Did you read the article? It wasn’t about the traffic being encrypted. It’s about starlink turning off service in a certain area so the drones didn’t have Internet access to communicate:
Elon Musk secretly ordered his engineers to turn off his company’s Starlink satellite communications network near the Crimean coast last year to disrupt a Ukrainian sneak attack on the Russian naval fleet, according to an excerpt adapted from Walter Isaacson’s new biography of the eccentric billionaire titled “Elon Musk.”
As Ukrainian submarine drones strapped with explosives approached the Russian fleet, they “lost connectivity and washed ashore harmlessly,” Isaacson writes.
It’s more complex than that, especially when all you’re looking for is denial of service. As an example: I don’t have to decrypt anything if I can use traffic analysis to determine which packets are sent to or coming from a drone and just drop them. Standard Internet security, TLS, encrypts the content of a packet but not the source or the destination. You could use a VPN wrapper but then it’s as simple as dropping traffic to and from the VPN.
Not really. You just have to know that the comms are going to or coming from a drone, which should be easy enough given that the AP needs to know how to route the comms so that information must be visible to it (and it can therefore decide to drop comms at that step in transport). Even with the content, origination and destination being perfectly secret you can do this like track which APs a given client connects to over a certain amount of time and infer airspeed and rough direction. Something flying at $droneTopSpeed +/- 10%, headed roughly toward some juicy target? Drop comms.
Remember that starlink is already in their communication chain and start thinking in terms of what you’d do if you wanted to intercept letters between two people and you’re already the mailman for one of them.
The traffic going to and from these drones isn’t encrypted?
Did you read the article? It wasn’t about the traffic being encrypted. It’s about starlink turning off service in a certain area so the drones didn’t have Internet access to communicate:
It’s more complex than that, especially when all you’re looking for is denial of service. As an example: I don’t have to decrypt anything if I can use traffic analysis to determine which packets are sent to or coming from a drone and just drop them. Standard Internet security, TLS, encrypts the content of a packet but not the source or the destination. You could use a VPN wrapper but then it’s as simple as dropping traffic to and from the VPN.
But surely you’d then need to have prior knowledge of the intent of the endpoint
Not really. You just have to know that the comms are going to or coming from a drone, which should be easy enough given that the AP needs to know how to route the comms so that information must be visible to it (and it can therefore decide to drop comms at that step in transport). Even with the content, origination and destination being perfectly secret you can do this like track which APs a given client connects to over a certain amount of time and infer airspeed and rough direction. Something flying at $droneTopSpeed +/- 10%, headed roughly toward some juicy target? Drop comms.
Remember that starlink is already in their communication chain and start thinking in terms of what you’d do if you wanted to intercept letters between two people and you’re already the mailman for one of them.