
ID | Name | Description | |
T2047 | Protocol Tunnelling | Adversaries may tunnel network communications to and from a victim system within a separate protocol to avoid detection/network filtering and/or enable access to otherwise unreachable systems. Tunneling involves explicitly encapsulating a protocol within another.This behavior may conceal malicious traffic by blending in with existing traffic and/or provide an outer layer of encryption | |
T2019 | Telecommand a Spacescraft | Command and Control consists of techniques that adversaries may use to communicate with systems under their control. Adversaries commonly attempt to mimic normal, expected traffic to avoid detection .If the attacker has the system under its control, he can interact with it to command it | |
.004 | Telecommand within a spacescraft | From inside the spacecraft (after gaining access eg to a payload), an attacker can send telecommand to the on board computer. | |
.005 | Replay attacks | An attacker can intercept a message (e.g with jamming) stored it , and then replayed it. | |
.006 | Telecommand capabilties | An attacker can send command with a direct access after obtaining telecommand capabilities ( e.g by hijacking a ground station). | |
T2048 | TT&C over ISL | If the attacker has already managed to issue Telcommands to a spacecraft, then, if Inter Satellite Links (ISL) are used, he can attempt to issue Telecommands to other spacecrafts over the ISLs. |