The growing threat of GPS spoofing and what we can do about it
In a public letter last November, Spirent’s CEO, Peter Terry-Brown, said that the threat from global positioning system (GPS) spoofing—cyberattacks that falsify GPS signals—could not be overstated, arguing that, “the global aviation sector could face billions of dollars in annual losses” if it’s not addressed.
Good day, Peter. Would you please explain to our readers how these attacks work and why you believe the threat is so serious?
Peter Terry-Brown
Peter Terry-Brown
We’ve referred to GPS or GNSS spoofing as the most insidious problem in the industry—aerospace, communications, and so on—and I don’t think that’s an exaggeration.
Fundamentally, these attacks make an aircraft’s GPS unit think the aircraft is occupying one place, when, actually, the aircraft is in another. As you can imagine, this can cause all sorts of issues for aircraft in flight, such as generating false alarms, forcing crews to execute additional maneuvers as well as increasing the risk of collisions and unplanned incursions into restricted airspace.
Additionally, the way spoofing attacks function is far more deceptive and ultimately more dangerous than simple GPS jamming. You end up with a scenario where an aircraft’s GPS unit could, to all appearances, seem to be operating normally, even as it reports a false position, unless and until someone notices that something looks off.
Now, I want to emphasize that air and ground crews constantly drill on operating when aircraft have lost navigation or when automated safety systems are unavailable, so a crash caused by the loss of these systems is still unlikely.
In fact, even as the number of flights has increased 14-fold since 1970, from roughly 310 million passengers annually to around 4.5 billion, we’ve seen a marked decrease in incident rates. During the 1970s, there were roughly six fatal accidents per million commercial flights. By 2020, that figure was less than two per million commercial flights.
Nevertheless, spoofing poses a significant threat, simply due to how pervasive GPS and GNSS have become in modern aircraft and ATC [air traffic control] operations, for both military flight operations and civil commercial operations.
Look at all the automation and safety systems a typical airliner depends on—ADS-B [automatic dependent surveillance – broadcast] flight tracking systems, ground proximity warning systems, TAWS [terrain awareness and warning systems], AHRS [attitude and heading reference systems], runway overrun protection, autopilot... all of these systems and many others depend on accurate positioning information.
When GPS is spoofed, it can cause all sorts of issues, both in terms of safety and efficiency. Making matters worse, some of these systems don’t recover, even after leaving the affected airspace. In the commercial sector, for instance, many systems can’t even be reset midflight if they’ve been impacted by a GPS spoofing attack.
GPS is thoroughly baked into so many of the avionics that we depend on for the safe and efficient operation of every military and commercial flight. Disrupt it, and you add a lot of extra overhead for pilots and crews, who now have to figure out which systems they can trust, and we have seen numerous incidents of aircraft having to operate without key automation and safety systems.
Controllers also now have to sort genuine position reports from spoofed ones and identify affected aircraft. A military aircraft or a commercial airliner that’s lost RNP [required navigational performance] due to a spoofing attack can disrupt an entire military operation or a civil airport. Flights may need to be diverted or have airspace around them cleared during an approach.
This creates knock-on effects for other flights and crews, adds delays, increases fuel burn, and creates all these second-order problems and costs, even apart from the safety risk.
This definitely is a major problem and the concern is certainly more than justified. Can you explain why these attacks are happening?
Peter Terry-Brown
Readers know that military attacks aimed at jamming or manipulating wireless signals have been around as long as signals have been used in warfare. In that sense, this is not a new challenge. What is new is how dependent aircraft have become on GPS signals, and more broadly, the rapidly expanding role of uncrewed aircraft in modern warfare.
When you look at conflicts around Ukraine, the Middle East, and elsewhere, drones are a huge part of offensive and defensive combat operations. Now, if you can knock out an adversary drone’s navigation systems—or even better, make it believe it’s someplace it’s not—that’s a win.
You could, for example, make a drone believe it’s in protected airspace, such as an airport, so that it grounds itself or refuses to take off. Or, you could misdirect automated vehicles so that they navigate into buildings or deliver their payloads to the wrong location. These are significant potential outcomes, so it was inevitable that combatants would try to exploit GPS spoofing. At this point, these attacks are just a feature of warfare—and they’re not going away.
The other element that’s new here and that’s driving us to really try to make people sit up and take notice, is just how much this problem is bleeding outside of the areas of military conflict. There are thousands of square miles of airspace around the globe that are being affected by GPS spoofing right now, as we speak. This is becoming a huge problem for civil aviation, too, as well as any other business or technology that relies on GPS in an affected area.
How pervasive is GPS spoofing?
Peter Terry-Brown
Well, that’s the problem. It’s become extremely widespread, and growing more so. Industry groups reported an incredible 400% increase in spoofing incidents over the first six months of 2024, affecting as many as 1,350 flights each day. We’ve been tracking this problem ourselves the past few years, and when you see how much spoofing activity is currently out there, it’s eye-opening.
In one region around the Mediterranean Sea, for instance, in one three-hour period last September, we tracked 183 flights that were actively being spoofed. That was 40 different airlines, as well as private jets. And in more than half of those aircraft, onboard GPS units were still reporting good integrity, even as they were being spoofed.
As alarming as what we’re seeing now though, imagine what this problem could look like a few years down the road. If these attacks are already disrupting hundreds of aircraft daily, what happens when there are thousands or tens of thousands of drones operating over every city, playing a key role in military operations, shipping, agriculture, and other sectors? You can already order basic GPS jamming and spoofing equipment on the Internet, so it’s not hard to imagine how this trend will play out.
The problem is going to get much larger, while constantly changing in complexity and location. The impact on all aviation will inevitably be significant, and we need to be doing more to get ahead of these insidious attacks.
What should the industry be doing about these threats?
Peter Terry-Brown
Ultimately, we need to make the positioning, navigation, and timing [PNT] functions of aircraft much more resilient against these types of attacks. The good news is that the industry is already making solid progress in this regard.
For example, one of the most promising interventions, CRPA [controlled reception pattern antenna] systems, is in the process of being removed from the heavily restrictive ITAR [International Traffic in Arms Regulations] classification and reclassified under the less onerous EAR [Export Administration Regulations] controls.
Currently, this change is slated to go into effect on September 15, 2025. When fully ratified, it could have a significant benefit for civil aviation, where CRPA is likely the most complete long-term solution.
Among other interventions that have been discussed publicly, technologies like encrypted and/or authenticated signals, dual-frequency GNSS systems, and the addition of alternative and complementary sensors can make successful spoofing attacks far less likely. At Spirent, we’ve led the industry in pioneering GNSS simulation technology for the last 40 years, supporting applications ranging from satellites, to lunar, to military, to automotive, and more. We’ve been helping organizations test against spoofing threats for 30 years. We’re more than prepared to help system developers and integrators develop novel solutions to address the GPS spoofing threat.
If there’s a major barrier we face, it’s that, while militaries have decades of preparation, experience, and equipment to deal with GPS spoofing, civil aviation is entering unknown territory. It’s not as simple as just transferring that equipment and practice from one domain to the other. There are regulations to adhere to, hardware updates required, and large fleets of aircraft that are in constant operation. Plus, we’re still basically at the start of this process.
Even now, many in the industry are shocked to learn that spoofing affects so many commercial flights. The first step has to be raising awareness, which we and other industry groups have been working to accomplish. The reality, however, is that even when industry leaders appreciate the scale of the problem, and even when they commit to hardening GPS systems, it could take years to test and integrate new systems into commercial fleets. While we pursue these long-term efforts, we also need to find creative ways to deal with GPS spoofing attacks in the here and now. Pilots need to be confident in their onboard navigation and PNT-dependent systems, but they also need to know when those systems are likely to be unreliable and what to do in each individual circumstance. ATC needs to be aware of impacted flights and when to prioritize other systems over, for instance, ADS-B. The entire industry needs clarity short-term and long-term mitigation strategies.
One of the interventions that Spirent has developed to help address the immediate need is our GNSS Spoofing Detection & Alerting Service. This service takes available real-time data from a range of sources, including, but not limited to, ADS-B, and maps affected areas. The service also collates information on the reported impacts of the attacks on different types of aircraft.
The service integrates with pilots’ existing electronic flight bags and ground-based systems, meaning no new hardware is required. It issues alerts whenever a flight is approaching a region with current GPS spoofing activity, similar to alerts for extreme weather or turbulence. Once they know they’ll be traversing an impacted area, aircraft crews can take steps to protect navigation systems or navigate around it.
Controllers and airline operators can also use these services to monitor attack patterns, so they can adapt operations, reroute flights when necessary, and update testing and training to ensure that pilots, crews, and aircraft are prepared for these attacks.
Services such as these don’t fully eliminate the GPS spoofing problem, but we have to look at this in both immediate and longer terms. The longer-term solutions will, we hope, totally solve this critical issue—doing nothing while we wait for these solutions is not an option.
Incorporating near-term and long-term strategies is the key to maintaining the operational safety and efficiency of aviation, military and civil.
spirentfederal.com