1. Home
  2. Techniques
  3. Space
  4. Valid Credentials

Valid Credentials

ID Name
T2009.001 Steal cryptographic keys
T2009.002 Forge Digital Certificates
T2009.003 Brute force attack against TC channel or mission channel

Adversaries may obtain and abuse credentials to gain Initial Access or Persistence in a space resource. Compromised credentials may be used to bypass access controls placed on systems within the network and to decrypt communication, to send authenticate messages and to take control of the spacecraft. Gained credentials may even be used for persistent access to the resource.

Adversaries may obtain and abuse master or session keys, or target the digital certificates used for the authentication.

Standards: [1] [2]

ID: T2009
Sub-techniques:  T2009.001, T2009.002, T2009.003
Tactics: Initial Access, Persistence
Platforms: Space Segment, Space-link communication
Version: 2.0
Created: 25 August 2022
Last Modified: 21 April 2023

Mitigations

ID Mitigation Description
M2060 Establish processes, procedures, and security measures to protect cryptographic keys / key management
M2006 Protect OTAR Key Management Service
M2040 Secure PKI implementation

References

  1. CCSDS. (2019, July). RECOMMENDED STANDARD FOR AUTHENTICATION SECURITY CREDENTIALS, CCSDS 357.0-B-1. Retrieved September 29, 2022.
  1. CCSDS. (2019, August). CCSDS Cryptographic Algorithms 352.0-B-2. Retrieved April 19, 2023.