DARTA
TA003 Initial Access · T003.001 — Technique

RF Command Link Hijacking

Min. actor: L2 – Technical Consumer Enterprise Military

Exploitation of unencrypted or weakly authenticated RF control channels to inject commands or seize the C2 link.

Sub-techniques (4)

Applicable countermeasures

CM-001 Encrypted and Authenticated C2 Link
All C2 communications between GCS and drone must use mutual-authentication encryption (AES-256 minimum) with replay protection.
NIST SP 800-53 SC-8 · DO-326A Sec 6.2 · EUROCAE ED-202A · STANAG 4586
CM-002 GNSS Anti-Spoofing and Anti-Jamming
Multi-constellation GNSS receivers with spoofing detection, INS/IMU fallback, and signal authentication (Galileo OSNMA, GPS CHIPS).
NIST SP 800-53 SI-10 · RTCA DO-316 · ICAO Annex 10 · FAA AC 20-138E
CM-003 Firmware Integrity and Secure Boot
Cryptographic signing and hardware-enforced verification of all firmware images at boot using a hardware root of trust.
NIST SP 800-53 SI-7 · NIST SP 800-193 · DO-326A · IEC 62443-4-2 CR 3.4
CM-005 UTM and U-Space API Authentication
OAuth 2.0 or mTLS for all UTM/U-Space API interactions with role-based access control and anomaly detection.
NIST SP 800-53 IA-2 · EUROCAE ED-269 · SESAR U-Space Spec · ISO/IEC 27001 A.9
CM-007 Physical Debug Interface Protection
Disabling or cryptographically protecting all JTAG/UART/USB debug interfaces on production hardware.
NIST SP 800-53 AC-3 · IEC 62443-4-2 CR 1.1 · NIST SP 800-193 · DO-326A Sec 5
CM-008 GCS Network Segmentation and Hardening
Isolation of GCS from enterprise networks, least-privilege access enforcement, host hardening, and network anomaly detection.
NIST SP 800-53 SC-7 · CIS Controls v8 Control 12 · ISO/IEC 27001 A.13 · NSA/CISA Segmentation Guide
CM-009 UAS Supply Chain Risk Management
Component provenance verification, SBOM maintenance, vendor security assessments, and prohibition of high-risk source components.
NIST SP 800-161r1 · NIST SP 800-53 SR-3 · US NDAA Sec. 848 · EU Cyber Resilience Act
CM-010 Swarm Node Mutual Authentication
Cryptographic mutual authentication between all swarm nodes with message integrity to prevent rogue insertion and hopping.
NIST SP 800-53 IA-3 · IEEE 1609.2 · STANAG 4586 · IEC 62443-3-3 SR 1.2
Open in the interactive matrix