The Indian Government has confirmed that seven major airports across the country were targeted by cyber-attacks involving GPS spoofing and GNSS interference. Source
Airports in Delhi, Mumbai, Kolkata, Hyderabad, and Bengaluru reported navigation disruptions, but flight operations continued without interruption thanks to contingency protocols and ground-based fallback systems. These incidents highlight a growing cybersecurity concern for India’s civil aviation sector and reinforce the urgent need for stronger risk quantification, continuous monitoring, and resilience frameworks to protect critical infrastructure.
What is GPS Spoofing?
GPS spoofing is a cyber-threat where fake satellite signals are broadcast to deceive the GPS receivers on aircraft or navigation systems. Instead of merely blocking the signal (as in jamming), spoofing feeds wrong coordinates and timing data misleading the receiver into believing it is somewhere else.Â
This kind of interference undermines the reliability of satellite-based navigation (GNSS), which is central to modern flight approaches and landings especially when using GPS-based procedures.
What Exactly Happened at Indian Airports
According to the latest government disclosure:
Multiple aircraft approaching Indira Gandhi International Airport (IGIA), New Delhi, reported GPS spoofing while using GPS-based landing procedures on Runway 10.
Similar interference or cyber-attack incidents were reported near other major airports including those in Mumbai, Kolkata, Hyderabad and Bengaluru. On detection, air traffic control and flight operations switched to contingency protocols relying on conventional ground-based navigation aids instead of GPS.Â
According to the government, despite the spoofing, there was no disruption to flights takeoffs and landings continued with safety intact.
Why This Matters: Risks to Aviation & Critical Infrastructure
Erosion of trust in satellite-based navigation systems: As aviation increasingly relies on GNSS (GPS and other global navigation systems), spoofing makes aircraft vulnerable to misleading signals potentially risking safety if not handled properly.
Growing cyber-security threat surface: Airports and flight operations are critical national infrastructure. Cyber-attacks whether spoofing, GNSS interference, or other forms can have wide implications beyond just flights (surveillance, logistics, national security).
Need for robust contingency and risk-management frameworks: The events underline the urgency for air authorities to integrate cyber risk quantification, detection, and mitigation mechanisms to ensure resilience if GNSS-based systems are compromised.
Regulatory and oversight attention: As GNSS interference becomes a reality, regulators and aviation bodies will likely enhance guidelines, monitoring, and reporting requirements.
What Was Done: Response & Mitigation
The Ministry of Civil Aviation (MoCA) confirmed the spoofing incidents to the parliament, following questions raised in the Rajya Sabha.
Contingency protocols were automatically invoked: flights switched from GPS-based landing procedures to conventional navigational aids / fallback systems on alternate runways or navigation infrastructure.Â
The Airports Authority of India (AAI), along with the Wireless Monitoring Organisation (WMO), has been asked to identify the possible source of interference or spoofing to investigate and prevent recurrence.
What’s Next: What Stakeholders Should Watch
For Aviation Authorities & Regulators: This incident should prompt a review of GNSS-based navigation dependency. It’s important to maintain and upgrade ground-based navigation infrastructure as failsafe systems.
For Cybersecurity Professionals & Risk Analysts: The events underscore the critical need to treat aviation navigation as a vulnerable cyber-physical asset. Risk quantification including cyber threat vectors like spoofing needs to be integrated into aviation security audits.
For Airlines & Operators: Airlines should account for potential GNSS interference in their Standard Operating Procedures (SOPs). Maintaining readiness to switch to alternate navigation modalities is key.
For the Public & Travelers: While there was no disruption now, awareness is important. Passengers may see increased safety protocols, checks, or occasional delays while authorities adapt to such threats.
How This Connects to Cyber Risk Quantification & What Firms Should Learn
As a firm operating in cybersecurity, this incident is a strong example of how traditional cyber risk boundaries are expanding beyond networks and servers into physical infrastructure and safety-critical systems. It shows why cyber risk quantification must incorporate:
GNSS / satellite-based threat vectors when evaluating critical infrastructure
Redundancy and resilience frameworks fallback navigation, monitoring, detection systems
Audit trails and real-time monitoring to detect spoofing or interference, rather than just perimeter defense
This incident shows that cyber risk now extends beyond networks and servers into critical physical infrastructure.
It highlights the need for modern cyber risk quantification to factor in satellite-based threats, resilience frameworks, and continuous monitoring that can detect interference in real time. Organizations need visibility beyond perimeter controls to understand how these emerging risks translate into real business impact.
How Zeron Helps Strengthen Cyber Resilience
Incidents like GPS spoofing and coordinated cyber-attacks show that organizations need more than reactive controls; they need quantified clarity.
Zeron enables organizations to understand their true cyber exposure by turning technical risks into measurable business impact.
With Cyber Navigator, teams get a unified view of their environment, potential weaknesses, and risk drivers that could be exploited during a cyber incident. Our Cyber Risk Quantification model brings this insight into business context by calculating CVaR, highlighting potential operational and financial disruption, and helping leadership prioritize what matters most.
Zeron empowers organizations with continuous monitoring, informed decision-making, and evidence-driven readiness so that emerging threats never escalate into business-impacting events.
Ready to Strengthen Your Cyber Resilience?
Get a clear, quantified view of your organization’s cyber exposure and understand the risks that truly matter.
Click the button below to connect with our experts.
