Chinese Warships Suspected of Signal-Jamming Passenger Jets

  /     /     /  
Publicated : 23/11/2024   Category : security


Chinese Warships Suspected of Signal-Jamming Passenger Jets


Attackers claiming to be part of the Chinese navy are making calls to commercial Qantas pilots midair, while GPS, comms systems, and altimeter instruments are all experiencing denial of service.



Australias Qantas Airways is warning pilots about ongoing signal interference on VHF communications channels from stations purporting to represent the Chinese military, on commercial flights over the western Pacific Ocean and South China Sea.
The Australian flagship airline also
warned that some flights are experiencing jamming of their GPS
systems, causing denial of service (DoS), in incidents suspected to originate from warships operating off the northwest shelf of Australia.
To boot, this is not the only China-related activity in the world of aviation in the region; on March 2, the International Federation of Air Line Pilots Associations (IFALPA) noted that military warships located in the South China Sea, Philippine Sea, and the Eastern Indian Ocean were placing VHF calls to some passenger flights and military aircraft.
In some cases, the flights were provided vectors to avoid the airspace over the warship,
according to the alert
. We have reason to believe there may be interferences to GNSS and RADALT as well.
GNSS, short for global navigation satellite system, can be used interchangeably with GPS; RADALT stands for radar altimeter, and refers to the instrumentation that pilots use to gauge how far above the ground an airplane is flying.
Though the news seems alarming, Qantas is telling flight crews to carry on with their designated flight plan should they see the unusual activity but to report the interference to the controlling air traffic control (ATC) authority. Meanwhile, a spokesperson told Aviation International News that
Qantas does not consider the activity to be a physical safety threat
.
Ken Munro, a co-founder at Pen Test Partners and a specialist in operational technology (OT) cybersecurity for aviation, says that while the incidents on their face shouldn’t be of immediate concern, thats not to say the activity couldnt become dangerous in the right situation.
GPS is only one of a number of methods for pilots to determine their position, though it is generally the most relied upon, he explains. Inertial reference and radio navigation aids can be used to cross-check position. Indeed, these were the primary methods used prior to the advent of GPS.
He adds, GPS and RADALT jamming are less of a concern when in the cruise at high altitude. However, errors in position or altitude when on approach are another matter, though much harder to intentionally create when near an airport.
Munro notes that jamming can also be concerning if its part of a chain of attack or coincides with other alert-worthy activity that might be going on.
Incidents in the airplane often start with cascade of issues, often with a simple problem starting a chain of events that leads to a more significant problem, he says.
Researchers note that if the perpetrators are the Chinese military, the signal interference could have several motivations.
Its one thing for a warship to ask a commercial airliner to please go around us, and something else entirely to directly interfere with their signals, says Mike Parkin, senior technical engineer at Vulcan Cyber. On many levels, this feels like an extension of the tactics weve seen from
cybersecurity threats originating with Chinese state and state-sponsored groups
. Though this presents more of a potential physical threat, and interfering with commercial air traffic is a much more blatant show of power than a typical cyberattack.
NetRise CEO Tom Pace, a firmware security expert specializing in aviation, cautions that the jamming might be unintentional and that no one should jump to conclusions. It is impossible to state the intention of the Chinese military or even if these actions are purposeful, he says. This could simply be commercial airlines flying through a region in which the Chinese military is operating, or it could be a more active engagement where the Chinese military is seeing what they can get away with.
Mike Hamilton, CISO of Critical Insight, suspects that the activity was triggered by geopolitical events.
This is yet another example of how geopolitical tensions are showing up as cyber events that are directed at infrastructure, he says. I note that the Biden administration just announced a nuclear submarine deal with Britain and Australia, and this is likely the Chinese government expressing its feelings about that deal.
Hamilton notes that the activity points to the need for better OT security in the aviation space.
The constellation of GPS satellites has been
known to be vulnerable
for some time because of our dependence for navigation and time synchronization, he says. This act should be a wake-up call for the administration to take swift action to deploy compensating security controls around GPS before this act becomes commonplace. Longer term, GPS signal integrity controls must be developed and deployed.
NetRises Pace explains that commercial airliners dont have sophisticated anti-jamming technologies like military aircraft, and while planes can be flown manually if need be, a better failsafe for DoS events might be putting resources into identifying weaknesses in communications systems and instrumentation.
The top airline safety concern/challenge regarding the
cybersecurity of that OT environment
is that there is a significant lack of visibility which translates to an inability to identify risk in these environments, he says.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security

▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security

▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Chinese Warships Suspected of Signal-Jamming Passenger Jets