Spotlight

MH 370 conclusions after a decade

March 2024: “Deep Dive: MH370” is a podcast by journalist and aviation expert Jeff Wise, and OnMilwaukee publisher Andy Tarnoff. It presents a deep dive on Malaysian Airlines flight 370 that disappeared in 2014. In part 2 of their 24th episode, they talk to the RNL’s Dr. Humphreys to get an opinion on how likely GPS spoofing can be. For more, visit their website here.

Summary of Jamming and spoofing events in recent times

March 2024: An Aviation International News (AIN) article summarizes recent events of GPS jamming and spoofing. According to the article, last year fake signals caused issues for aircraft over the Black Sea. OpsGroup first reported these events citing missing or inaccurate information from the aircraft navigation systems. Since then, more and more spoofing events have been occurring, many times found in forums for pilots. These spoofing events take on various forms, with aircraft spoofed to a specific static area, or spoofed to within 100 nm from its location. OpsGroup advises ” watching for a sudden increase in the EPU on cockpit displays” since spoofing causes a “jump, hence EPU values have jumped from 0.1 nm to 60 nm, and more than 99 nm in quick order.”

The RNL’s Dr. Humphreys says “The main fallback is an inertial sensor or the [IRS]. When that gets captured, you realize that the design itself…appears to be flawed. In other words, the IRS is not double-checking the GPS, it’s simply flywheeling through periods of GPS outage. If the GPS indicates it has a fix, then the IRS is accepting that fix without enough skepticism and updating its location and the velocity and all of its internal coefficients based on that fix. Most business jets have something like three or two GPS receivers and usually at least two IRSs. In other words, every one of those systems that’s purportedly redundant [is] captured by the same attack, so it doesn’t offer nearly the redundancy that those who designed it thought it would. When all of these are being affected by the same source and have a common mode failure, then it doesn’t have the level of safety and security that that you might have expected.”

Dr. Humphreys along with Zach Clements were able to leverage ADS-B outputs along with data from a low-earth-orbit satellite network to geolocate the source of the spoofers, one of which is in eastern Tehran. Similar events have occurred near the Isreal-Gaza conflict, and Dr. Humphreys speculates that “this might be some of Palestine’s collaborators or it could just be the Israel Defense Forces trying to protect Israel [from the enemy’s GPS-guided missiles]. I like to say that spoofing is the new jamming, and what I mean by that is that if you have an intent to deny GPS service to your adversaries, spoofing is a more potent means of doing that than just ham-fisted jamming.” Dr. Humphreys believes that a good option for addressing the issue of spoofing aircraft is to simplify the avionics certification process, especially software-defined radios, to allow the industry to keep ahead of threads without a latency of, for example, 20 years on technology. For more details on the story, visit the original article here.

GPS disruptions in around Eastern Mediterranean

February 2024: Israel confirms disrupting GPS “in a proactive manner for various operational needs.” The RNL’s Dr. Humphreys along with Zach Clements have geolocated spoofers attributed to spoofing receivers to the Beirut–Rafic Hariri International Airport. Dr. Humphreys says “our data are taken from satellites in low Earth orbit. Israel appears to be engaging in GPS spoofing as a defensive measure.” For more on the story, read the article here.

Russia reportedly using Starlink in Ukraine

February 2024: According to Ukrainian source, Russian forces may be using Starlink for communication inside Ukraine. SpaceX’s response has been that the company  “does not do business of any kind with the Russian Government or its military. Starlink is not active in Russia, meaning service will not work in that country. SpaceX has never sold or marketed Starlink in Russia, nor has it shipped equipment to locations in Russia.” While Starlink could prevent their service’s use in Russian-occupied territories, the Russian forces could employ methods making it difficult to exclude their terminals. The RNL’s Dr. Humphreys also suggested that “SpaceX may also be hesitant to tightly police the location of Starlinks” according to the Defense One article and that the company may “fear that a mistake in defining the front line could leave Ukraine without Starlink coverage.” For more on the story, visit the original article here.

The aviation industry’s response to recent GPS security concerns

February 2024: The IATA and EASA have reportedly announced steps to “share information about incidents of GPS tampering and make sure pilots and crew can identify when [GPS spoofing] is happening.” During these events, the aircraft will be required to use backup ground technology systems to navigate. The RNL’s Dr. Humphreys is concerned that, while some planes can switch off GPS when being spoofed, other equipment may make it impossible to switch to backups before it is too late. According to Dr. Humphreys, “commercial aircraft can be collateral damage as conflicts escalate and militaries send false GPS signals to try to intercept drones and other aircraft.” There are many applications that rely heavily on GPS, many of which have not accounted for GPS spoofing. While recent events probes the aviation industry’s response to spoofing, other systems have “yet to be tested,” says Dr. Humphreys. For more, access the WSJ article here, or a transcript here.

Call for NATO response to GPS Interference in Europe

February 2024: As members of NATO in Europe face more and more GPS interference, some look to NATO for a response. There have been numerous reports of GPS spoofing and jamming towards recent members like Finland, older members like Poland, and prospective members like Sweden.

These GPS interference events are believed to be conducted by Russia. The RNL’s Zach Clements found that a number of transmitters are involved spread across a wide area. Both jamming for denial of service, as well as spoofing have been observed, with the latter causing commercial aircraft instruments showing them “far from their actual location and flying in a circle”. Clements Clements is reasonably sure about the source of the circle spoofing inside Russia as “[t]he points at which the aircraft began to be impacted by the spoofing and where they regained authentic GPS indicate that the spoofer is somewhere in western Russia. Interestingly, the location the aircraft were spoofed to is a field about a kilometer from Russia’s decommissioned Smolensk military airbase.” Other researchers, like Zixi Liu at Stanford, confirm some of these findings.

For more on the story, visit the article here.

GPS Spoofing of commercial aircraft in parts of Europe

February 2024: Public aircraft tracking databases indicate a recent increase in GPS interference for aircraft operating in the Baltics in the last month. Previously reported disruptions occurred on New Year’s Eve in southeastern Finland, followed by areas in Poland in mid-January. Towards the end of January, more reports of disruptions came in from southern Sweden, northern Poland, Estonia and Latvia.

The RNL’s Zach Clements expressed his confidence that Russia is the source of the spoofing. According to the Forbes article, “a number of transmitters across a large area jammed GPS to deny service and at least one was actively spoofing aircraft in such a fashion that their instruments would indicate they were flying in a circle far from their actual location. [Dana Goward (president of the Resilient Navigation and Timing Foundation)] noted that this kind of “circle spoofing” has been frequently observed with ships. The Holiday incidents were the first time it was reported in aviation. According to Clements, ‘the location the aircraft were spoofed to is a field about a kilometer from Russia’s decommissioned Smolensk military airbase.'” For more on the subject, visit the Forbes article here.

GPS Jamming from Russia in Baltics

January 2024: “Parts of Poland, Lithuania, southern Sweden, and other countries in the Baltic region had an unexpected Christmas present this year. GPS signals were disrupted and not available in many areas on the 25th and 26th of December […] Analyses of the event by graduate students at the University of Texas Radionavigation Laboratory and Stanford University have provided some details and will likely reveal more as time goes by. Zach Clements at U.T. studied the disruption and discovered that it included several transmitters spread across a wide area. Some were simply jamming GPS signals to deny service. At least one transmitter was spoofing aircraft so their instruments would show them far from their actual location.” For more on the story, visit the article here.

The aviation industry is not Prepared for electronic Warfare

January 2024: Airway UM688 has been the likely unintentional target of multiple GPS spoofing events. These events manifest as “suddenly, either the plane will start to turn or you’ll get a whole bunch of warnings: terrain failure, navigation error, position error.” The RNL’s Dr. Todd Humphreys believes that these sort of events are “here to stay,” as “Electronic warfare and small, cheap, attritable drones […] go hand in hand,” especially in the context of the Electronic Warfare observed in Russia’s war in Ukraine.


The complexity of the aviation industry, including aviation regulatory agencies and aircraft operators, make improving the security of the entire system challenging. According to Dr. Humphreys, “the FAA has known about the spoofing threat for over 20 years. Nothing it has done in that time has really addressed the problem. I think it’s disgraceful.” For more on the subject, visit New York Magazine’s The Intelligencer article here.

Mounting reports of GPS spoofing against commercial aircraft

December 2023: Reports of GPS spoofing in commercial aircraft centered near the Middle East have been increasing since September of 2023. According to the RNL’s Zach Clements, “the
research community has long warned the public about something like this.” In fact, the RNL’s Dr. Todd Humphreys displayed the possibility by spoofing a luxury yacht in the Mediterranean a few hundred meters away from its actual position. Clements says “the necessary devices are pretty easy to get […] for less than 500 dollars.” He speculates that these attacks are for deterring drones rather than commercial aircraft. For more details of the story, visit the article here.

1 2 26