Aircraft Disrupted by Satellite Jamming Following Russian Invasion

Written by

The EU Aviation Safety Agency (EASA) has been forced to issue an alert following reports that aircraft in the region have had to reroute or change destination due to the jamming of navigation satellite signals.

EASA claimed that, since the Russian invasion of Ukraine on February 24, disruption of Global Navigation Satellite Systems (GNSS) has intensified in several regions: Kaliningrad, eastern Finland, the Black Sea and the eastern Mediterranean.

“The effects of GNSS jamming and/or possible spoofing were observed by aircraft in various phases of their flights, in certain cases leading to re-routing or even to change the destination due to the inability to perform a safe landing procedure,” the warning noted.

“Under the present conditions, it is not possible to predict GNSS outages and their effects. The magnitude of the issues generated by such outage would depend upon the extent of the area concerned, on the duration and on the phase of flight of the affected aircraft.”

EASA released a long list of recommended mitigations should aircraft encounter a degradation of GNSS signal in flight.

In related news, the US Cybersecurity and Infrastructure Agency and FBI have issued a warning of possible cyber-threats to satellite communications (satcom) networks, which could ramp up risk for providers and their customers.

“Given the current geopolitical situation, CISA’s Shields Up initiative requests that all organizations significantly lower their threshold for reporting and sharing indications of malicious cyber-activity,” it said.

“CISA and FBI strongly encourages critical infrastructure organizations and other organizations that are either Satcom network providers or customers to review and implement the mitigations outlined in this CSA to strengthen satcom network cybersecurity.”

Network providers should monitor anomalous traffic at ingress and egress points, while both providers and customers should roll out multi-factor authentication and least privilege access policies, the alert recommended.

Other best-practice security measures listed included: strong encryption of communications; regular patching and vulnerability management; configuration management; network log monitoring; and maintenance of comprehensive incident response plans.

What’s hot on Infosecurity Magazine?