HackADay has a “Lessons Learned from a CubeSat Postmortem” article on “KRAKsat Sattellite Mission – Lessons Learned” paper published by the mission team from AGH University of Science and Technology in Cracow, Poland. No crucial error described in the paper is directly linked to cyber, however some are interesting:

• Problems with clearing the flash memory (testing and implementation issues),
• Impossibility to download data from the flash memory by radio UHF2 (different implementations and behaviour of two redundant components). This one particularly highlight the issue we may face with safety measures that requires different implementations but are not done properly. I remember datacenters provider implementing different controllers and software for HVAC and power. I wonder if this is still the case.
• No emergency option to shutdown satellite subsystems permanently. Kind of reverse kill-switch.
• The lack of an own ground station. Ground stations are costly. I wonder what would be the price comparing to the overall cost of a Cubesat mission. Maybe the solution would be to plan for emergency services.
• Inaccurate analysis of the missions requirements. No comment, space is hard.

Others errors are listed as well and interesting : file systems issues (or lack-of fs in this case), data encoding, hard coded parameters, etc.