CYBER/PHYSICAL ATTACK IN NOA GROUND SEGMENT – ATHENS, GREECE
Critical infrastructure #1
Satellite ground station in Penteli, Athens, Greece
NOA Ground Segment (GS, https://groundsegment.space.noa.gr/) consists of an X-/L-band acquisition antenna for the reception and processing of direct broadcast downlinks from satellite missions including EOS Aqua & Terra satellites (MODIS), NPP (VIIRS, ATMS, etc.), future NPOESS, NOAA, FYI, and MetOP. The GS also hosts a satellite acquisition antenna DVB-2 and archiving facility for real time reception of data from EUMETSAT missions. The GS is equipped with proper processing, archiving, and cataloguing facilities for handling real time image data from the missions. NOA maintains computational infrastructure in order to support uses and implement projects and services assigned, including a virtualization system, Storage and Archiving systems, and a 10GbE network interface card and numerous RAID configurations.
Critical infrastructure #2:
Operations for a virtual cloud environment disseminating Sentinel data
On a 24/7/365 basis NOA operates on behalf of ESA (in collaboration with Serco and GAEL systems) several Copernicus Sentinels Data Hubs. These include the International Hub (access restricted to international partners having agreements with EC), Collaborative Hub 3 (access restricted towards European Collaborative Ground Segments), DIAS Hub 3 (access restricted to Copernicus Data and Information Access Services providers of cloud infrastructure), Africa Cast Hub (access restricted to EUMETSAT for S3 products over Africa) and S5P pre-operational Hub, providing a single point of access to entire Sentinel satellite mission, Sentinel-5P. NOA also operates a Hellenic Mirror site (https://sentinels.space.noa.gr/), the first Collaborative Ground Segment that provides access to Sentinel data at Greek stakeholders.
The cloud infrastructure to support this activity consists of 75 Virtual Machines, 1.2 Petabytes of NFS and object store, 680 CPU cores and 2.2 TiB of RAM. Roughly 3 Petabytes of satellite data are downloaded by the users of this infrastructure on a monthly basis.
To be able to face cyber and/or physical threats and incidents, the infrastructure is monitored 24/7 by NOA’s IT Department and the Copernicus Hubs DevOps team. The satellite GS is not currently protected by sophisticated physical monitoring systems, while there are basic continuity plans in place after a disaster. Hence, the GS’s security needs to be enhanced by precautionary measures and procedures to forecast, detect or assess the risk of physical and cyber threats. The monitoring of the Copernicus Hubs infrastructure is done via a dedicated software, but it is not exhaustive and not easy to customize.
The satellite GS in Penteli is threatened by natural disasters and/or electromagnetic interference (malicious or by negligence). Penteli due to its location is prone to extreme weather events, including wind gusts and wildfires (GS lays in a forested area that has been struck by wildfires several times in the last decade).
The Copernicus Hubs infrastructure is threated by cyber-attacks. These can come in the form of corrupting the satellite data archive (products) and/or attack the Copernicus Data Dissemination Service through intended flooding of requests for satellite products.
Application and overall impact
7SHIELD will assist NOA as a satellite Ground Segment operator to set procedures, protocols and mechanisms that will increase its infrastructure resilience, ensuring that value offering to stakeholders is continuous and secured. NOA foresees to set up the User Interface of 7SHIELD in the GS Operations Room and use the Dashboard and visual analytics tools for monitoring the infrastructure and operations, and implementing appropriate protocols to allow data reception and dissemination continuity in case of attacks.