It’s some of the terrifying events possible.
There have been over 50 recent reports of frightening cyberattacks which have altered planes’ in-flight GPS, resulting in what experts described as “critical navigation failures” onboard the aircraft.
More frightening still, industry leaders thought that this sort of hacking was impossible and are at a loss over how you can fix the now glaring security failure. Since late August, they’ve been observed throughout the Middle East, particularly over Israel, neighboring Egypt, and Iraq.
In September, the FAA issued a warning on the “safety of flight risk to civil aviation operations” over the spate of attacks, based on OpsGroup, a global collection of pilots and technicians who first brought attention to the fear.
The attack, called GPS spoofing — when a navigation system is given counterfeit coordinates — isn’t recent and applies to all modes of transportation. Ten years ago, a bunch of faculty students on the University of Texas bragged that they moved an $80M yacht off its course as a college project. In 2015, a security researcher also hacked a United Airlines flight and modified its course as a warning over security flaws.
However the tactic has now turn out to be so sophisticated that nefarious hackers, still at large, have recently learned how you can override an airplane’s critical Inertial Reference Systems (IRS). That crucial piece of technology is commonly called the “brains” of a craft by manufacturers.
One flight, a Gulfstream G650 from Tel Aviv on October twenty fifth, “experienced full nav[igation] failure” as its system had marked the plane 225 nautical miles from the actual course. And a Boeing 777 endured spoofing over Cairo airspace and was falsely regarded as stationary for a half hour on Oct. 16 as well, based on the group.
Before these rampant attacks began on the very end of August, spoofing the IRS was “previously regarded as unimaginable,” OpsGroup wrote in a November update, which added several more cases of spoofing to the already lengthy list.
“The industry has been slow to return to terms with the problem, leaving flight crews alone to seek out ways of detecting and mitigating GPS spoofing…What’s going to you do at 2 a.m. over the Middle East when the aircraft starts drifting off track and saying ‘Position Uncertain?’ With almost zero guidance, we’re largely on our own to figure things out.”
One other aviation expert and former flight operations captain, Patrick Veillette, warned that the present global climate — the pattern of attacks began shortly before Gaza’s October assault on Israel — is an added global risk. Israel also admitted that “GPS was restricted in lively combat zones in accordance with various operational needs” in mid-October.
“Nefarious (though yet to be identified) forces are likely behind this,” Veillette wrote. “And the implications could turn into a global crisis and possibly the lack of an innocent civilian aircraft in a region that’s already a high-risk area near an lively conflict zone.”
Adding more fuel to the strain, Professor Todd Humphreys, who led the yacht spoofing at UT a decade ago, believes he’s traced the source of those hacks back to Iran.
“Using raw GPS measurements from several spacecraft in low-Earth orbit, my student Zach Clements last week situated the source of this spoofing to the eastern periphery of Tehran,” Humphreys, who warned congress concerning the dangerous potential of spoofing in 2012, told Vice’s Motherboard.
“GPS spoofing acts like a zero-day exploit against aviation systems…[aviators are] completely unprepared for it and powerless against it.”