Cyber Security Operations Center: ESA wants more IT security

The European Space Agency ESA opened the new Cybersecurity Operations Center (C-SOC) today, Tuesday, this week. It is intended to improve IT security for ESA's critical infrastructure.

ESA has divided the C-SOC into two locations: Once at the European Space Operations Center (ESA/ESOC) in Darmstadt, and a second facility at the European Space Security and Education Center (ESA/ESEC) in Redu, Belgium. The task of the C-SOC is to monitor and protect ESA's “digital assets”, from “satellites in space to the global network of ground stations and mission control systems on Earth”, as ESA writes in its announcement.

Response to increasing threat

The establishment of the Cybersecurity Operations Center can be considered a response to the increasing threat situation. “This initiative comes at a time when space infrastructure is becoming an increasingly integral part of the European economy and society and cyber threats are becoming more sophisticated,” explains ESA. Massimo Mercati, Head of the ESA Security Office, explains: “Satellite operations require highly specialized and context-aware cybersecurity measures. A mission control center like ESOC, which operates a fleet of 28 unique satellites around the Earth and throughout the solar system, presents a very different cyber threat landscape than a traditional IT environment and requires different, more sophisticated solutions.”

ESA already has IT security capabilities with the Agency's Security Office and the ESA Computer Emergency Response Team (ESACERT) at its ESA/ESRIN Center for Earth Observation in Italy. However, the “scale and complexity of today's challenges” require the establishment of a dedicated facility. Having the C-SOC in two locations should ensure operational resilience and redundancy. The ESEC will focus on ESA corporate IT systems such as email and cloud infrastructure, while the ESOC will protect mission-critical systems that control satellites and process scientific data. Due to the division of the C-SOC, each location can support the other if required.

Economic support

The C-SOC has given a boost to European industry, ESA explains further. 19 European companies have formed a consortium under the leadership of Leonardo. This consortium was involved in the development, integration, and validation of the C-SOC. A consortium consisting of Nexova, Nvisio and Station will be responsible for regular day-to-day operations. Mercati said: “The benefits of the center go beyond ESA” because it “equips European companies with the tools and experience to be leaders in a new and fast-growing area of cybersecurity for space. ESA's C-SOC demonstrates how institutional space agencies can work with industry to protect critical assets and foster innovation in the growing space economy.”

IT security has long played an important role at ESA. Since 2022, for example, the space agency has released a satellite for controlled cyberattack attempts. The threat situation is real: as part of Russia's war of aggression against Ukraine, tens of thousands of broadband modems for Viasat's satellite internet failed at the beginning of 2022 following a cyberattack. A wiper malware was presumably distributed to the vulnerable devices via the Russian-located VPNFilter botnet.

(dmk)