Abstract In March of 2022, Network Battalion-65 (NB65), a hacktivist group affiliated with Anonymous, claimed responsibility for breaching a ROSCOSMOS ground segment in retaliation for Russia’s invasion of Ukraine. NB65 released several primary sources to support its claims, alleging it had disabled ROSCOSMOS’s vehicle monitoring system and exposed sensitive proprietary documents. Despite the significant implications of hacktivist activity in the space sector, the incident has received limited attention, partly due to the technical obscurity of the exploits and ROSCOSMOS’s denial of the allegations. This paper analyzes the primary sources released by NB65 to present the likely kill chain that enabled the claimed intrusion of a ROSCOSMOS ground segment. The analysis is further supported with experimental reconstruction of the attack. Building on previously published findings, it proposes a space policy directive for securing space systems from cyberattacks, informed by the results of this analysis, with the aim of enhancing international technical standards for space system cybersecurity.
Thummala et al. (Thu,) studied this question.