Hacking a commercial aircraft causing complete navigation failure may sound like something straight out of a movie, but an unknown group has been conducting deceptive attacks on flights over the Middle East for weeks. In one incident, a business jet nearly strayed into Iranian airspace without permission.
In September, OPSGROUP, an 8,000-person international organization composed of pilots, dispatchers, dispatchers, controllers and flight technicians, began to focus on reporting on incidents of commercial aircraft receiving deceptive GPS navigation signals in the Middle East. The attacks also affected backup navigation systems, causing them to completely fail.
More than 50 similar incidents have occurred in the past five weeks, mainly in Baghdad, Cairo and Tel Aviv. OPSGROUP said these attacks used a "unbelievable" specific vector and exposed "fundamental flaws in the design of avionics equipment." The spoofing affected the plane's inertial reference system (IRS), which is used to help the plane navigate.
OPSGROUP wrote: "In theory, the IRS should be a self-contained system that cannot be spoofed. The idea that we could lose all onboard navigation capabilities and have to ask air traffic control for our position and request a heading does not make sense at first glance - especially for advanced aircraft equipped with the latest avionics. However, multiple reports confirm that this has actually happened."
A report claims that the crew of an Embraer 650 business jet flying from Europe to Dubai lost the GPS navigation unit on board and the GPS signal on the pilot/co-pilot’s iPad during the flight. The crew said the IRS had failed and they didn't realize something was wrong until the autopilot began steering left and right. After the aircraft's flight management system displayed a GPS error message, the crew applied for radar vectors from the air traffic control department. The results showed that they deviated 80 nautical miles from the route and almost entered Iranian airspace, but did not obtain permission. This is undoubtedly very dangerous.
Todd Humphreys, a UT Austin professor who studies satellite communications, said his team of students has been studying signals in the area.
He said: "In addition to ordinary jamming (such as using jammers), we have also captured GPS spoofing signals in radio trawls. But interestingly, these spoofing signals seem to be incomplete. They are either missing critical internal data or inconsistent with each other, so they cannot fool the GPS receiver. Their purpose seems to be denial of service, rather than true spoofing. My students and I gradually realized that spoofing is a new jamming method. In other words, it is used for denial of service because it is more effective than blunt jamming."
Humphreys said the new attack is of great concern because, unlike GPS jamming, spoofing acts like a zero-day vulnerability for aviation systems and also compromises IRS and backups, posing a greater threat to aircraft security.
Israel has also used GPS spoofing to try to protect itself from Hezbollah missile attacks, which could endanger commercial aircraft. Israel has warned pilots landing in the country not to rely on GPS for landings but to rely on other methods.