Adversary in the Middle

Adversaries may attempt to position themselves between two or more networked devices using an adversary-in-the-middle (AiTM) technique.[1]

If unauthenticated gateways or unauthenticated interplanetary nodes are used, an adversary can substitute them with an own resource to collect or modify transmitted data.A satellite with stolen credential can take place into a dynamic constellation and collect data.

ID: T1557
Sub-techniques:  T1557.001, T1557.002
Tactic: Collection
Platforms: Space-link communication
Version: 2.0
Created: 25 August 2022
Last Modified: 21 April 2023


ID Mitigation Description
M2067 Authentication combined with means to ensure the identity of the other party using certificates or pre-shared keys