At the recent Air Transport IT Summit in Budapest, SITA Director of Cyber Security Vivien Eberhardt estimated that more than 60% of cyber attacks on aviation target critical assets. The most common targets were entire IT systems, airport websites, traffic control, and navigation systems and airline websites.
Navigation and traffic control systems were subject to 12% of attacks, Eberhardt reported. In this category, there are few more critical assets than the GPS systems that airlines now depend on for navigation and that air traffic managers will soon depend on for traffic control.
And these systems appear vulnerable to cyber attacks. For example, authorities at Manila airport report that over three months carriers experienced more than 50 incidences of GPS interference. The affected flights lost satellite position reception, and aircraft needed to go around and re-approach runways with back-up navigation. Further, crews could not report aircraft positions accurately.
No one really knows whether any or how many of these incidents were the result of cyber attacks or other causes. Yonatan Zur, CEO of Regulus Cyber, says “it is very hard to locate and identify attacks on the Global Navigation Satellite System, making them a very good tool for terrorists, hackers and others . . . sometimes you can be under such attacks for days without being able to pinpoint the source.”
One reason: GPS spoofing and jamming have been around for years, but in the last couple of years the technologies required to make such attacks have evolved dramatically, mainly from software-defined radios and open-source spoofing software. And jammers have become a commodity, costing just $30.
Zur says that, unlike Internet-based attacks, spoofing and jamming GPS do not require technical knowledge, except for smart spoofing for which instructions are widely available. And these attacks are very hard to trace. This makes GPS a very tempting target, with both denials of service and smart attacks possible.
Meanwhile, common GPS technologies were designed in the 1980s with little thought for security, except in defense. Zur says GPS receivers that can counter modern spoofing and jamming are expensive and large, based on beamforming technology with high-end, expensive components. This technology uses expensive arrays of antennas, and each antenna element requires a heavy front end.
So his firm has developed a much smaller and less expensive tool, Pyramid GNSS, to detect, report and mitigate spoofing and jamming. The first version is made from commercial-off-the-shelf components, but yields extremely high detection rates for even sophisticated, multiple-spoof attacks, according to Zur. Pyramid GNSS is also lighter than conventional defenses.
This first version of the Pyramid was designed for the aftermarket. A second version will provide even better performance as a line fit for new aircraft.
*This article was originally published on MRO-Network, Oct 24, 2018.