India’s Airports Hit by GPS Spoofing Cyberattacks
What Happened, Why It Matters, and The Bigger Threat Ahead
In a major cybersecurity revelation, the Indian government has officially confirmed that seven major airports were targeted by coordinated cyberattacks involving GPS spoofing — a sophisticated technique used to manipulate satellite-based navigation systems.
Although no flights were cancelled, the incidents have exposed a deeper vulnerability in India’s aviation infrastructure.
Timeline of the Cyberattacks (October – December 2025)
Late October 2025
- First cluster of GPS spoofing incidents reported near Delhi IGI Airport.
- Pilots approaching Runway 10 received false location and altitude data.
Early November 2025
- New spoofing events detected at Mumbai, Bengaluru, Kolkata, Hyderabad, Chennai, and Amritsar.
- Airlines submitted multiple anomaly and safety reports.
10 November 2025
- DGCA issues emergency SOP:
- Pilots and ATC must report GPS interference within 10 minutes.
Mid–Late November 2025
- Interference continues across multiple airports.
- AAI alerts WMO to track suspected spoofing signal sources.
1 December 2025
- Union Aviation Minister confirms in Parliament:
- Seven airports were targeted
- Interference occurred in October & November 2025
- Multi-agency investigation underway
What Exactly Happened?
Between October and November 2025, aviation systems detected multiple false GPS signals near major Indian airports.
The most severe incident occurred at IGI Airport, Delhi, where aircraft on approach reported:
- Incorrect positional coordinates
- Wrong altitude readings
- False terrain-warning and flight-path alerts
- Navigation drifting several nautical miles off-course
These were confirmed as deliberate GPS spoofing attacks rather than technical malfunction.
Airports Affected
The government confirmed cyber interference at:
- Delhi (IGI Airport)
- Mumbai Airport
- Bengaluru Airport
- Kolkata Airport
- Hyderabad Airport
- Chennai Airport
- Amritsar Airport
What Is GPS Spoofing and Why Is It Dangerous?
GPS spoofing involves transmitting fake satellite signals to deceive navigation systems.
For aircraft, this can cause:
- Wrong flight-path alignment
- Incorrect altitude or terrain data
- Disrupted landing guidance
- False cockpit warnings
This makes landing approaches, the most sensitive phase of flight, particularly vulnerable.
Was Safety Compromised?
Despite the attacks, no diversions or cancellations occurred.
India maintains a Minimum Operating Network (MON) — traditional ground-based navigation like:
- ILS (Instrument Landing System)
- VOR
- DME
These systems acted as a safety net and prevented any serious incidents.
Government Response
DGCA’s 10-Minute Rule
Mandatory reporting of GPS interference.
AAI–WMO Investigation
Technical teams deployed to detect, trace, and neutralize spoofed signals.
Strengthened Ground Navigation
Airports emphasized reliance on ILS and other traditional systems.
National Cybersecurity Review
A systematic evaluation of aviation cybersecurity and satellite signal resilience.
Why This Matters Globally
The attacks highlight a growing global concern:
Modern aviation is highly vulnerable to satellite signal manipulation.
India’s experience shows that:
- GPS spoofing is increasingly becoming a tool of modern cyberwarfare
- Airport approaches are high-value targets
- Aviation systems require stronger signal authentication and resilience
Final Thoughts
The GPS spoofing attacks on India’s airports are a major wake-up call.
While traditional navigation systems prevented a disaster, the incidents reveal critical vulnerabilities in satellite-dependent aviation.
Strengthening cybersecurity, real-time monitoring, and identifying the perpetrators must now be national priorities.