Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label aviation. Show all posts
GPS Spoofing
aviation aviation cyber attacks Cyber Attacks Cybersecurity Attack GPS GPS interference GPS Spoofing

Delhi Airport Hit by Rare GPS Spoofing Attacks Causing Flight Delays and Diversions

 


Delhi’s Indira Gandhi International Airport witnessed an unusual series of GPS spoofing incidents this week, where fake satellite signals were transmitted to mislead aircraft about their real positions. These rare cyber disruptions, more common in conflict zones or near sensitive borders, created severe flight congestion and diversions. 

According to reports, more than 400 flights were delayed on Friday alone, as controllers struggled to manage operations amid both spoofing interference and a separate technical glitch in the Air Traffic Control (ATC) system. The cascading impact spread across North India, disrupting schedules at several major airports. Earlier in the week, Delhi Airport ranked second globally for flight delays, as reported by the Times of India. 

At least seven flights had to be diverted to nearby airports such as Jaipur and Lucknow, even though all four of Delhi’s runways were fully operational. On Tuesday, the Navigation Integrity Category value—a critical measure of aircraft positioning accuracy—fell dramatically from 8 to 0, raising alarms within the aviation community. Pilots reported these irregularities within a 60-nautical-mile radius of Delhi, prompting the Directorate General of Civil Aviation (DGCA) to initiate an investigation, as confirmed by The Hindu. 

The situation was worsened by the temporary shutdown of the main runway’s Instrument Landing System (ILS), which provides ground-based precision guidance to pilots during landings. The ILS is currently being upgraded to Category III, which will allow landings even in dense fog—a major requirement ahead of Delhi’s winter season. However, its unavailability has forced aircraft to rely heavily on satellite-based navigation systems, making them more vulnerable to spoofing attacks. GPS spoofing, a complex form of cyber interference, involves the deliberate transmission of counterfeit satellite signals to trick navigation systems. 

Unlike GPS jamming, which blocks genuine signals, spoofing feeds in false ones, making aircraft believe they are in a different location. For example, a jet actually flying over Delhi could appear to be over Chandigarh on cockpit instruments, potentially leading to dangerous course deviations. Such cyber manipulations have grown more frequent worldwide, raising serious safety concerns for both commercial and military aviation. 

In India, GPS spoofing incidents are not entirely new. The Centre informed Parliament earlier this year that 465 such cases were recorded between November 2023 and February 2025 along the India-Pakistan border, primarily near Amritsar and Jammu. A report by the International Air Transport Association (IATA) also revealed that over 430,000 cases of GPS jamming and spoofing were documented globally in 2024, a 62% increase from the previous year. The consequences of such interference have sometimes been deadly. 

In December 2024, an Azerbaijan Airlines aircraft crashed in Kazakhstan, reportedly due to Russian anti-aircraft systems misidentifying it amid GPS signal disruption. Earlier this year, an Indian Air Force aircraft flying humanitarian aid to earthquake-hit Myanmar encountered GPS spoofing suspected to originate from Chinese-enabled systems. Data from the GPSjam portal shows India’s borders with Pakistan and Myanmar among the world’s top five regions with poor navigation accuracy for aircraft. 

With Delhi Airport handling over 1,550 flights daily, even brief interruptions can cause widespread delays and logistical chaos. The Airports Authority of India (AAI) has assured that technical teams are working to strengthen the ATC system and implement safeguards to prevent future interference. As investigations continue, the recent incidents serve as a crucial reminder of the evolving cybersecurity challenges in modern aviation and the urgent need for resilient navigation infrastructure to ensure passenger safety in increasingly contested airspace.
Read more »
User Security
aviation DAA Data Breach Dublin Airport Ireland User Security

Dublin Airport Data Breach Exposes 3.8 Million Passengers

 

Dublin Airport has confirmed a significant data breach affecting potentially 3.8 million passengers who traveled through the Irish facility during August 2025, following a cyberattack on aviation technology supplier Collins Aerospace. The breach compromised boarding pass data for all flights departing Dublin Airport from August 1-31, 2025, a period during which the airport processed over 3.7 million passengers across more than 110,000 daily passenger movements.

The Dublin Airport Authority (DAA), which operates both Dublin and Cork airports, first learned of the compromise on September 18, 2025, when Collins Aerospace notified them of a breach affecting its IT systems. By September 19, intelligence gathered by airport authorities confirmed that boarding pass information had been published online by a cybercriminal group. Cork Airport officials clarified that none of the compromised data relates to flights through their facility.

The exposed data includes passenger booking references, first and last names, frequent flyer numbers, contact information such as email addresses and phone numbers, and travel itineraries. Airlines including Swedish carrier SAS have sent notifications to affected passengers warning that other booking-related details may have been accessed. However, the breach did not involve passport information, payment card details, or other financial data.

The incident is directly linked to the devastating Collins Aerospace ransomware attack that crippled multiple European airports in September 2025. Collins Aerospace's MUSE (Multi-User System Environment) software, which powers check-in and boarding operations at approximately 170 airports globally, fell victim to HardBit ransomware on the night of September 19, 2025. Dublin Airport was particularly hard hit, with officials confirming they had to rebuild servers "from scratch" with no clear timeline for resolution.

Additionally, the Russia-linked Everest ransomware gang has claimed responsibility for a separate attack on Dublin Airport, threatening to leak data of over 1.5 million records on the dark web unless the airport pays a ransom. This claim includes device information, workstation IDs, timestamps, departure dates and times, and barcode formats.

The DAA immediately reported the breach to multiple authorities on September 19, 2025, including the Data Protection Commission (DPC), Irish Aviation Authority, and National Cyber Security Centre. Graham Doyle, Deputy Commissioner at the Data Protection Commission, confirmed the agency is conducting a full investigation into the breach's scope and impact.

Security experts warn that the compromised information provides sufficient detail for sophisticated phishing campaigns, social engineering attacks, frequent flyer account takeover attempts, and identity theft operations targeting affected passengers.
Read more »
Russia
aviation Cyber Security European Commission GPS Jamming GPS Spoofing Russia

Russia’s Widespread GPS Jamming Raises Concerns for Air and Sea Safety

 


A recent incident involving the European Commission President’s aircraft has drawn attention to a growing risk in international travel: deliberate interference with satellite navigation systems. The plane, flying into Plovdiv, Bulgaria, temporarily lost its GPS signal due to electronic jamming but landed without issue. Bulgarian authorities later said the disruption was not unusual, describing such interference as a side effect of the ongoing war in Ukraine.

This case is not isolated. Aviation and maritime authorities across Europe have reported an increasing number of GPS disruptions since Russia’s invasion of Ukraine in 2022. Analysts estimate there have been dozens of such events in recent years, affecting flights, shipping routes, and even small private aircraft. Nordic and Baltic nations, in particular, have issued repeated warnings about interference originating near Russian borders.


How GPS jamming works

Satellite navigation relies on faint signals transmitted from orbit. Devices such as aircraft systems, cars, ships, and even smartphones calculate their exact location by comparing timing signals from multiple satellites. These signals, however, are fragile.

Jamming overwhelms the receiver with stronger radio noise, making it impossible to lock onto satellites. Spoofing takes it further by transmitting fake signals that mimic satellites, tricking receivers into reporting false positions. Both techniques have long been used in military operations. For instance, jamming can block incoming drones or missiles, while spoofing can disguise troop or aircraft movements. Experts say such technology has been used not only in Ukraine but also in other conflicts, such as alleged Israeli operations against Iranian air defenses.


Rising incidents across Europe

Countries bordering Russia report sharp increases in interference. Latvia’s communications authority documented more than 800 cases of satellite disruption in 2024, compared with only a few dozen two years earlier. Finland’s national airline even suspended flights to the Estonian city of Tartu after two aircraft struggled to land due to lost GPS guidance. Similarly, Britain’s defense secretary experienced jamming while flying near Russian territory.

The interference is not limited to aviation. Sweden has received reports of ships in the Baltic Sea losing signal, prompting officials to advise sailors to fall back on radar and landmarks. In one case, two German tourists accidentally crossed into Russian airspace in a light aircraft and had to be escorted back. Such episodes underline how civilian safety is affected by what many governments see as deliberate Russian tactics.


Risks and responses

Experts emphasize that aircraft and ships are equipped with backup systems, including radio beacons and inertial navigation, meaning total reliance on satellites is unnecessary. Yet the danger lies in moments of confusion or equipment failure, when loss of GPS could tip a situation into crisis.

Authorities are responding by restricting drone flights near interference hotspots, training crews to operate without GPS, and pressing international organizations to address the issue. While Russia dismisses complaints as political, analysts warn that disruptions serve a dual purpose: defending Russian airspace while sowing uncertainty among its neighbors.

As incidents multiply, the concern is that one miscalculation could lead to a major accident, particularly at sea, where heavy reliance on GPS has become the norm.


Read more »
Network Security
Airlines aviation Cloud Customer Data customer privacy Data Breach Network Security

Airline suffers data breach, customer information stolen


Air France and KLM announced that threat actors had compromised a customer service platform and stolen customer data. Along with Transavia, KLM and Air France are units of Air France-KLM Group, a Dutch-French multinational airline holding organization. Established in 2004, it is a big name in international air transport. 

"KLM has reported to the Dutch Data Protection Authority; Air France has done this in France at the CNIL. Customers whose data may have been accessed are currently being informed and advised to be extra alert to suspicious emails or phone calls," the group said.

With 78,000 employees and a fleet of 564 aircraft, Air France-KLM offers services for 300 destinations in 90 countries worldwide. The group transported 98 million passengers globally in 2024. The airlines said that they have closed the threat actors’ access to the hacked systems once the breach was discovered. They also claim that the attack didn’t impact their networks.

"Air France and KLM have detected unusual activity on an external platform we use for customer service. This activity resulted in unauthorized access to customer data. Our IT security teams, along with the relevant external party, took immediate action to stop the unauthorized access. Measures have also been implemented to prevent recurrence. Internal Air France and KLM systems were not affected," the group said.

The attackers stole data, including names, email addresses, contact numbers, transaction records, and details of rewards programs. But the group has said that the passengers’ personal and financial data was not compromised. The airlines have informed the concerned authorities in the respective countries of the attack. They have also notified the impacted individuals about the breach.

"KLM has reported the incident to the Dutch Data Protection Authority; Air France has done so in France with the CNIL.” "Customers whose data may have been accessed are currently being informed and advised to be extra vigilant for suspicious emails or phone calls," they said. 

Read more »
Personal Information
aviation BreachForums Data Breach Data Hackers data security Data Theft Hacker attack Personal Information

ICAO Investigates Potential Data Breach Amid Cybersecurity Concerns

 

The International Civil Aviation Organization (ICAO), a United Nations agency tasked with creating global aviation standards, has disclosed an investigation into a potential cybersecurity incident. Established in 1944, ICAO works with 193 member states to develop and implement aviation-related technical guidelines. The agency announced its inquiry on Monday, following reports of unauthorized access linked to a well-known cybercriminal group targeting international organizations.  

In its statement, ICAO confirmed it is examining allegations of a security breach and has already implemented precautionary measures to address the issue. While the organization did not provide specific details, it assured the public that a comprehensive investigation is underway. Additional updates will be shared once the preliminary analysis is complete. The investigation coincides with claims by a hacker using the alias “natohub,” who posted on BreachForums, a well-known hacking forum, alleging they had accessed and leaked ICAO’s data. 

According to the claims, the leak comprises 42,000 documents containing sensitive personal information, including names, dates of birth, addresses, phone numbers, email addresses, and employment records. Another source suggested the leaked archive is approximately 2GB and contains data linked to 57,240 unique email accounts. ICAO has not verified the authenticity of these claims but has emphasized the seriousness with which it is handling the situation. 

This development follows a pattern of cyberattacks on United Nations agencies in recent years. In April 2024, the United Nations Development Programme (UNDP) launched an investigation into a ransomware attack reportedly orchestrated by the 8Base group. Similarly, in January 2021, the United Nations Environment Programme (UNEP) experienced a breach that exposed over 100,000 records containing personally identifiable information. Earlier, in July 2019, UN networks in Vienna and Geneva suffered a significant breach through a SharePoint exploit. 

That attack compromised sensitive data, including staff records, health insurance details, and commercial contracts. A senior UN official later described the incident as a “major meltdown.” These recurring incidents highlight the increasing vulnerability of global organizations to cyber threats. Despite their critical roles in international operations, such institutions remain frequent targets for cybercriminals. 

This underscores the urgent need for robust cybersecurity measures to protect sensitive data from exploitation. As ICAO continues its investigation, it serves as a reminder of the evolving threats facing international organizations in a rapidly digitizing world. Enhanced vigilance and collaboration are essential to safeguarding global systems against future cyberattacks.
Read more »
Technology
aviation communication GPS Spoofing Navigation Technology

GPS Spoofing Incidents Spike 400%: Here's What You Should Know


Global Positioning System (GPS) technology has become an integral part of our daily lives, from smartphone navigation apps to precision agriculture and aviation. However, recent incidents have highlighted a growing threat: GPS spoofing. In this blog, we delve into GPS spoofing, its implications for aviation safety, and the measures to address this issue.

What Is GPS Spoofing?

GPS spoofing involves broadcasting false GPS signals to deceive receivers. Instead of providing accurate location data, spoofed signals mislead devices into believing they are in a different location. While this can be used for harmless pranks or privacy protection, it poses significant risks when applied maliciously.

The Aviation Context

1. Commercial Airliners at Risk: GPS spoofing incidents have surged by 400% in recent years, particularly near conflict zones. Commercial airliners are vulnerable targets due to their reliance on GPS for navigation, approach procedures, and timing synchronization.

2. Disruptions and Confusion: Spoofed signals can cause disruptions, such as sudden shifts in aircraft position. In one incident, during a spoofing event, a major Western airline's onboard clocks were abruptly advanced by years. This caused the aircraft to lose access to digitally encrypted communication systems, grounding it for weeks.

3. Safety Implications: While GPS spoofing itself is unlikely to directly cause a plane crash, it can create confusion. Pilots rely on accurate GPS data for navigation, especially during critical phases of flight. Misleading information could lead to incorrect decisions or cascading errors.

Mitigation Strategies

  1. Receiver Authentication: Implementing receiver authentication mechanisms can help detect and reject spoofed signals. Manufacturers are working on secure receivers that validate incoming GPS data.
  2. Redundancy and Backup Systems: Airlines are encouraged to use multiple navigation sources, including inertial navigation systems (INS) and ground-based radio navigation aids. Redundancy reduces reliance on GPS alone.
  3. Jamming Detection: Detecting intentional jamming or spoofing is crucial. Advanced algorithms can identify abnormal signal behavior and trigger alerts.
  4. Regulatory Measures: Aviation authorities must address GPS spoofing as a safety concern. Guidelines and best practices should be disseminated to airlines and pilots.
Keep in mind these strategies to stay safe and secure from GPS spoofing attacks.
 
Read more »
Ukraine
aviation Bot Traffic Cyber Security Digital era Electronic Data GPS GPS Jamming Israel New York Spoofing Ukraine

GPS Warfare: Ukraine-Israel Tensions Raise Alarms

GPS is used for navigation in almost every device in this age of rapid technological development. Israel may have been involved in recent GPS jamming and spoofing occurrences in Ukraine, according to reports that have revealed a worrying trend. These accidents constitute a serious threat to the worldwide aviation sector and a topic of regional concern. 

The New York Times recently reported on the growing instances of GPS disruptions in Ukraine, shedding light on the potential involvement of Israeli technology. According to the report, Israel has been accused of jamming and spoofing GPS signals in the region, causing disruptions to navigation systems. The motives behind such actions remain unclear, raising questions about the broader implications of electronic warfare on international relations. 

The aviation sector heavily relies on GPS for precise navigation, making any interference with these systems potentially catastrophic. GPS jamming and spoofing not only endanger flight safety but also have the capacity to disrupt air traffic control systems, creating chaos in the skies.

The aviation industry relies heavily on GPS for precision navigation, and any interference with these systems can have dire consequences. GPS jamming and spoofing not only jeopardize the safety of flights but also can potentially disrupt air traffic control systems, leading to chaos in the skies.

The implications of these incidents extend beyond the borders of Ukraine and Israel. As the world becomes increasingly interconnected, disruptions in one region can reverberate globally. The international community must address the issue promptly to prevent further escalations and ensure the safe operation of air travel.

Governments, aviation authorities, and technology experts need to collaborate to develop countermeasures against GPS interference. Strengthening cybersecurity protocols and investing in advanced technologies to detect and mitigate electronic warfare threats should be a priority for nations worldwide.

Preserving vital infrastructure, like GPS systems, becomes crucial as we manoeuvre through the complexity of a networked world. The GPS jamming events between Israel and Ukraine serve as a sobering reminder of the gaps in our technology and the urgent necessity for global cooperation to counter new threats in the digital era.
Read more »
SITA
aviation cybercriminals Data Breach SITA

SITA Data Breach Exposes Numerous Airlines

 


After SITA gave an official statement last Thursday affirming it had been the subject of a sophisticated cyberattack, more airlines affirmed they had been directly influenced. It seems the SITA security breach affected all carrier members of Star Alliance and the One World alliance. In a statement, SITA representative Edna Ayme-Yahil declined to say the number of airlines that were affected by the breach. The organization additionally didn't give numerous details on the kind of information compromised, however it noticed that the information incorporates some personal data of airline customers, including frequent flyer account data. 

"Each affected airline has been provided with the details of the exact type of data that has been compromised, including details of the number of data records within each of the relevant data categories,"Ayme-Yahil said. Up until now, Singapore Airlines, Air New Zealand, Lufthansa, Malaysia Airlines, Finnair, Japan Airlines, Cathay Pacific, and South Korea's Juju Air have independently disclosed the impact from the breach, she noted. 

Star Alliance member Singapore Airlines, for instance, said that 580,000 members from its KrisFlyer and PPS loyalty program have had information exposed by the breach, despite the fact that the carrier isn't a SITA Passenger Service System client. Singapore said the breach doesn't include credit card information or data such as itineraries, passport numbers, and email addresses. Star Alliance member Lufthansa said 1.35 million Miles and More members have been affected by the breach. Member names and status levels were exposed, however, no passwords or email addresses were exposed. 

Tomi Pienimaki, the chief digital officer for Oneworld member Finnair, said around 10% of the carrier's loyalty customers have been targeted. "To be honest, I was not surprised in itself that the air industry was subjected to such an attack, because the industry is in a difficult situation and therefore vulnerable," he wrote in a LinkedIn post. "Once we have been informed, all we have to do is clarify the matter and ensure the integrity of our own systems day and night." 

"SITA acted swiftly and initiated targeted containment measures," the company said. "The matter remains under continued investigation by SITA's Security Incident Response Team with the support of leading external experts in cybersecurity."
Read more »
SITA
aviation Data Breach Singapore Airlines SITA

Around 580,000 Privilege Fliers Data Breached, says Singapore Airlines

 

Around 580,000 privilege fliers, KrisFlyer and PPS members have been affected by an information breach, Singapore Airlines (SIA) has said. The information breach includes the passenger service system servers of SITA, an air transport data technology organization, as indicated by the Channel News Asia report.

"While SIA is not a customer of the SITA PSS, this breach of the SITA PSS server has affected some KrisFlyer and PPS members," the national carrier said on Thursday. SIA added that this information breach explicitly doesn't include KrisFlyer and PPS member passwords, credit card data, and other client information like itineraries, reservations, ticketing, passport numbers, and email addresses. 

Such data isn't imparted to other Star Alliance member airlines for this information transfer, the airline said. All-Star Alliance member airlines give a confined set of frequent flyer programme information to the alliance, which is then sent on to other member airlines to reside in their respective passenger service systems. SIA said this information transfer is important to empower verification of the membership tier status. 

One of the Star Alliance member airlines is a SITA PSS client. Subsequently, SITA has access to the restricted set of frequent flyer programme information for each of the 26 Star Alliance member airlines including Singapore Airlines. "The information involved is limited to the membership number and tier status and, in some cases, membership name, as this is the full extent of the frequent flyer data that Singapore Airlines shares with other Star Alliance member airlines for this data transfer," said SIA. 

SIA said none of its IT systems have been affected by the breach and that they are contacting all KrisFlyer and PPS members to inform them about the incident. "The protection of our customers' personal data is of utmost importance to Singapore Airlines, and we sincerely regret the incident and apologize for the inconvenience caused." SITA affirmed in a different statement that it was the "victim of a cyber-attack" which prompted the information security incident. In the wake of affirming the seriousness of the incident on February 24, SITA said it made a prompt move to contact the affected SITA passenger service system customers and all related organizations.
Read more »
senior citizens
aviation Cyber Fraud OTP senior citizens

Senior Citizens, the Victims of Airline Ticket Fraud

 

Think you've discovered a truly incredible deal when you see a last-minute aircraft ticket accessible simply for a small amount of the typical cost? Be cautious before you purchase, or you could end up with no ticket and losing your cash to crooks.

Crooks utilize falsely accessed, compromised, or hacked credit card details to purchase air tickets. They offer these tickets for sale at haggled costs through misleading sites that appear to be legitimate or social networking accounts that give off an impression of being for real travel services or agents. 

The criminal 'travel agents' request prompt installment, regularly with money, bank move, or virtual monetary currencies. After getting your installment, the criminal sends you the flight booking affirmation with their original purchase details erased. At times you will get multiple OTPs on your telephone, and on the off chance that you give the OTP to that phony agent, abundant measures of cash will be siphoned from your account. 

Kumar (name changed), a senior citizen, said in his police objection that he was attempting to book a flight ticket to Thiruvananthapuram via a mobile application. Despite the fact that he had wrapped up making the installment, he got an instant message saying that the fund transfer has not gone through. He later learned that a whopping total of Rs. 7 lakh had been siphoned from his account,  thereupon Kumar called the ticket booking firm's customer care number, they revealed to him that they couldn't restore the sum because of some technical glitch and requested Kumar to give details of a different bank account. At the moment, Kumar got a few OTPs of bank exchanges that occurred without his knowledge. 

Another case has come to light where a senior resident lost Rs 1 lakh in online fraud. A Delhi-based senior resident had booked an Air India ticket and wished to cancel it. He attempted to cancel the ticket on the web and couldn't succeed due to some error. The report that highlighted the incident, further added that when the elderly person reached the customer care number, he was given a different mobile number by the executive. When he called on that mobile number, the individual on the opposite side of the telephone figured out how to get his financial balance and Debit card details. During that time, he got three to four OTPs on his mobile which he shared with the individual. When the senior citizen disconnected the call, he received a message that Rs 1 lakh was debited from his account. 

It is assessed that the aircraft business misfortunes have arrived at near USD 1 billion every year, due to the deceitful online acquisition of flight tickets. These online exchanges are exceptionally lucrative for organized crime and are continually linked to even grave crimes including immigration, trafficking in human beings, drug sneaking, and terrorism.
Read more »
Subscribe to: Comments (Atom)