Security for Satellite Operations and Space Ground Stations | CloseProtectionHire

The Viasat KA-SAT cyberattack of 24 February 2022 established a precedent that the space security community has been working through ever since. Russian GRU operators – subsequently attributed by the US, EU, UK, and Canada – synchronised a destructive wiper attack against a commercial satellite internet network with the opening hours of a military invasion. The practical consequences extended far beyond the intended military target: 5,800 Enercon wind turbines in Germany lost remote monitoring capability, and users across multiple European countries lost connectivity simultaneously. Space infrastructure, the attack demonstrated, is both a military asset and a civilian critical infrastructure component – and the two are often inseparable.

Security for satellite operations and space ground stations sits at an intersection that most commercial security frameworks do not address: the physical security of ground-based infrastructure, the cyber security of command and control systems, the personnel security of a small workforce with high-consequence access, and the geopolitical threat environment that shapes which adversaries consider space infrastructure a legitimate target.

This guide covers the four operational security domains for satellite ground station operators: physical security of ground station sites, command uplink and communication security, personnel vetting and insider threat, and the regulatory landscape under NIS2.

Physical Security: Ground Station Sites

A satellite ground station typically consists of one or more large parabolic dish antennas (ranging from 3 metres for VSAT customer premises equipment to 13+ metres for major tracking stations), supporting technical infrastructure buildings, and connectivity to the broader terrestrial network. The physical security requirements vary significantly between staffed operations centres and remote unmanned antenna farm sites.

For staffed operations centres – ESA’s European Space Operations Centre (ESOC) in Darmstadt, ESA’s ESRIN in Frascati, commercial operator hubs in the UK and Gulf – the physical security baseline is aligned with critical infrastructure standards. Perimeter fencing to BS 1722, intruder detection to BS EN 50131 Grade 3, CCTV to BS 8418:2015, and access control using multi-factor authentication at all entry points to the technical area. Visitor management must be rigorous: unescorted access to the technical floor where command and control terminals are located should not be possible for any visitor, contractor, or maintenance personnel.

Remote and unmanned antenna farm sites present a different security challenge. These sites – which may be at high altitude, coastal, or arctic locations – cannot be staffed continuously. Physical security for unmanned sites should include: perimeter fencing with vibration or strain sensor detection; thermal cameras covering the antenna and technical building access points; BS EN 50131 Grade 3 intruder detection within the technical building; and a cellular or satellite-connected CCTV system that reports to an SBD-accredited Alarm Receiving Centre for 24/7 monitoring.

Anti-drone capability is increasingly relevant. Reconnaissance drones can map ground station antenna configurations, identify infrastructure vulnerabilities, and in some scenarios conduct radio frequency interference. CAA Article 16 authorisation is required in the UK for any active drone countermeasure deployment (jamming or spoofing of drone control signals). For operators who require this capability, advance authorisation and integration with ATC in relevant airspace should be confirmed before deployment.

Physical antenna tampering is a lower-probability but non-trivial threat. Large dish antennas can be physically repositioned, which at minimum disrupts service and at maximum can cause the antenna to be pointed at unintended orbital slots with interference consequences. Antenna drive motor locks, positional sensors with out-of-tolerance alerts, and perimeter detection that distinguishes human approach from wildlife are appropriate measures for high-value antenna installations.

Command Uplink Security

The most consequential attack surface in satellite operations is the command uplink – the radio frequency link and associated software protocol used to send instructions to an operational satellite. Unauthorised command uplink access could, in a worst case, disable, redirect, or permanently destroy an operational satellite asset. The replacement cost of a commercial GEO communications satellite ranges from USD 250m to USD 500m; the loss of a military or navigation satellite can have strategic consequences.

Command uplink systems should be on dedicated, air-gapped or highly segmented networks that have no connection to general enterprise IT infrastructure. The Viasat attack did not directly compromise a command uplink, but it demonstrated that a commercially operated network with enterprise IT connectivity presents a much larger attack surface than a purpose-built, segmented command and control architecture.

Uplink authentication requires multi-factor verification: not only credentials but also physical presence in the access-controlled command console area, with a two-person integrity requirement for any command that would materially alter satellite configuration. Command sequences should be logged with cryptographic integrity to prevent modification or deletion. Anomalous command sequences – commands issued outside normal operating parameters, at unusual times, or from an operator account not normally associated with that satellite – should trigger an automatic alert for human review.

Encryption of the uplink command channel is standard for government and military operators and increasingly required for commercial operators under NIS2. The specific cryptographic standards applicable depend on the satellite’s national registration and the regulatory framework in the operator’s jurisdiction. For EU operators under NIS2, the European Union Agency for Cybersecurity (ENISA) technical guidelines on space security (published 2022) provide a reference architecture.

GPS Spoofing and Navigation Interference

GPS spoofing – the broadcast of false GPS signals intended to mislead navigation and timing systems – has been documented as an active threat in several regions relevant to satellite ground operations.

North Korea has conducted periodic GPS jamming operations near Seoul since at least 2012. The South Korea National Intelligence Service and the NTS (National Timing and Synchronisation) have documented multiple jamming events affecting civilian navigation in the Seoul metropolitan area.

Russian electronic warfare (EW) systems have produced GPS interference across the Baltic region, Finland, and areas proximate to Ukraine. The Finnish Transport and Communications Agency (TRAFICOM) issued specific advisories in 2023 and 2024 on Baltic GPS jamming attributed to Russian military EW activity near Kaliningrad and the Leningrad region. In 2019, GPS interference affecting aircraft navigation near the North Cape was attributed to Russian military exercises.

For ground station operators, GPS spoofing is primarily a timing and antenna positioning concern. Ground station timing systems that rely on GPS-derived UTC synchronisation can be disrupted by spoofing, affecting communication protocol timing. Antenna auto-tracking systems that use GPS-derived positioning data can lose lock if the GPS input is corrupted. Mitigation involves cross-referencing GPS timing with independent terrestrial timing sources (Galileo or GLONASS cross-check, or dedicated timing hardware) and positioning systems that cross-reference GPS with inertial reference data.

NIS2 and the Regulatory Framework

The NIS2 Directive 2022/2555 formally recognises space as a critical infrastructure sector for the first time in EU law. Annex I of the Directive categorises space operators as essential entities, alongside energy, transport, health, banking, and digital infrastructure.

EU member state ground segment operators are subject to NIS2 requirements in four areas. Risk management measures: operators must implement technical and organisational measures proportionate to the risk, covering network and information systems security, access controls, encryption, incident handling, and business continuity. Incident reporting: significant incidents affecting the availability, confidentiality, or integrity of the ground segment systems must be reported to the national competent authority within 24 hours (initial notification), with a detailed assessment within 72 hours and a final report within one month. Supply chain security: operators must assess the security of their supply chain, including hardware and software suppliers, and address significant supply chain risks. Administrative penalties for non-compliance reach EUR 10m or 2% of global annual turnover, whichever is higher, for essential entities.

For ground segment operators with US connections, the CISA Space Systems Critical Infrastructure Security Guidance (published September 2023) sets out a framework for applying the NIST Cybersecurity Framework to space systems specifically, with guidance on ground system physical security, link security, and supply chain risk management.

The Galileo ground segment operates under a separate EU security accreditation framework managed by the Galileo Security Accreditation Board. Personnel with access to classified Galileo operational data require National Supervisory Authority (NSA) security clearance – a formal government-issued clearance, not a commercial vetting standard. Operators bidding for Galileo ground segment contracts should understand the personnel clearance requirements before submitting.

P1 City Context: Gulf and South Asia Space Operations

Riyadh: The Saudi Space Commission, established in 2019, has developed a significant space operations footprint. Saudi Vision 2030 includes satellite telecommunications and earth observation capability as strategic objectives. The NEOM development programme requires satellite connectivity for its remote construction and operational phases. Security programmes for Saudi space ground segment operations should account for the regional threat environment and the heightened target status of strategic national infrastructure in the Gulf.

Dubai: Mohammed Bin Rashid Space Centre (MBRSC) operates the UAE’s civil space programme, including the Hope Mars Mission (2021) and the Earth observation satellite programme. Yahsat operates GEO satellite communications for the Gulf region. Ground station security in Dubai operates within the UAE’s broader CNI security framework, with coordination between the Telecommunications and Digital Government Regulatory Authority and national security services.

Mumbai: ISRO’s ISTRAC (ISRO Telemetry Tracking and Command Network) operates ground stations at Bhopal, Hassan, Lucknow, and Port Blair supporting India’s satellite fleet. The proximity to Mumbai as the primary P1 city context means security considerations for ISRO contractors and supplier organisations in Mumbai are relevant. ISRO suppliers should apply the insider threat and information protection framework appropriate for a defence-adjacent national space programme.

Istanbul: Turksat operates Turkey’s national satellite fleet with a ground station complex at Golbasi, near Ankara. Turkey is a NATO member with SATCOM obligations, and the Turksat ground segment is part of the NATO integrated communications architecture. Security for Turksat operations should reflect the elevated target status of NATO-affiliated communications infrastructure.

For the telecoms infrastructure that satellite communications connect into – and the overlapping physical and cyber security framework under the Electronic Communications Security Act 2021 and NIS2 – see our security for telecom infrastructure guide. For the data centre environments that ground station operations increasingly depend on for data processing and storage, see our security for data centres and technology facilities guide.

Sources: Viasat KA-SAT cyberattack: US/EU/UK/Canada joint attribution, January 2022; Viasat SEC 8-K filing, March 2022; CISA/NSA/FBI/NCSC Joint Advisory AV23-043 (Sandworm / AcidRain attribution); NIS2 Directive 2022/2555 (space sector essential entity classification, Annex I Section 11; EUR 10m/2% penalty); CISA Space Systems Critical Infrastructure Security Guidance, September 2023; ENISA Space Threat Landscape 2022; Galileo Security Accreditation Board (GSA) personnel clearance requirements; Finnish TRAFICOM GPS Jamming Advisory 2023-2024 (Baltic GPS interference attributed to Russia); TRAFICOM Advisory, 2023; BS EN 50131 (intruder detection, Grade 3); BS 1722 (perimeter fencing); BS 8418:2015 (CCTV monitoring); CAA Article 16 (drone countermeasure authorisation, UK); BS 7858:2019 (pre-employment screening).

James Whitfield is a Senior Security Consultant with experience advising critical infrastructure operators, space sector clients, and technology companies on physical security programme design, personnel security, and NIS2/CISA regulatory compliance.