GPS Spoofing in Aviation: The Growing Threat to Navigation Safety and Security

How GPS Spoofing Works Against Aircraft

GPS spoofing involves transmitting false GPS signals that overpower genuine satellite signals, causing a receiver to calculate and display an incorrect position. Unlike GPS jamming (which simply blocks signals, causing a loss of fix), spoofing is more dangerous because the aircraft's navigation systems continue to display a position — just the wrong one. Modern civil aircraft rely heavily on GPS for navigation, approach, and in some cases automatic landing systems. A spoofed position that goes undetected can cause pilots to fly incorrect approaches, misidentify their position relative to terrain, or receive incorrect TCAS traffic alerts.

Documented Spoofing Incidents in Commercial Aviation

The pattern of GPS spoofing incidents provides important context for the threat:

• Middle East (Iraq, Iran, Syria border region): Persistent GPS spoofing since at least 2020, affecting overflights and approaches to regional airports. Multiple airlines have reported INS position jumps of 50–100+ nautical miles.
• Black Sea region: Following the Russia-Ukraine conflict, widespread GPS interference has been reported affecting flights across Eastern Europe, including approaches to Istanbul, Bucharest, and regional airports.
• Baltic Sea: GPS spoofing attributed to Russian military exercises has affected flights across Finland, Estonia, Latvia, and Lithuania — with Finnair briefly suspending Tartu, Estonia services in 2024.
• Eastern Mediterranean: GPS anomalies affecting aircraft approaching Cyprus, Israel, and Lebanon have been reported by multiple operators.

Aviation Safety Implications of GPS Spoofing

GPS spoofing creates specific safety risks that pilots and operators must understand. When GPS position is spoofed, the aircraft's Flight Management System (FMS) may adopt the false position, causing autopilot commands that are inconsistent with actual aircraft position. EGPWS (Enhanced Ground Proximity Warning Systems) and TCAS, which use GPS, may generate false or missed alerts. Aircraft executing GPS-based approaches (RNAV, RNP approaches) in IMC are particularly vulnerable — a false position could place the aircraft off the correct approach path while the flight deck displays a normal approach. The EASA Safety Information Bulletin SIB 2022-02R2 provides guidance on recognition and response.

Mitigations: What Airlines and Operators Should Do

EASA, IATA, and national regulators have issued guidance on GPS spoofing mitigation:

• Pilot training: Crews should be trained to recognise GPS spoofing indicators — inconsistency between GPS position and other navigation aids (IRS/INS, VOR, DME, radio altimeter)
• Cross-checking: Use multiple navigation sources to verify position, particularly in known spoofing hotspots
• Delay FMS updates: If GPS position appears inconsistent, do not update the FMS with the GPS position
• Brief crews on affected routes: Pre-departure briefings for routes through known spoofing areas should flag the risk
• Report all incidents: File ASR/MOR reports with national authorities — EUROCONTROL maintains a GPS interference database
• Technical mitigations: Consider aircraft equipped with anti-spoofing GPS receivers or multi-constellation GNSS for new acquisitions

The Regulatory and Security Response to GPS Spoofing

ICAO, EASA, and the UK CAA have all recognised GPS spoofing as a cybersecurity threat to aviation safety. EASA's SIB 2022-02R2 (updated multiple times since 2022) provides operational guidance. ICAO's Navigation Systems Panel is developing longer-term technical standards for GNSS resilience. From a security perspective, GPS spoofing attacks on civil aviation represent a state-level threat: the infrastructure required to generate effective aviation-grade spoofing signals is beyond the capability of most non-state actors. This places it firmly in the domain of national security and critical infrastructure protection.

Frequently Asked Questions