Sending out false GPS signals – so-called GPS spoofing – makes navigation more difficult for pilots, especially in crisis areas. The aviation industry is calling for countermeasures.
With the conflicts in Ukraine and the Middle East, jamming attacks on GPS navigation have increased sharply. The problem: Commercial aircraft can also be thrown off course and potentially endanger themselves.
The problem affects all airlines worldwide: especially those that often fly in the Middle East or Eastern Europe – like Air Baltic from Latvia. The pilots there know that in certain areas the GPS signal that is needed for certain navigation systems often fails.
GPS spoofing covers the original signal
Who is interfering with the GPS signal usually remains unclear. “Jamming” is when the GPS signal suddenly disappears due to interference – a problem that occurs near crisis areas and also affects shipping.
However, another type of disruption is much more dangerous: the pilots in the cockpit are led to believe that they are somewhere else entirely. Captain Janis Kristops, flight safety manager at Air Baltic explains in an interview with SWR: “Spoofing means that someone tries to cover data with a malicious signal, i.e. with false information, in order to trigger the wrong reaction.”
Kristops means the navigation data that actually comes from the satellite into the cockpit. The problem with spoofing: Pilots have difficulty recognizing whether and how they have been hacked in the cockpit.
Niklas Ahrens is responsible for IT security at the Cockpit Pilots Association. He knows the dangers of GPS spoofing very well: “If it is really well-done spoofing, then the attacker knows what his target is. That means he has chosen a specific plane. He knows the position of the plane and tries then to allow this position to drift by deliberately distorting the GPS signal.” According to Ahrens, if such attacks are really well done, they are hardly noticeable.
Delayed time signals can interfere with GPS navigation
Because GPS navigation systems are open and unencrypted, attacks can be carried out in multiple ways. The simplest attack for spoofing would be a so-called replay attack: The time signal that a satellite sends out is recorded and played back with a certain delay. This will slightly distort the position.
However, the intentional transmission of incorrect navigation data is also possible. Flight captain Kristops explains what happens in such a case: “If you look at affected flights on a platform like Flugradar 24, you can see that they suddenly jump far away, even if they continue to fly normally. The aircraft is of course unable to do so “To travel 240 miles in half a second.”
Even the digital maps in the cockpit, the so-called “moving maps”, can then change.
GPS navigation: Incorrect altitude data can confuse aircraft
Another possibility for attackers: incorrect altitude data is transmitted to the cockpit instruments. In principle, the flight altitude is measured via air pressure, but certain warning systems such as the one for approaching the ground – important for flights in the mountains – are received via GPS.
For example, aircraft at an altitude of eleven kilometers can suddenly receive a warning message that the aircraft could soon touch the ground. Security expert Ahrens: “Then the system basically screams until you turn it off or land.”
There are regions in which aircraft are particularly frequently disrupted by GPS jamming signals when navigating.
GPS spoofing should be done by new ones Security systems be better recognized
And such attacks are increasing. The European aviation safety authority EASA wants to better protect airlines. However, according to Cyrille Rosay, EASA cybersecurity expert, if an aircraft is spoofed today, there is no way to detect it. However, this should be possible in the near future.
For example, the various navigation systems in the cockpit – there are several – could automatically compare all data and trigger an alarm in the event of discrepancies. In such cases, the pilot could then switch to another system. This is already partly possible today – but it depends on the aircraft type.
Spoofing is definitely risky, says Rosay: For example, it could be that you are put in a virtual (wrong) position. If this is not noticed and corrected, the aircraft may enter foreign airspace without authorization.
If this happens near the Iranian border, something like this could actually be dangerous. As is well known, Iran has already shot down a foreign passenger plane. There are also many other spoofing problem areas in the Middle East, from Iraq to Egypt to Israel.
The originator of the GPS spoofing attacks is still unclear
It is still unclear who is sending the incorrect data. In Germany, problems caused by spoofing would be unthinkable, says Robert Ertler from German air traffic control. Every airliner has at least two additional navigation systems on board, and air traffic controllers see the planes on the radar.
“In exactly such a case, it is very important that you can use another system that runs completely independently of the system and then be able to show one-to-one where you are and that you can also be located,” says Ertler .
But abroad there are often no expensive radio beacons that can target an aircraft. The radar coverage also leaves a lot to be desired. That's why EASA and the pilots' association are relying on better training and on the various manufacturers developing countermeasures. Unfortunately, there is no magic bullet, says Rosay: “We want the situation to improve. But I think the best way to improve the situation is to end the wars – when they are over, the GPS behaves again normal.”
Stefan Troendle, SWR, tagesschau, February 16, 2024 10:35 a.m