DARTA
TA007 Lateral Movement · T007.004 — Technique

UTM Federation Abuse

Min. actor: L3 – Nation-State GCS UTM

Exploitation of inter-UTM federation protocols to propagate false data or access adjacent UTM service providers.

Sub-techniques (3)

Applicable countermeasures

CM-005 UTM and U-Space API Authentication
OAuth 2.0 or mTLS for all UTM/U-Space API interactions with role-based access control and anomaly detection.
NIST SP 800-53 IA-2 · EUROCAE ED-269 · SESAR U-Space Spec · ISO/IEC 27001 A.9
CM-008 GCS Network Segmentation and Hardening
Isolation of GCS from enterprise networks, least-privilege access enforcement, host hardening, and network anomaly detection.
NIST SP 800-53 SC-7 · CIS Controls v8 Control 12 · ISO/IEC 27001 A.13 · NSA/CISA Segmentation Guide
CM-010 Swarm Node Mutual Authentication
Cryptographic mutual authentication between all swarm nodes with message integrity to prevent rogue insertion and hopping.
NIST SP 800-53 IA-3 · IEEE 1609.2 · STANAG 4586 · IEC 62443-3-3 SR 1.2
Open in the interactive matrix