Cybersecurity Attack Matrix in Space Systems

Jin-Keun Hong, Jun-Ho Lee

The space system refers to a network of sensors, ground systems, and spacecraft operating in space. The security of space systems relies on information systems and networks that support the design, launch, and operation of space missions. Characteristics of space operations, including command and control (C2) between spacecraft (including satellites) and ground communication, also are depended on wireless frequency and communication channels. Attackers have the potential to engage in malicious activities such as destruction, disruption, and degradation of systems, networks, communication channels, and space operations. These malicious cyber activities include sensor spoofing, system damage, denial of service attacks, jamming of unauthorized commands, and injection of malicious code. Such activities ultimately lead to a decrease in the lifespan and functionality of space systems, and may result in damage to spacecraft, leading to loss of control. The Cybersecurity Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) matrix, which is proposed by MITRE, is consisted of the following stages: Reconnaissance, Resource Development, Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, Collection, Command & Control, Exfiltration, and Impact. In this paper, we aim to explore cyber-security’s tactics attack techniques within the context of space systems (satellites, ground stations, communication channels) by referencing the MITRE ATT&CK Matrix.

Keywords: space system, security, ATT&CK, attack