Blog Editor’s Note: Normally we report about jamming and spoofing. But GPS receivers are really computers with radio receivers attached. So we have to also worry about more conventional cyber security issues.
This event had a big impact on aviation, even though FAA certified receivers were not impacted. Just goes to show how many of our services depend upon unprotected and un-augmented GPS.
In late July, hackers launched a ransomware attack against the navigation and fitness giant Garmin. It took down Garmin Connect, the cloud platform that syncs user activity data, as well as large chunks of Garmin.com. The company’s email systems and customer call centers were knocked out, as well. In addition to athletes, fitness buffs, and other regular customers, airplane pilots who use Garmin products for position, navigation, and timing services also dealt with disruption. The flyGarmin and Garmin Pilot apps both had days-long outages, which impacted some Garmin hardware used in planes, like flight-planning tools and updates for required FAA aeronautical databases. Some reports indicate that Garmin’s ActiveCaptain maritime app also suffered outages. The incident underscored how exposed internet-of-things devices are to systemic failures. It’s bad enough if your GPS-equipped, activity-tracking watch stops working. When you have to ground planes over instrument issues caused by a ransomware attack, it’s very clear how tenuous these interconnections can be.