The Indian Ministry of Home Affairs has revealed that seven key airports in the country were hit by GPS spoofing cyber attacks in November 2025, Union Civil Aviation Minister Ram MohanNaidu said. The airports affected are the Indira Gandhi International Airport in Delhi, the Chhatrapati Shivaji Maharaj International Airport in Mumbai, and those in Kolkata, Hyderabad, Bengaluru, Chennai and Amritsar.
Nature of the attack
GPS spoofing, which consists of sending fake satellite signals to navigation receivers and makes the aircraft systems believe that it is at a different location and altitude. A number of flights to Runway 10 at the Delhi airport reported being misled by false GPS signals in the midst of GPS approach routines. A number of aircraft suffered navigation systems falsely displaying their locations as far as 60 nautical miles from their actual position, causing some to divert to nearby cities.
While highlighting the gravity of these attacks, Minister Naidu said, that “no incidents of flight operations being interfered or flights being delayed on account of GPS spoofing were reported.” The aviation regulators were forced to invoke contingency procedures for GPS-spoofed flights, which did not affect scheduled operations on other runways, equipped with more traditional navigational aids. The seamless operations were attributed to India’s strong backup systems and safety procedures in place.
In addition, India operates a Minimum Operating Network (MON) of ground-based navigation and surveillance systems as a backup in the event of disruption of space-based systems. Such a fail-safe model, applied all over the world among satellite navigation and communication providers, ensures the continued availability of traditional navigation means over the skies, when the reception of signals from satellites is lost. The use of the MON enable the aviation community to keep the skies open even in the face of sophisticated cyber attacks on GPS.
Government response and investigation
Earlier, the DGCA had issued advisories on GNSS signal jamming and spoofing in the airspace on 24 November 2023, and subsequently Standard Operating Procedure (SOP) guidelines on 10 November 2025 for reporting in real-time GPS jamming and spoofing incidents. Post the recent attacks, Airports Authority of India (AAI) has approached Wireless Monitoring Organization (WMO) to trace the source of interference/spoofing. During a high-level meeting, the WMO was directed to mobilize additional resources to pinpoint the spoofing source based on approximate location details shared by DGCA and AAI.
Minister Naidu believes that the threats are global, and now more frequently in the form of ransomware and malware attacks targeting aviation. As a result, AAI is rolling out state-of-the-art cybersecurity solutions for IT networks and infrastructure in lieu with the directions from the National Critical Information Infrastructure Protection Centre (NCIIPC) under the Ministry of Home Affairs and the Indian Computer Emergency Response Team (CERT-In). India is also actively engaging in global platforms for learning and sharing of most recent best practices, tools, and techniques to enable real time implementation of security measures.
