This study aims to assess the suitability of the Lockheed Martin Cyber Kill Chain (LMCKC), a current and widely used conceptual attack model for the analysis of cyber-attacks on Low Earth Orbit (LEO) satellites in space.

The opportunity for research is due to the lack of attack models available within the public domain that address cyber-attacks on LEO satellites. This provides an initial high-level theoretical study that can stimulate and inform future research agendas.

This study proposes use of the LMCKC, as a baseline attack analysis model for modification, in the context of hacking LEO satellites. It also proposes that the LMCKC can be modified to reflect specific elements or aspects of various cyber-attack vectors in the context of hacking LEO satellites in space, and also included the qualitative analysis of anonymised expert responses to an online descriptive questionnaire concerning the proposed modification of the LMCKC. 

The overall research findings were supportive of the modification of the LMCKC to provide a tailored Satellite- Specific (SS) CKC that represents a broad assessment of numerous possible attack vectors that could be used against LEO satellites.

The proposed model aims to identify contemporary cyber threats within a LEO satellite context and highlights potential cyber-attack scenarios for consideration. External and insider threat was also considered for the Weaponisation and Delivery phases of the proposed model, with the introduction of sub-components to represent these threat categories.

Professor Jill Slay

Jill is the University of South Australia SmartSat Professorial Chair in Cybersecurity and also leads the Cybersecurity and Resilience Theme of the SmartSat Australian Co-operative Research Centre (CRC). Jill has established an international research reputation in cyber security (particularly Digital Forensics, Cyber Intelligence and Cyberwarfare) and has worked in collaboration with the Australian Federal and State governments and with many industry partners. She has published more than 140 outputs in information assurance, critical infrastructure protection, security and forensic computing.