D-Orbit and the ethical hacking collective mhackeroni have concluded CTRLSpace CTF, the first in-orbit satellite cybersecurity competition ever held in Europe. The event, organized with the support of the European Space Agency’s (ESA) Security Cyber Centre of Excellence and ESA’s Security Office, marked a major step toward strengthening Europe’s space defence capabilities.
The final phase of the CTF (Capture the Flag) competition took place from 4–6 November at ESA’s ESTEC facility in the Netherlands, coinciding with the Security for Space Systems (3S) conference. For the first time, contestants engaged directly with operational spacecraft, the ION Satellite Carrier, in a live environment designed to simulate real-world cybersecurity threats in orbit.
A New Era in Space Security with CTF
The CTRLSpace CTF competition aimed to confront one of the fastest-growing challenges in the modern space economy: protecting satellites and orbital infrastructure from cyberattacks. According to D-Orbit, the event demonstrated not only the feasibility of in-orbit cybersecurity testing but also the urgent need to integrate protection mechanisms into every phase of satellite design.
“Cybersecurity has become a fundamental pillar of the new space economy,” said Grazia Bibiano, D-Orbit’s Country Leader for Portugal. “At D-Orbit, we integrate it from the very first design stages because security cannot be an add-on; it must be built into the DNA of every system we send into orbit.”
Davide Avanzi, D-Orbit’s Head of Space and Product Security, echoed this sentiment, emphasizing the complexity of the task: “Protecting space infrastructure is one of the most complex engineering challenges of our time. By adopting a security-by-design approach, we ensure mission resilience, data integrity, and trust in the space services of the future.”
From Hundreds of Teams to One Winner
The competition attracted immense global interest. A total of 559 teams registered for the qualifying round, with 299 solving at least one challenge. Over 25 tasks, participants collectively submitted 660 correct flags, showcasing a wide range of cybersecurity expertise.
From this large pool, five finalist teams advanced to the live finals at ESA ESTEC. These top competitors were given the rare opportunity to test their skills against actual spacecraft systems. Using secure, isolated environments, the event employed three active ION satellites to deliver authentic telemetry data and command interfaces.
The finalists had to decode real telemetry, send command sequences, analyze orbital positions, and interact with onboard software to uncover vulnerabilities, an experience that mirrored genuine satellite operations. Ultimately, the team Superflat emerged victorious, securing the top spot in this historic satellite cybersecurity competition.
Testing the Future of Space Defense
According to Daniele Lain from mhackeroni, developing challenges for a space-based environment required unprecedented innovation. “The space environment poses unique issues to the development of engaging challenges,” he noted, highlighting the technical and logistical hurdles faced during the design of the CTF tasks.
Antonios Atlasis, Head of the System Security Section at ESA, noted the broader implications of the event. “Cybersecurity protection of space missions is not an option,” he stated.
“The successful implementation and execution of CTRLSpace CTF not only provided the unique opportunity for students from all over Europe to compete on cybersecurity challenges implemented in real satellites, but it also proved that the implementation of cybersecurity protection measures in satellites is possible, even for the most challenging security scenarios.”