iTnews
  • Home
  • News
  • Technology
  • Security

GPS spoofers 'hack time' on commercial airlines, researchers say

By James Pearson
Aug 12 2024 7:17AM

Creating confusion in the cockpit.

A recent surge in GPS “spoofing”, a form of digital attack which can send commercial airliners off course, has entered an intriguing new dimension, according to cyber security researchers: The ability to hack time.

GPS spoofers 'hack time' on commercial airlines, researchers say

There has been a 400 percent surge in GPS spoofing incidents affecting commercial airliners in recent months, according to aviation advisory body OPSGROUP.

Many of those incidents involve illicit ground-based GPS systems, particularly around conflict zones, that broadcast incorrect positions to the surrounding airspace in a bid to confuse incoming drones or missiles.

“We think too much about GPS being a source of position, but it's actually a source of time,” Ken Munro, founder of Pen Test Partners, a British cyber security firm, said during a presentation at the DEF CON hacking convention in Las Vegas.

“We're starting to see reports of the clocks on board airplanes during spoofing events start to do weird things."

In an interview with Reuters, Munro cited a recent incident in which an aircraft operated by a major Western airline had its onboard clocks suddenly sent forward by years, causing the plane to lose access to its digitally encrypted communication systems. 

The plane was grounded for weeks while engineers manually reset its onboard systems, said Munro. He declined to identify the airline or aircraft in question.

In April, Finnair temporarily paused flights to the eastern Estonian city of Tartu due to GPS spoofing which Tallin blamed on neighbouring Russia.

GPS, short for Global Positioning System, has largely replaced expensive ground devices that transmit radio beams to guide planes towards landing.

However, it is also fairly easy to block or distort GPS signals using relatively cheap and easy to obtain parts, and limited technological knowledge.

“Is it going to make a plane crash? No, it's not,” Munro told Reuters.

“What it does is it just creates a little confusion. And you run the risk of starting what we call a cascade of events, where something minor happens, something else minor happens, and then something serious happens."

Got a news tip for our journalists? Share it with us anonymously here.
Copyright Reuters
© 2019 Thomson Reuters. Click for Restrictions.
Tags:
airlinegpssecurity

Related Articles

  • In Pictures: Skybox and BT security roundtable In Pictures: Skybox and BT security roundtable
  • Browser vulnerability can be used to breach local networks Browser vulnerability can be used to breach local networks
  • Services Australia's sweeping security uplift plans for myGov Services Australia's sweeping security uplift plans for myGov
  • Trend Micro explores sale Trend Micro explores sale

Partner Content

SOCO Reveals Microsoft AI with Power Platform Use Cases at Upcoming Government Event
Partner Content SOCO Reveals Microsoft AI with Power Platform Use Cases at Upcoming Government Event
Dual Challenge: Securing Modern Enterprises While Enabling Remote Work
Partner Content Dual Challenge: Securing Modern Enterprises While Enabling Remote Work
Transforming Education: South Australia's Digital Identity Journey with Okta
Partner Content Transforming Education: South Australia's Digital Identity Journey with Okta
Non-technical job seekers are missing out on this in-demand cybersecurity career
Partner Content Non-technical job seekers are missing out on this in-demand cybersecurity career

Sponsored Whitepapers

Nine Ways To Prepare Your Database for a High-Traffic Event
Nine Ways To Prepare Your Database for a High-Traffic Event
How to Put AI at the Heart of Business Growth
How to Put AI at the Heart of Business Growth
Streamline Your Processes and Reduce Managed File Transfer Expenses
Streamline Your Processes and Reduce Managed File Transfer Expenses
Maximise Your Azure Investment with Fusion5
Maximise Your Azure Investment with Fusion5
CyberArk's 2024 Playbook: Identity Security and Cloud Compliance
CyberArk's 2024 Playbook: Identity Security and Cloud Compliance

Events

  • Integrate Integrate
Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Services Australia's sweeping security uplift plans for myGov

Services Australia's sweeping security uplift plans for myGov
Medibank allegedly missed EDR alerts before data breach

Medibank allegedly missed EDR alerts before data breach
Northern Beaches Council reviews security stack to shore up widening perimeter

Northern Beaches Council reviews security stack to shore up widening perimeter
CrowdStrike rejects Delta Air Lines claims over outage

CrowdStrike rejects Delta Air Lines claims over outage

Digital Nation

COVER STORY: What AI regulation might look like in Australia
COVER STORY: What AI regulation might look like in Australia
State of Security 2023
State of Security 2023
More than half of loyalty members concerned about their data
More than half of loyalty members concerned about their data
How eBay uses interaction analytics to improve CX
How eBay uses interaction analytics to improve CX
Health tech startup Kismet raises $4m in pre-seed funding
Health tech startup Kismet raises $4m in pre-seed funding
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.