GPS spoofers 'hack time' on commercial airlines, researchers say

A recent surge in GPS “spoofing”, a form of digital attack which can send commercial airliners off course, has entered an intriguing new dimension, according to cyber security researchers: The ability to hack time.

There has been a 400 percent surge in GPS spoofing incidents affecting commercial airliners in recent months, according to aviation advisory body OPSGROUP.

Many of those incidents involve illicit ground-based GPS systems, particularly around conflict zones, that broadcast incorrect positions to the surrounding airspace in a bid to confuse incoming drones or missiles.

“We think too much about GPS being a source of position, but it's actually a source of time,” Ken Munro, founder of Pen Test Partners, a British cyber security firm, said during a presentation at the DEF CON hacking convention in Las Vegas.

“We're starting to see reports of the clocks on board airplanes during spoofing events start to do weird things."

In an interview with Reuters, Munro cited a recent incident in which an aircraft operated by a major Western airline had its onboard clocks suddenly sent forward by years, causing the plane to lose access to its digitally encrypted communication systems. 

The plane was grounded for weeks while engineers manually reset its onboard systems, said Munro. He declined to identify the airline or aircraft in question.

In April, Finnair temporarily paused flights to the eastern Estonian city of Tartu due to GPS spoofing which Tallin blamed on neighbouring Russia.

GPS, short for Global Positioning System, has largely replaced expensive ground devices that transmit radio beams to guide planes towards landing.

However, it is also fairly easy to block or distort GPS signals using relatively cheap and easy to obtain parts, and limited technological knowledge.

“Is it going to make a plane crash? No, it's not,” Munro told Reuters.

“What it does is it just creates a little confusion. And you run the risk of starting what we call a cascade of events, where something minor happens, something else minor happens, and then something serious happens."