To develop its technologies and safeguard its capabilities, Leonardo manages about 20 million billion pieces of data. Protecting this data is a matter of strategic importance and to address this issue in an innovative way, Leonardo, together with Cubbit, is implementing a new cloud architecture capable of ensuring both maximum security and maximum usability of the data.
The concept was to devise a system capable of “fragmenting” the data over multiple points in the system (nodes of the cloud network). The fragmented data is stored in many fragments so that, in the event of an attack (e.g., malware), the individual fragment becomes the first sensor of an ongoing attack. Once the attack is detected, the node is isolated, the data fragment is deleted, and the rest of the network goes into a defensive mode, increasing its counter-offensive potential by leveraging its intrinsic supercomputing capability, thus raising a barrier that is impregnable.
Leonardo will be the first company in the AD&S (Aerospace, Defense & Security) sector to use the geo-distributed cloud technology developed by Cubbit. In this solution, data is not stored in a few centralised data centers — as is the case with traditional cloud storage. Instead, each file is encrypted, fragmented, and replicated across multiple geographic locations and can always be reconstructed in its entirety. Security is therefore ensured even in situations where one or more geographic locations may be affected, such as in the case of physical and cyber attacks or in the face of natural disasters. Thanks to the granular geographic distribution of the data, digital sovereignty is also guaranteed, as each file can be distributed within a single country or region.
The agreement provides that Leonardo’s sites in Genoa and Chieti will be the first to be involved in the development of the partnership. Leonardo will create a distributed data lake synergistic with the central one to validate protocols that significantly reduce the need to move data from the center to the edge and vice versa. This will incorporate directly onto the data itself features for resiliency (disaster recovery) and low latency access (EDGE computing). The goal is to increase support for the digital development of the Leonardo Group’s business, such as in the construction of digital twins of flagship products. There will be significant improvements in terms of sustainability: the reduction of data traffic allows for a decrease in CO2 production and emissions. Geo-distributed storage also enables the construction of more efficient digital twins, which consolidate in the central archives only the strictly necessary data, without losing the ability to analyze all of the data at the edge. In the second phase of the project, the collaboration will extend in the context of research and development, exploring some next-generation projects, such as data transfer between satellites.
Pan-European cyber analysis centre opened
The first pan-European virtual centre for real-time dynamic cyber risk management has reached full operational capability. The centre has been developed by Leonardo for DG Connect, the European Commission’s directorate for digital policies.
The centre processes and analyses terabytes of data from sources including websites, social media, media, databases, and the deep/dark web. This is underpinned by a knowledge base consisting of more than 5 million ‘Indicators of Compromise’, digital traces of computer incidents that are managed each year by Leonardo via the company’s supercomputing infrastructure – capable of up to 5 million billion operations per second.
Using this information, the centre produces sectoral threat scenarios (e.g. related to finance, energy, health or transport), for DG Connect. This allows the European Commission to continuously monitor the level of cyber attack risk against European digital infrastructure, highlighting possible threat actors, likely modes of attack, potential targets and their vulnerabilities. This makes it possible to dynamically calculate the impact of potential attacks on critical infrastructure and services of strategic interest, supporting greater European cyber resilience.
Research by Leonardo analysts has found that the most widespread offensive cyber techniques (Ransomware, DDoS, Wipers, Phishing and disinformation campaigns) increased by an average of 180% in 2022 compared to 2021, making cyber resilience an ever-pressing requirement. At the same time, a side effect of the invasion of Ukraine by Russia has seen Europe become more of a target of hybrid threats, which combine multiple techniques and different actors. These can cause serious repercussions, sometimes to national security.
The virtual centre is part of the EUR 18 million project entrusted to the industrial consortium of Leonardo and Indra by DG Connect (Directorate General for Communication Networks, Content and Technologies). The road map for the project includes the establishment of a physical centre in Brussels, that will enable the Commission to work directly on the cyber threat. The physical infrastructure will also be supported by Leonardo’s Regional Centre in Brussels, part of the company’s Global Security Operation Centre. With a distributed architecture based at a head office in Chieti, Italy, and incorporating other operational centres in Italy, the UK, Europe and the Middle East, Leonardo’s Global Security Operations Centre manages over 137,000 cybersecurity events per second. To ensure full risk awareness and improve Europe’s response to cyber crises, the centre will be interoperable with all entities at a European level that are responsible for cyber threat analysis.