Empirical studies of space infrastructure cyberattacks are severely hindered by the scarcity of publicly available, high-fidelity data. Method: This paper introduces the first systematic analytical framework to address this challenge, integrating SPARTA and MITRE ATT&CK tactical-technical models with indicator-driven data extrapolation and structured modeling to reconstruct and credibly augment 108 fragmented, low-quality media-reported incidents. Contribution/Results: The framework generates 6,206 technical-level space cyber kill chains, substantially enhancing interpretability and reproducibility of attack patterns. Analysis reveals that nearly 50% of observed attacks could be effectively mitigated through strengthened security controls on links between the space segment and user segment. This work fills a critical methodological gap in empirical space cybersecurity research under data-scarce conditions and provides a scalable, evidence-based foundation for threat modeling and defensive strategy development.

Cybersecurity of space infrastructures is an emerging topic, despite space-related cybersecurity incidents occurring as early as 1977 (i.e., hijacking of a satellite transmission signal). There is no single dataset that documents cyber attacks against space infrastructures that have occurred in the past; instead, these incidents are often scattered in media reports while missing many details, which we dub the missing-data problem. Nevertheless, even ``low-quality''datasets containing such reports would be extremely valuable because of the dearth of space cybersecurity data and the sensitivity of space infrastructures which are often restricted from disclosure by governments. This prompts a research question: How can we characterize real-world cyber attacks against space infrastructures? In this paper, we address the problem by proposing a framework, including metrics, while also addressing the missing-data problem by leveraging methodologies such as the Space Attack Research and Tactic Analysis (SPARTA) and the Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) to ``extrapolate''the missing data in a principled fashion. We show how the extrapolated data can be used to reconstruct ``hypothetical but plausible''space cyber kill chains and space cyber attack campaigns that have occurred in practice. To show the usefulness of the framework, we extract data for 108 cyber attacks against space infrastructures and show how to extrapolate this ``low-quality''dataset containing missing information to derive 6,206 attack technique-level space cyber kill chains. Our findings include: cyber attacks against space infrastructures are getting increasingly sophisticated; successful protection of the link segment between the space and user segments could have thwarted nearly half of the 108 attacks. We will make our dataset available.