Global Navigation Satellite System (GNSS) spoofing is a cyberattack when someone tries to trick navigation systems by giving false information about a plane’s position, speed, or time. Unlike jamming, which overwhelms the GPS signal with noise, spoofing provides fake but believable data. This can mislead aircraft into thinking they are somewhere they are not.
GPS spoofing can seriously endanger flights by causing errors in route or altitude. However, Naidu told the Parliament that these signals did not affect flight movements. This was mainly because India had already deployed conventional navigational aids. He added that similar interference reports had come from Kolkata, Amritsar, Mumbai, Hyderabad, Bengaluru and Chennai airports.
To strengthen safety, Naidu said advanced cybersecurity measures for IT networks and infrastructure were also being implemented. The Union Minister’s remarks follow after over 400 flights at Delhi’s IGIA were delayed last month due to a technical snag in the air traffic control system.
Airports Authority of India cybersecurity rating report: https://www.rankiteo.com/company/airportsauthorityofindia
"id": "AIR1764676805",
"linkid": "airportsauthorityofindia",
"type": "Cyber Attack",
"date": "11/2025",
"severity": "100",
"impact": "7",
"explanation": "Attack that could injure or kill people"{'affected_entities': [{'customers_affected': '400+ flights '
'delayed',
'industry': 'Aviation',
'location': 'Delhi, India',
'name': 'Indira Gandhi International '
'Airport (IGIA), Delhi',
'size': None,
'type': 'Airport'},
{'customers_affected': None,
'industry': 'Aviation',
'location': 'Kolkata, India',
'name': 'Netaji Subhas Chandra Bose '
'International Airport, Kolkata',
'size': None,
'type': 'Airport'},
{'customers_affected': None,
'industry': 'Aviation',
'location': 'Amritsar, India',
'name': 'Sri Guru Ram Dass Jee '
'International Airport, Amritsar',
'size': None,
'type': 'Airport'},
{'customers_affected': None,
'industry': 'Aviation',
'location': 'Mumbai, India',
'name': 'Chhatrapati Shivaji Maharaj '
'International Airport, Mumbai',
'size': None,
'type': 'Airport'},
{'customers_affected': None,
'industry': 'Aviation',
'location': 'Hyderabad, India',
'name': 'Rajiv Gandhi International '
'Airport, Hyderabad',
'size': None,
'type': 'Airport'},
{'customers_affected': None,
'industry': 'Aviation',
'location': 'Bengaluru, India',
'name': 'Kempegowda International '
'Airport, Bengaluru',
'size': None,
'type': 'Airport'},
{'customers_affected': None,
'industry': 'Aviation',
'location': 'Chennai, India',
'name': 'Chennai International Airport',
'size': None,
'type': 'Airport'}],
'attack_vector': 'GNSS signal manipulation (spoofing)',
'data_breach': {'data_encryption': None,
'data_exfiltration': None,
'file_types_exposed': None,
'number_of_records_exposed': None,
'personally_identifiable_information': None,
'sensitivity_of_data': None,
'type_of_data_compromised': None},
'description': 'Global Navigation Satellite System (GNSS) '
'spoofing attacks were detected at several Indian '
'airports, including Delhi, Kolkata, Amritsar, '
'Mumbai, Hyderabad, Bengaluru, and Chennai. The '
'attacks involved false GPS signals tricking '
'navigation systems by providing misleading data '
'about aircraft position, speed, or time. While '
'the spoofing did not disrupt flight movements '
'due to the use of conventional navigational '
'aids, over 400 flights at Delhi’s Indira Gandhi '
'International Airport (IGIA) were delayed in a '
'separate incident due to a technical snag in the '
'air traffic control system. Advanced '
'cybersecurity measures are being implemented to '
'mitigate risks.',
'impact': {'brand_reputation_impact': 'Potential erosion of '
'trust in aviation '
'cybersecurity',
'conversion_rate_impact': None,
'customer_complaints': None,
'data_compromised': None,
'downtime': 'Over 400 flights delayed (Delhi IGIA due '
'to ATC technical snag)',
'financial_loss': None,
'identity_theft_risk': None,
'legal_liabilities': None,
'operational_impact': 'Flight delays (Delhi IGIA); '
'potential navigation errors '
'(mitigated by conventional '
'aids)',
'payment_information_risk': None,
'revenue_loss': None,
'systems_affected': ['GNSS navigation systems',
'air traffic control (ATC) '
'systems (Delhi IGIA)']},
'initial_access_broker': {'backdoors_established': None,
'data_sold_on_dark_web': None,
'entry_point': None,
'high_value_targets': 'GNSS signals '
'for aviation '
'navigation',
'reconnaissance_period': None},
'investigation_status': 'Ongoing (cybersecurity measures being '
'implemented)',
'lessons_learned': 'GNSS spoofing poses significant risks to '
'aviation safety, but conventional '
'navigational aids can serve as critical '
'backups. Proactive cybersecurity measures '
'are essential to protect against emerging '
'threats in air traffic management systems.',
'post_incident_analysis': {'corrective_actions': ['Deployment of '
'advanced '
'cybersecurity '
'measures for '
'IT networks',
'Leveraging '
'conventional '
'navigational '
'aids as '
'backup'],
'root_causes': ['Vulnerability of '
'GNSS signals to '
'spoofing attacks',
'Technical snag in '
'air traffic control '
'systems (Delhi '
'IGIA)']},
'ransomware': {'data_encryption': None,
'data_exfiltration': None,
'ransom_demanded': None,
'ransom_paid': None,
'ransomware_strain': None},
'recommendations': ['Enhance GNSS spoofing detection and '
'mitigation capabilities',
'Strengthen redundancy in navigation systems '
'(e.g., inertial navigation, ground-based '
'aids)',
'Implement real-time monitoring for '
'anomalous GPS signals',
'Conduct regular cybersecurity audits for '
'aviation infrastructure',
'Collaborate with international bodies '
'(e.g., ICAO) to share threat intelligence '
'on GNSS spoofing'],
'references': [{'date_accessed': None,
'source': 'Indian Parliament Statement by Union '
'Minister (Naidu)',
'url': None}],
'regulatory_compliance': {'fines_imposed': None,
'legal_actions': None,
'regulations_violated': None,
'regulatory_notifications': None},
'response': {'adaptive_behavioral_waf': None,
'communication_strategy': 'Public disclosure by '
'Union Minister '
'(Parliament statement)',
'containment_measures': 'Use of conventional '
'navigational aids to '
'mitigate spoofing impact',
'enhanced_monitoring': 'Advanced cybersecurity '
'measures (planned/ongoing)',
'incident_response_plan_activated': None,
'law_enforcement_notified': None,
'network_segmentation': None,
'on_demand_scrubbing_services': None,
'recovery_measures': None,
'remediation_measures': 'Implementation of advanced '
'cybersecurity measures for '
'IT networks and '
'infrastructure',
'third_party_assistance': None},
'title': 'GNSS Spoofing Incidents at Multiple Indian Airports',
'type': ['GNSS spoofing',
'technical snag (air traffic control system)'],
'vulnerability_exploited': 'Dependence on GPS/GNSS signals for '
'navigation; lack of '
'spoofing-resistant safeguards'}