More and more planes flying over the Middle East are reporting erroneous GPS signals, which can have disastrous consequences, and this pirate technique has a name: spoofing.
Here is another cyber threat that can prove catastrophic both on a humanitarian and diplomatic level: spoofing. This technique, which consists of usurping an electronic identity to hide one’s own, can affect an e-mail, a URL, but also a GPS signal. Repeated incidents, reported since September, have endangered commercial and business planes flying over sensitive areas, such as the Middle East. The conflicts taking place today in Ukraine and Israel could explain the increasing intensity of the phenomenon.
Malicious GPS broadcasts that divert planes from their trajectory and put them in danger
For researchers and specialists at the University of Texas, the observation is clear: “ we have never seen commercial planes disrupted like this “. Malicious GPS broadcasts have been detected during commercial and business flights, all while flying over the Middle East. Planes have reported corrupted signals disabling their backup systems and even causing complete navigation system failures, leading to unauthorized deviations in the airspace.
So scientists used satellites in low Earth orbit to locate the sources of harmful GPS emissions. Unfortunately, they found that the planes were sometimes guided, by the pirates, towards an airspace where they did not have authorization, by being under the influence of corrupted signals. A vulnerability that poses a serious threat to aeronautical security.
The researchers still managed to identify the origin of a GPS identity theft, and it came from the Israeli Defense Forces. A common jammer was emitting “sawtooth” signals, which compromised aircraft GPS navigation systems. If the Israeli army has recognized the facts, justifying that it is trying to unbalance Hezbollah’s missiles, the latter have repercussions on the planes.
GPS spoofing exposes vulnerabilities in modern avionics and highlights urgency for enhanced security solutions
Be aware that GPS receivers in flight management systems, such as those used by Garmin and Rockwell Collins, are vulnerable to receiving spoofed data. This data, merged with INS (inertial navigation) systems, navigation devices providing position, heading or even speed, misleads the autopilot, fuel computers and other critical subsystems. The lack of cross-verification in modern aircraft technical equipment (also known as avionics) places aircraft at increased risk of GPS spoofing, highlighting the need for more rigorous security solutions.
The quest for optimal performance under normal conditions has led to connectivity that accepts data without verification, a perceived vulnerability today. In an increasingly hostile environment, the approach becomes dangerous. So connectivity must be accompanied by rigorous data verification, an aspect often overlooked in today’s avionics. Patches are needed to mitigate the risk of GPS spoofing in aerial navigation.
Systems like Galileo integrate digital signatures to authenticate GPS data, a measure that aeronautics should learn from. But it is not yet widespread. Avionics manufacturers must step up their efforts to integrate rigorous cross-checks between the GPS and INS portions of their systems. Until robust solutions are implemented, aviation in the Middle East will in any case remain vulnerable to sophisticated GPS spoofing attacks.
Source : The New York Times
9