THE PROLIFERATION OF JAMMING AND SPOOFING AGAINST COMMERCIAL AIRCRAFT IN TENSE AREA AND THE LACK OF CONSIDERATION FROM INTERNATIONAL LAW

“Decisions made by a pilot in the course of manual navigation due to Global Navigation Satellite Systems signal outage or degradation caused by jamming could lead to a collision” .

Reading this quote in an article can give you the chills given the number of commercial flights that have fallen victim to cyber-attacks. A growing number of pilots have reported jamming or spoofing during their flights. Jamming is when a signal is blocked or interrupted, preventing communication between a receiver and a satellite. In contrast, spoofing, refers to the mimicking of the characteristics of a true signal so that the user receives the counterfeit (spoofed) signal instead of the real one. Jamming or spoofing can lead to a partial or complete loss of positioning, navigation, and timing (PNT) information, causing discrepancies in time, position, or direction, which ultimately reduces accuracy. For instance, in October 2018, just days before NATO's largest military exercise since the Cold War, Trident Juncture, Norway warned commercial pilots about severe disturbances in GPS signals, suggesting possible Russian involvement. However, it is particularly since the recent conflicts between Ukraine and Russia, and the new confrontations between Palestine and Israel, that commercial aircraft have been victims of hostile cyber operations.

To comprehensively assess these emerging security threats, it is essential to examine the factors that jeopardize the security of Global Navigation Satellite Systems, alongside the insufficient attention afforded to these issues within the framework of international law.

I/ CYBERSECURITY THREATS JEOPARDIZING GLOBAL NAVIGATION SATELLITE SYSTEMS OF CIVIL AIRCRAFT

In a circular issued in 2022, the International Telecommunication Union (ITU) reported over 10,000 instances of aviation-related satellite navigation interference recorded in 2021, warning against the use of devices known as GNSS jammers or any other illegal interfering equipment that could cause harmful interference to aircraft, as prohibited under provision No. 15.1 of the Radio Regulations.

Henceforth, commercial aircraft operating in the Middle East and Northern Europe have increasingly become victims of jamming and spoofing of their navigation and communication systems, heightening risks associated with air travel. In August 2023, pilots reported that their onboard navigation systems were compromised by strong GPS spoofing signals while traveling in the Middle East, resulting in a complete loss of navigation capabilities and forcing crews to rely solely on verbal directions from air traffic controllers. While GPS jamming is a common occurrence in war zones and around sensitive military sites to thwart drone or missile strikes, spoofing presents a more dangerous situation; false signals broadcast can lead an aircraft’s electronic equipment to calculate incorrect positions and provide erroneous guidance without the pilots’ knowledge, potentially affecting the plane’s inertial reference system. Reports have indicated that since August 2023, GPS spoofing signals have been sufficiently strong to override aircraft systems, rendering the inertial reference system unusable within minutes and mm

resulting in the complete loss of navigation capability.

On top of that, some pilots have specifically noted spoofing incidents near Tehran, Iran, with the frequency of such events escalating following the outbreak of the Gaza conflict. Experts suggest these actions may be part of efforts by the Israeli Defense Forces to prevent missile attacks from Iran-backed militia groups like Hezbollah. Meanwhile, countries in Northern Europe have also seen disruptions in GPS signals, particularly since the onset of the war in Ukraine, with Latvia’s Electronic Communications Office stating that such disruptions significantly worsen aviation safety. General Martin Herem, commander of the Estonian Defense Forces, posited that Russia may be testing its jamming capabilities in anticipation of future conflicts with NATO.

Although experts contend that the immediate risks of GNSS spoofing leading to aircraft crashes are relatively low due to pilot awareness and fail-safe aircraft systems, the potential for geopolitical miscalculations remains high. For instance, a scenario could arise where an aircraft inadvertently flies into Iranian airspace due to spoofing and is subsequently shot down. Furthermore, on April 30, 2024, Estonia accused Russia of jamming GPS navigation devices in Baltic airspace, highlighting an increase in GPS disturbances since 2023 and raising alarms about potential plane accidents. Jamming involves using frequency-transmitting devices to block or interfere with radio communications, while spoofing may involve military forces broadcasting false GPS signals to hinder enemy aircraft or drones. A significant challenge for commercial aviation is that false signals can confuse pilots and air traffic control by displaying incorrect times or coordinates without warning.

In December 2023, the aviation advisory body OPSGROUP flagged a surge in spoofing affecting both private and commercial jets around the Middle East, including Iraq, Iran, Israel, and the Black Sea [4]. Regions where Russian military activity is heightened, such as the Baltic Sea, the Black Sea, and the Eastern Mediterranean, have also seen increased disruptions. For instance, Finnair suspended daily flights to Tartu, Estonia, for a month following two aircraft returning to Helsinki due to GPS interference, with Estonia's Foreign Minister Margus Tsahkna attributing the interference to Russian actions, stating, “the source of interference is Russia.” He emphasized that such jamming is a violation of international agreements and poses a danger to civilian aircraft [5].

Dana Goward, president of the U.S.-based Resilient Navigation and Timing Foundation, remarked that the removal of GPS signals inevitably reduces aviation system efficiency and safety, as modern systems are heavily reliant on precise GPS data. Reports have increasingly identified Russia as a source of GNSS interference in the Baltic region, particularly in support of its invasion of Ukraine, raising concerns about the safety of thousands of commercial aircraft. On December 25 and 26, 2023, northern Poland and southern Sweden were affected by GPS interference, followed by reports of disruptions in southeastern Finland. These incidents continued into January 2024, with Estonia and Latvia also impacted by hostile cyber operations. Since mid- December 2023, Ukraine has reported that the Russian Baltic Fleet has conducted exercises involving the electronic warfare system Borisoglebsk- 2 in the Kaliningrad Oblast, a strategically important area for Russia, housing military installations and serving as a counterbalance to NATO activities in the region. The Suwalki Gap, a vital corridor in Poland bordering Lithuania and leading to Belarus, has also faced interference, impacting the sovereignty and infrastructure of NATO member states.

Thus, the interplay of electronic warfare tactics, geopolitical tensions, and the vulnerabilities of civil aviation systems underscores a critical area of concern in ensuring the safety and reliability of air travel in contested regions. Even if deliberate interference with GPS and other satellite signals violates international regulations established by all member states of the UN’s ITU, the international law is struggling to clearly consider these cyber-attacks.

II/ THE LACK OF CONSIDERATION GIVEN BY INTERNATIONAL LAW REGARDING THIS PROBLEMATIC

The applicability of international law to hostile cyber operations targeting Global Navigation Satellite Systems predominantly intersects with international telecommunications law, particularly the framework established by the ITU, as well as the international legal principles governing the prevention of war (ius contra bellum). The ITU legal framework specifically prohibits harmful interference with the radio or communications of member states, distinguishing between intentional and unintentional interference. Through the ITU and other competent international organizations, diplomatic interventions can be employed to increase pressure on states engaging in harmful interference to comply with their international obligations. However, it is crucial to note that these regulations primarily address telecommunications-related interference, potentially limiting their effectiveness against cyber operations targeting GNSS.

On the broader spectrum of international law concerning the prevention of war, hostile cyber operations against GNSS may be perceived as threats or uses of force under Article 4 of the United Nations (UN) Charter, thereby entitling the affected state to take countermeasures. The International Court of Justice (ICJ) clarified in the Legality of the Threat or Use of Nuclear Weapons case that rules governing the use of force apply universally, irrespective of the means employed, which can extend to cyber operations. The Tallinn Manual, prepared by experts at the NATO Cooperative Cyber Defense Centre of Excellence, further delineates that a cyber operation constitutes a use of force when its scale and effects align with those of non-cyber operations of comparable magnitude. Key factors to consider in assessing whether a cyber operation qualifies as a use of force include severity, immediacy, directness, invasiveness, measurability of m

effects, military character, state involvement, and presumptive legality.

In specific circumstances, hostile cyber operations may escalate to the level of an armed attack, enabling states to invoke their right to self-defense as stipulated in Article 51 of the UN Charter. The ICJ, in the Military and Paramilitary Activities in Nicaragua case, established that an armed attack represents the gravest forms of the use of force, necessitating considerable magnitude and intensity, along with substantial destruction to essential elements of the target state. Consequently, for cyber operations against GNSS to be classified as armed attacks, they must exhibit significant intensity and result in considerable destruction to the state. However, the right to self-defense is tempered by the principle of proportionality, which restricts responses to actions necessary to cease the armed attack.

If a hostile cyber operation does not meet the criteria for an armed attack, states may still employ countermeasures, which are permissible responses to threats or uses of force, harmful interference, or breaches of international obligations. Countermeasures may involve acts or omissions that, while initially violating international law, aim to compel the responsible state to cease its violations.

Furthermore, actions taken by the affected state may invoke the plea of necessity, which allows states to respond to severe and imminent threats to essential interests, as defined by the International Law Commission in the Draft Articles on Responsibility of States for Internationally Wrongful Acts. The plea of necessity does not require attribution of the peril to another state and encompasses actions taken to safeguard essential interests against grave and imminent perils.

Should a cyber operation be recognized as a threat to peace, a breach of the peace, or an act of aggression, the UN Security Council (UNSC) may authorize collective actions. The UNSC retains the authority to take collective action in response to hostile cyber operations perceived as threats to international peace and security. Additionally, the International Civil Aviation Organization (ICAO) has endorsed recommendations aimed at assisting states in mitigating GNSS vulnerabilities, emphasizing the necessity for member states to develop mechanisms with the ITU and other UN bodies to address harmful interference of GNSS signals.

The potential ramifications of cyber operations against GNSS are profound, as they may mirror the threshold of non- cyber operations qualifying as uses of force. However, the challenge of identifying perpetrators complicates matters; even when damage arises from a cyber operation, establishing a direct link between the damage and the cyber act can be arduous. Although there may be rare instances where the effects of a cyber operation cross the threshold of an armed attack, most operations result in temporary, geographically limited disruptions of non-essential services, precluding classification as armed attacks. Nevertheless, states retain the option to implement countermeasures to compel responsible states to adhere to international obligations following unsuccessful negotiations. In cases where a hostile cyber operation is executed by a non-state actor, attribution to a state becomes problematic, precluding the use of countermeasures. However, the affected state may still invoke the plea of necessity if the operation poses a grave and imminent threat to its essential interests, which could encompass risks to national security, economic stability, public health, safety, or the environment.

Despite the availability of these legal frameworks to address jamming or spoofing of GNSS for commercial air traffic, a significant gap persists in international legislation regulating hostile cyber operations in the commercial aviation sector. The effectiveness of laws governing the prevention of war hinges on the specific effects of hostile cyber operations, rendering their application inconsistent across various scenarios. Countermeasures and the plea of necessity are limited to interactions between states and must safeguard essential interests. Recent developments, including a surge in GPS jamming and spoofing incidents, underscore the urgent need for comprehensive international legislation to address hostile cyber operations. The civil aviation sector has recognized the necessity for protective measures against such operations, prompting initiatives such as a January 2024 meeting in Germany organized by the International Air Transport Association and European regulators.

Technological advancements have led to the creation of anti-jamming systems, such as Mayflower Communications Company’s NavGuard Anti-Jam Systems. Additionally, regional dynamics in the Middle East have seen Russia assisting Iran and Syria in enhancing their electronic warfare capabilities, which has prompted Israel Aerospace Industries to develop advanced anti-jamming technologies to ensure consistent GNSS availability.

The ICAO's annexes to the Chicago Convention of 1944, particularly Annex 17, address standards for air traffic services and safeguarding international civil aviation against unlawful interference, which may encompass hostile cyber operations such as jamming and spoofing. The 2010 Convention on the Suppression of Unlawful Acts Relating to International Civil Aviation criminalizes actions threatening civil aviation safety but does not explicitly address jamming and spoofing. Thus, while the ICAO has established frameworks addressing interference in civil aviation operations, the absence of dedicated instruments to tackle jamming and spoofing by states signifies a critical gap in international law. The current legal landscape necessitates urgent action to formulate new legislation that effectively addresses the complexities and challenges posed by hostile cyber operations against GNSS, particularly as the frequency and sophistication of such operations continue to escalate.