Ukraine's Defense Intelligence Service has breached Russia's Space Program
ROSCOSMOS and Vostochny Cosmodrome were the targets
An offensive cyber operations team at GRUMO (Main Intelligence Department of the Ministry of Defense of Ukraine) accessed the network of Russia’s State Space Corporation (ROSCOSMOS) and exfiltrated a large amount of data on the Vostochny Cosmodrome as well as COSMOS programs like Luna Glob and Exo-Mars.
This post will focus on the Vostochny breach which includes, but is not limited to, construction plans for Vostoochny Site 1A, the Angara heavy rocket complex under construction in Amur, Oblast, Russia.
Once construction is finished, it will be the second launch pad at Vostochny; the first one having had its first successful Soyuz-2 launch on April 28, 2016. I’ve received permission to share 54 images that document the interior and exterior placements of the CCTV system at the Angara Site 1A to verify the breach. Those are available for download at the end of this post.
The construction company who drafted the plans for the Angara site was fired on January 23, 2019 due to financial problems that prevented them from fulfilling the contract on time.
During a site inspection on September 6, 2019, President Putin expressed his dissatisfaction over continuing delays:
Now about Vostochny Space Launch Centre. Today I am expecting a detailed report on the current stage of the construction of its facilities and how the deadlines are being met. Once again, I would like to emphasise: the entire ground infrastructure under construction here must meet state-of-the-art requirements and standards, to launch our future advanced systems.
Five launches have already been made from Vostochny. Now its capacities must, I want to emphasise this, must be used to the fullest. I know that Roscosmos has such plans for the next year, and we just talked about this with the head of Roscosmos. I would also like to hear more about these plans today.
I know that there is still a lot to be done for the space centre’s further development. I expect a more responsible attitude from you and a more dynamic pace of work. All deadlines absolutely have to be met, including the first flight using a super heavy-lift launch vehicle. The launch should take place from Vostochny, as we have already agreed, in 2028,” Putin said.
Then in mid-July, 2021, an IT specialist at Vostochny was sentenced to three years in prison for a violation of the information security regime for one of the automated systems used at the launch center, considered part of Russia’s critical information infrastructure.
The following images are from the group of 54 available for download to paid subscribers. As a subscriber, you can expect to see one to two new posts each week related to the Ukraine-Russia war and almost always featuring supporting data obtained by GRUMO cyber operators.
Images can be translated from Russian to English by downloading the Google Translate app to your iPhone or Android phone. Other file types can usually be translated using Google Translate in your browser.
In an interesting act of synchronicity, Insider reported an online Twitter feud just two days ago between U.S. Astronaut Scott Kelly and Dmitry Rogozin, Director General of ROSCOSMOS.
Download details and instructions follow.
Keep reading with a 7-day free trial
Subscribe to Inside Cyber Warfare to keep reading this post and get 7 days of free access to the full post archives.