Hackers Attack Air Traffic Control

By
David Morgan
January 7, 2006, 9:44 AM ET
3 min read

Aug. 29, 2000 -- A different kind of hijacking is taking place in the skies.

Britain’s Civil Aviation Authority has issued a safety alert about a new threat to air passengers: hackers taking over air traffic control transmissions and giving pilots bogus orders.

The number of incidents in which radio hackers have broken into frequencies used by British air traffic controllers and given false instructions to pilots, or broadcasted fake distress calls, are on an alarming rise. There were three such incidents there in 1998, 18 last year, and now, so far this year, 20.

Fortunately in all those cases, pilots ascertained that the directions given them were fake. But had they not done so, their lives and those of their passengers could have been placed in serious jeopardy.

The problem is not unique to the U.K.

In the United States, there have been fewer reported incidents involving falsified radio transmissions, but the threat is still real.

In April of last year, the pilot of a USAir flight approaching Washington’s Reagan National Airport was instructed to divert his landing by an unknown voice breaking into his frequency, causing confusion for himself and for two other planes in position to land.

Unauthorized Use Not Infrequent

“From time to time we have had unauthorized people use frequencies used by air traffic controllers to issue incorrect instructions,” said FAA spokesman Jim Peters, citing as example “ghost transmissions” at Kennedy Airport in New York City.

Unfortunately, according to the FAA, there is no technology available to block or filter broadcasts by unauthorized persons on these frequencies.

Britain’s aviation authority does not consider the problem a major safety issue because pilots are required to read back instructions to controllers, who can recognize if conflicting information has been given. Radio hackers also often use incorrect terminology, which tips off pilots, the authority added.

In one incident last month, the Sunday Times of London reported that a plane landing at East Midlands Airport was given bogus instructions by a hacker.

The real air traffic controllers did not hear the hacker’s transmission and were alerted only when they heard the plane’s crew speaking to someone else, the newspaper said. Realizing the aircraft could be in danger, a controller issued the frantic instruction “Respond to my voice only!” A criminal investigation has been launched.

Taking it Seriously

Richard Dawson, president of the U.K.’s Guild of Air Traffic Controllers, warned of future trouble caused by air traffic hackers.

“This is a criminal act which could ultimately result in a serious accident,” Dawson said. “The problem is that the people making these spurious calls are mobile and can be very difficult to trace.”

The portable transmitters used by the hackers are supposed to be operated only with a license, but they can be bought by mail-order for as little as $450.

“This is clearly a safety concern, and there need to be stricter controls on the sale of this equipment,” said Carolyn Evans, technical secretary of the British Airline Pilots’ Association.

Last December, a radio transmitter stolen from Edinburgh Airport was used to give false commands to pilots. Also last year, a ham radio operator was found to have been issuing false instructions to pilots at Manchester Airport. As of yet there have been no successful prosecutions in the U.K. in air traffic hacking cases.

In the United States, interfering with air traffic control navigation is punishable by up to five years in prison.

The Associated Press contributed to this report.