It is one of the most horrific events imaginable.
There have been over 50 recent reports of frightening cyberattacks that altered aircraft’s onboard GPS and resulted in what experts described as “critical navigation errors” on board the aircraft.
What’s even scarier is that industry leaders thought this type of hacking wasn’t possible and don’t know how to fix the now glaring security flaw. They have been observed across the Middle East since late August, particularly over Israel, neighboring Egypt and Iraq.
In September, the FAA issued a warning about the “flight safety risk to civil aviation operations” amid the spate of attacks OpsGroupan international association of pilots and technicians who were the first to draw attention to the terror.
The attack is called GPS spoofing – on a navigation system gets fake coordinates – is not new and applies to all types of transport. Ten years ago, a group of college students at the University of Texas bragged about it They sent an $80 million yacht off course as a school project. In 2015, a security researcher also hacked a United Airlines flight and changed course as a warning of security vulnerabilities.
But the tactic has become so sophisticated that nefarious hackers still at large recently learned how to override an aircraft’s critical inertial reference systems (IRS). This crucial piece of technology is commonly referred to as “brains.” of a craft by manufacturers.
One flight, a Gulfstream G650 from Tel Aviv on Oct. 25, “experienced full navigation[igation] “Error” because his system had marked the aircraft 225 nautical miles off the actual course. And a Boeing 777 was spoofed over Cairo airspace and was incorrectly believed to be stationary for half an hour on October 16, the group said.
Before these rampant attacks began in late August, it was “previously thought to be impossible to manipulate the IRS,” OpsGroup said wrote in a November updatewhich added more cases of spoofing to the already long list.
“The industry has been slow to address the issue, leaving flight crews alone to find ways to detect and mitigate GPS spoofing…What are you going to do at 2 a.m. over the Middle East when the plane starts to go off course to come off and say “position”? Unsure?’ Since there is almost no guidance, we are largely on our own to figure things out.”
Another aviation expert and former flight operations manager, Patrick Veillette, warned that the current global climate – the pattern of attacks began shortly before Gaza’s attack on Israel in October – poses an additional global risk. Israel also admitted in mid-October that “GPS has been restricted in active combat zones due to various operational needs.”
“There are likely nefarious (although as yet unidentified) forces behind this.” Veillette wrote. “And the consequences could lead to an international crisis and potentially the loss of an innocent civilian aircraft in what is already a high-risk area close to an active conflict zone.”
To add to the tension, Professor Todd Humphreys, who led yacht spoofing at UT a decade ago, believes he has traced the source of these hacks to Iran.
“Using raw GPS measurements from multiple spacecraft in low Earth orbit, my student Zach Clements last week located the source of this illusion in the eastern periphery of Tehran,” says Humphreys. who warned Congress about the dangerous potential of spoofing in 2012, said Vice’s Motherboard.
“GPS spoofing acts like a zero-day exploit against aviation systems…[aviators are] completely unprepared and powerless against it.”