Cybersecurity challenges in aviation

By Sylvie Truong, The Readable
Apr. 2, 2024 7:38PM GMT+9

The increasing frequency of Global Positioning System (GPS) jamming incidents spotlights the cybersecurity challenges currently confronting the aviation industry. Malicious actors intentionally interfere with GPS signals with the aim of disrupting or blocking the precise location tracking and navigation of aircraft. Their objectives are to compromise safety, create chaos in air traffic systems, and possibly exploit geopolitical tensions. While GPS jamming represents just a single facet of a multifaceted cyber threat landscape targeting air traffic, it highlights the existing vulnerabilities within aviation systems.

GPS Jamming Incidents

In late March, an analysis based on open-source intelligence reported that, in less than two days, over 1,600 airplanes experienced GPS interference while flying over Europe. This disruption impacted civilian aircraft, particularly those flying over the Baltic Region, with significant jamming reported in Poland and southern Sweden. Swedish Lieutenant Colonel Joakim Paasikivi suggested to local media that this GPS interference could be attributed to “Russian influence activities or tactics typical of hybrid warfare.”

Additionally, General Martin Herem, the Commander of the Estonian Defense Forces, reported to Bloomberg an escalation in GPS signal disruptions beginning last year, with significant incidents having taken place in Finland, Poland, and the Black Sea region. Similarly, Eurocontrol, the European Organization for the Safety of Air Navigation, has documented a sevenfold increase in GPS jamming incidents across Europe in the first two months of 2024 compared to the corresponding period in 2023.

In January, the European Union Aviation Safety Agency (EASA) and the International Air Transport Association (IATA) held a workshop in Cologne, Germany, dedicated to addressing safety threats that satellite-based services face in aviation. The group reached the conclusion that interference with these services, which are crucial in providing accurate aircraft positioning, presents substantial safety challenges to aircraft, including navigation errors, reduced situational awareness among pilots, and the increased likelihood of midair accidents like collisions. An incident in 2019, reported by The National Aeronautics and Space Administration (NASA), underscores the severity of these risks, noting that in an especially life-threatening incident of GPS jamming, a passenger jet nearly avoided crashing into a mountain.

Geopolitical Dynamics and GPS Jamming

Recognizing the geopolitical factors behind GPS jamming incidents is essential. For instance, there has been a significant uptick in such incidents in the wake of the Russian invasion of Ukraine. Increases such as this can be attributed to strategic efforts by states to disrupt the navigational capabilities of adversaries or to assert dominance in contested regions. GPS jamming, in this context, serves as a tool of modern warfare and geopolitical maneuvering, impacting not only military operations but also civilian aviation and maritime activities.

In March 2023, a number of Australian news outlets reported incidents of GPS jamming affecting Qantas, the country’s largest airline. These incidents, allegedly perpetrated by Chinese warships, followed shortly after China voiced objections to a bilateral agreement between Australia and the United States. Similarly, last month, South Korea’s Joint Chiefs of Staff reported an attempt by North Korea to interfere with the joint South Korea-United States military exercise “Freedom Shield” using GPS jamming techniques to sow discord.

Although GPS jamming incidents are often linked to military activities, civilian aircraft within the vicinity of such jamming can also suffer collateral effects. In these situations, disruptions to GPS signals can impair the navigation systems of civilian planes, jeopardizing their safety and potentially resulting in unintended outcomes such as forced emergency landings, deviations from intended flight paths leading to airspace violations, or even near-misses with other aircraft.

Flight Operations Affected by Cyberattacks

Analyzing cyberattacks that affect flight operations can shed light on the wider cybersecurity challenges confronting the aviation industry. Here are two significant incidents where cyberattacks were verified to have disrupted flight operations, underscoring the vulnerabilities in airport and air traffic control systems.

1. Vietnam Airlines and Vietnamese Airports: In 2016, the Vietnam Airlines website and two of Vietnam’s major airports, Tan Son Nhat International Airport and Noi Bai International Airport, were targeted by cyberattacks carried out by a Chinese hacker group known as 1937CN. These attacks led to the compromise of client information and alterations to airport display screens, resulting in flight delays that affected around 2,000 passengers. Moreover, the hackers used the speaker system at Noi Bai International Airport to broadcast disparaging messages about Vietnam and the Philippines, and this in the context of territorial disputes then underway in the South China Sea. These incidents highlight the significant impact cyberattacks can have on airline operations and passenger safety.

2. The Federal Aviation Administration (FAA) Chicago Center: In 2014, the Federal Aviation Administration’s (FAA) Chicago Center was compromised when a former employee sabotaged its navigation and communications systems. This act of sabotage disrupted operations at the air traffic control facility, leading to significant flight delays and cancellations not only in the Chicago area but also extending its impact to air traffic networks across a broader region.

Although not every disruption in the aviation sector stems from cyberattacks, the incidents highlighted above draw attention to the industry’s susceptibility to such threats. Moreover, not all cyber incidents are made public, due to security considerations or regulatory requirements, suggesting the actual scope of cyber threats facing the aviation sector might exceed what is known to the public. Ongoing research and practical demonstrations underscore the critical necessity for proactive cybersecurity measures. These strategies are essential not only for mitigating risks but also for enhancing the resilience of the global air transportation systems against emerging cyber threats.

The cover image of this article was designed by Areum Hwang. This article was reviewed by Dain Oh and copyedited by Arthur Gregory Willers.

Sylvie Truong is a regular contributor to The Readable. Her interest in cybersecurity began in 2015, while working as a biomedical research assistant at Columbia University’s Irving Medical Center. She worked in the Molecular Imaging and Neuropathology Division, analyzing data using various software programs. Due to her experience there, she developed an interest in cybersecurity and implementing better practices to protect personal data, valuable research information, and more. Sylvie holds a master’s degree in neuroscience and education from Columbia University.