GPS Spoofing: Cybersecurity Researchers Discover Ability to Manipulate Time on Commercial Airlines
GPS spoofing, a digital attack that can disrupt the navigation of commercial airliners, has taken a new turn as hackers have found a way to manipulate time, cybersecurity researchers have revealed. The instances of GPS spoofing affecting commercial airlines have skyrocketed by 400% in recent months, particularly in areas of conflict where illicit ground-based GPS systems are used to transmit false positions in an attempt to confuse incoming drones or missiles. However, the latest reports indicate that the clocks on board airplanes during spoofing events are starting to behave erratically.
During a presentation at the DEF CON hacking convention in Las Vegas, Ken Munro, the founder of British cybersecurity company Pen Test Partners, highlighted the issue, underscoring that GPS is not just a means of determining position but also a source of time. Munro shared an example of an incident involving a major Western airline, where the aircraft's clocks were suddenly set forward by several years due to spoofing. The consequence was the loss of access to the plane's digitally-encrypted communication systems, leading to the grounding of the aircraft for several weeks as engineers reset the onboard systems.
Although Munro declined to disclose the specific airline or aircraft involved, he shed light on the potential dangers of GPS spoofing. While it may not cause a plane crash directly, the manipulation of time can create confusion and potentially trigger a chain of events. Minor errors can compound, leading to more significant issues with potentially severe consequences.
The issue of GPS spoofing is further exacerbated by the relative ease with which GPS signals can be blocked or distorted using affordable and readily available components, coupled with minimal technical expertise. GPS has largely replaced costly ground devices that employed radio beams to guide planes during landing. However, the vulnerability of GPS to spoofing underscores the need for heightened security measures in order to prevent potential threats.
In April, Finnair had to temporarily suspend flights to the eastern Estonian city of Tartu after GPS spoofing incidents, with blame being placed on neighboring Russia. As widespread adoption of GPS continues, it is essential to address these vulnerabilities and employ robust defense mechanisms to safeguard critical systems and ensure the safe operation of commercial airlines.
Earlier SSP reported that YouTube is experimenting with a new feature to assist creators in generating video ideas.