Satellite systems are facing an ever-increasing amount of cybersecurity threats as their role in communications, navigation, and other services expands. Recent papers have examined attacks targeting satellites and space systems; however, they did not comprehensively analyze the threats to satellites and systematically identify adversarial techniques across the attack lifecycle. This paper presents a comprehensive taxonomy of adversarial tactics, techniques, and procedures explicitly targeting LEO satellites. First, we analyze the space ecosystem including the ground, space, Communication, and user segments, highlighting their architectures, functions, and vulnerabilities. Then, we examine the threat landscape, including adversary types, and capabilities, and survey historical and recent attacks such as jamming, spoofing, and supply chain. Finally, we propose a novel extension of the MITRE ATT&CK framework to categorize satellite attack techniques across the adversary lifecycle from reconnaissance to impact. The taxonomy is demonstrated by modeling high-profile incidents, including the Viasat attack that disrupted Ukraine's communications. The taxonomy provides the foundation for the development of defenses against emerging cyber risks to space assets. The proposed threat model will advance research in the space domain and contribute to the security of the space domain against sophisticated attacks.

翻译：随着卫星系统在通信、导航及其他服务中的作用不断扩展，其面临越来越多的网络安全威胁。近期研究虽然针对卫星和空间系统的攻击进行了探讨，但未能全面分析卫星面临的威胁，也未系统地识别攻击生命周期中的对抗技术。本文提出了一个专门针对低地球轨道（LEO）卫星的对抗策略、技术和程序的综合性分类体系。首先，我们分析了空间生态系统，包括地面段、空间段、通信段和用户段，重点阐述了其架构、功能和脆弱性。随后，我们研究了威胁态势，包括对手类型和攻击能力，并综述了历史及近期攻击案例（如干扰、欺骗和供应链攻击）。最后，我们提出了一种改进版MITRE ATT&CK框架，用于对卫星攻击技术进行从侦察到影响整个攻击生命周期的分类。通过Viasat攻击（导致乌克兰通信中断）等重大事件模型验证了该分类体系的有效性。该分类体系为制定针对空间资产新兴网络风险的防御措施奠定了基础。提出的威胁模型将推动空间领域研究进展，并有助于增强空间领域抵御复杂攻击的安全性。