Hackers are taking over planes’ GPS — experts are lost on how to fix it

It is one of the most terrifying events imaginable.

There have been more than 50 recent reports of horrifying cyberattacks that tampered with airplanes’ in-flight GPS and caused what experts called “significant navigational disruptions” onboard the aircraft.

Even more frightening, industry leaders believe this kind of hacking is impossible and are at a loss as to how to fix the now obvious security flaws. Since late August, it has been observed across the Middle East, particularly over Israel, neighboring Egypt, and Iraq.

The FAA issued a warning in September about “flight safety risks to civil aviation operations” following a series of attacks, according to reports. strategy groupan international collection of pilots and technicians who first drew attention to terrorism.

This attack, called GPS spoofing, is a technique that allows navigation systems to given false coordinates — This is nothing new and applies to all modes of transportation. Ten years ago, a group of college students at the University of Texas boasted: They took an $80 million yacht off course. As a school project. 2015, Security Researcher A United Airlines plane was also hacked. The company revised its policy to warn of security flaws.

Reports of GPS “spoofing” have been rampant in the Middle East since late summer.
strategy group

But the tactics are now highly sophisticated, and the still-violent hackers recently learned how to disable the plane’s critical Inertial Reference System (IRS).The important technology is commonly called the “brain” Crafts by manufacturers.

“Experience Full Navigation” on a Gulfstream G650 flight departing from Tel Aviv on October 25th[igation] That’s because the system marked the plane 225 nautical miles off its actual course. The group said the Boeing 777 survived a spoof over Cairo and was mistakenly thought to be stationary for 30 minutes on October 16.

Before these rampant attacks began in late August, impersonating the IRS “was previously thought to be impossible,” OpsGroup said. I wrote this in the November update.added several more cases of impersonation to an already long list.

Experts have warned that targeted sailings across the Middle East could fail.
strategy group

“The industry has been slow to come to terms with this problem, leaving flight crews alone to find ways to detect and mitigate GPS spoofing… At 2 a.m., a plane veers off course over the Middle East and has no “location.” What would you do if you started saying “Uncertain?” There is little guidance and we mostly figure things out on our own. ”

Another aviation expert and former flight captain, Patrick Veilette, warned that the current global situation – this pattern of attacks began just before the Gaza attack on Israel in October – increases global risks. . Israel also acknowledged in mid-October that “GPS was limited in active combat zones according to various operational needs.”

“It is likely that nefarious forces (though not yet identified) are behind this.” Veilette wrote. “And the result could be an international crisis, with the loss of innocent civilian aircraft in an already high-risk area close to a conflict zone.”

There are concerns that such navigation hacks could lead to innocent deaths in the skies.
NurPhoto (from Getty Images)

Adding to the tension, Todd Humphries, the professor who led the yacht impersonation efforts at UT a decade ago, believes these hacks can be traced back to Iran.

“Using raw GPS measurements from multiple spacecraft in low Earth orbit, my student Zach Clements determined last week that the source of this spoofing was Tehran’s eastern fringes. ” Humphries said. Who warned Congress? On the dangerous potential of identity theft in 2012. Speaking to Vice’s Motherboard.

“GPS spoofing acts like a zero-day attack on aviation systems…[aviators are] Totally unprepared for it, powerless against it. ”