In December last year, pilots approaching several major Indian airports reported something unsettling: their navigation systems showed valid GPS signals - but incorrect positions.
This wasn’t a routine outage or signal loss. It was GPS spoofing.
Airports affected included Delhi, Mumbai, Bengaluru, Hyderabad, and Kolkata. In Delhi’s case, the anomaly appeared concentrated near Runway 10/28 at IGI Airport, a runway recently upgraded to CAT III capability for low-visibility operations.
What makes this incident important isn’t just that it happened - it’s what it tells us about modern aviation’s trust model.
If you want the full detailed breakdown - including unreported technical insights - check out the Full blog
Spoofing vs jamming (why this matters)
Most people are familiar with GPS jamming: signals disappear, receivers complain, pilots know something is wrong.
Spoofing is more dangerous.
In spoofing:
- Signals look legitimate
- Timing and structure appear valid
- Receivers continue operating normally - just with wrong data
That means automation doesn’t necessarily disengage, and warnings may not trigger immediately.
Why CAT III runways raise the stakes
CAT III Instrument Landing Systems (ILS) allow aircraft to land with almost no external visual reference. During fog, pilots rely almost entirely on instruments.
ILS provides:
- Localizer (horizontal guidance)
- Glide slope (vertical guidance)
If GNSS is degraded, crews normally cross-check with ILS. But if both are compromised, redundancy collapses at the worst possible moment - during approach.
Yes, ILS can be manipulated
ILS is radio-based and not cryptographically authenticated. In theory (and in controlled tests), it can be interfered with in multiple ways:
- Overshadowing: a stronger fake signal replaces the real one
- Single-tone interference: corrupts lateral or vertical deviation calculations
- Adaptive offsetting: slowly nudges guidance off course without abrupt alarms
These aren’t “script-kiddie” techniques - but they’re well understood in RF research circles.
The dangerous scenario: dual-system spoofing
If GPS and ILS are spoofed simultaneously:
- Cross-checks fail
- Automation trusts corrupted inputs
- False alerts may overwhelm real ones
- Situational awareness degrades rapidly
In low visibility, that combination can escalate toward CFIT (Controlled Flight Into Terrain) risk — not because systems fail loudly, but because they fail quietly.
Operational impact goes beyond the cockpit
This isn’t just a pilot problem.
- ATC systems rely on ADS-B and radar fusion; corrupted position data creates uncertainty
- Traffic flow degrades quickly due to go-arounds and diversions
- Fuel margins shrink, especially during weather disruptions
- Multi-airport impact compounds chaos exponentially
Navigation trust is a shared dependency across the entire airspace.
Who would attempt this?
Given the coordination and technical depth, likely actors are limited:
- State-linked threat groups testing infrastructure resilience
- Proxy groups using commercially available spoofing equipment
- Actors conducting dry runs rather than seeking immediate destruction
The lack of public claims suggests this wasn’t about attention - it was about capability assessment.
The uncomfortable takeaway
Aviation increasingly assumes that navigation data is honest by default.
That assumption is no longer safe.
GNSS, ILS, ADS-B - all were designed for reliability, not adversarial environments. As automation increases, the cost of silent manipulation rises.
The question isn’t if spoofing will happen again - it’s whether systems will detect it before humans are forced to react at the edge of safety margins.
Over to you
For those working in:
- RF engineering
- avionics software
- safety-critical systems
- cyber-physical security
What do you think is the weakest link right now - signal integrity, system fusion, or human-machine trust?
Let’s discuss.
Top comments (0)