GPS Spoofing and the ADS-B Vulnerability That Puts Phantom Aircraft on Controller Screens

GPS spoofing is generating phantom aircraft on ATC screens and false TCAS advisories - here's how the vulnerability works and what pilots need to know.

Aviation Technology Analyst

Aircraft showing up on radar where they don’t actually exist. TAWS alerts firing at cruise altitude over open desert. TCAS resolution advisories computed from phantom traffic. These aren’t hypothetical failure modes - they’re documented operational events, and they trace back to a structural flaw in the surveillance system aviation spent a decade and billions of dollars building.

How ADS-B Works - and Why That’s the Problem

Automatic Dependent Surveillance-Broadcast (ADS-B) works on a simple principle: your aircraft computes its own GPS position, packages it with altitude, velocity, and your aircraft’s unique 24-bit ICAO address, and broadcasts the entire package on 1090 MHz once per second. Every aircraft within line of sight receives it. So do ground stations and air traffic control - no radar interrogation required.

The elegance is also the exposure. ADS-B is “dependent” on the aircraft’s own navigation system for its truth. If that navigation system is fed false data, the entire surveillance picture corrupts downstream.

Why GPS Is Easy to Fool

GPS signals arrive at your antenna extraordinarily weak - satellites transmitting at roughly 50 watts from 20,000 kilometers overhead, arriving with a signal strength comparable to a cell tower sitting a thousand miles away. That signal is trivially easy to overpower.

GPS spoofing works by transmitting a stronger, counterfeit GPS signal from the ground. Your receiver hears the louder signal, trusts it, computes a false position, and broadcasts that false position via ADS-B Out. You believe you’re where you actually are. ATC sees you somewhere else. Every traffic display within range shows you somewhere else.

The Scope of the Problem

OPSGROUP - the aviation safety reporting network connecting commercial and business aviation crews worldwide - began systematically tracking anomalous GPS events around 2022. By 2023, their reports had catalogued thousands of incidents.

The geographic concentration is not random. Active spoofing environments include:

  • The Baghdad Flight Information Region
  • The Tehran Flight Information Region
  • The Mediterranean corridor near Cyprus
  • The Baltic region, particularly near the Russian exclave of Kaliningrad
  • The Black Sea

These are areas where electronic warfare infrastructure is either actively deployed for military purposes or positioned near active conflict zones. GPS spoofing is an electronic warfare technique, developed by militaries. What changed is that those techniques began washing into civilian airspace at a scale nobody anticipated when ADS-B was designed.

The Authentication Problem No One Fixed

ADS-B Out, as deployed across the global fleet, has no cryptographic authentication. When your transponder broadcasts on 1090 MHz, there is no digital signature verifying the position data is accurate. Any transmitter with the right frequency and encoding format can inject a false ADS-B target - a phantom aircraft - into the surveillance picture.

This can be done with software-defined radio hardware available for under $300. Researchers at the Technical University of Berlin demonstrated the attack in published research years before the U.S. mandate took effect in 2019.

The vulnerability was known. The system was deployed anyway.

That was a deliberate tradeoff, not an oversight. Adding cryptographic authentication would have significantly increased transponder cost and complexity, likely stalling the FAA’s NextGen modernization program against industry resistance over equipage cost. The decision was made to deploy the unauthenticated system and revisit authentication in a later standard revision.

What ADS-B Version 3 Fixes - and When It Won’t Arrive

That later revision is called ADS-B Version 3. It exists within ICAO working groups as a defined technical concept and includes cryptographic authentication - a digital certificate tied to each aircraft’s unique ICAO address, verifiable by any receiving ground station or airborne equipment. Any receiver could immediately flag a position packet lacking a valid certificate, making spoofing substantially more difficult.

Version 3 is not deployed anywhere in the world. There is no finalized mandate date. Transitioning the installed fleet from Version 1 - the vast majority of currently equipped aircraft globally - requires hardware upgrades across millions of transponders. The realistic transition timeline is measured in decades, not years.

Actual Failure Modes: What Pilots Are Reporting

The most commonly reported effect is what crews call an airport ghost. A spoofed GPS position places the aircraft, on paper, over a specific airport - Cairo has appeared repeatedly in Middle East corridor reports. The aircraft’s TAWS (Terrain Avoidance and Warning System) generates an alert because the false position shows the aircraft near the surface. The crew looks up. They’re at cruise altitude over open desert. The alert is entirely false, but it creates immediate workload at exactly the wrong moment.

More technically serious is the downstream effect on TCAS. TCAS relies on transponder data from surrounding aircraft to compute relative geometry and issue resolution advisories. If a nearby aircraft’s ADS-B position is spoofed, TCAS may compute conflict geometry based on where that aircraft appears to be, not where it actually is. Researchers modeling this scenario have described outcomes where a false TCAS resolution advisory directs an aircraft to descend into actual conflicting traffic. That outcome has not appeared in the official accident record - but the physics are real, and the spoofing environments where it could unfold are active and documented.

Why the System Still Works: Multilateration

The primary check keeping the surveillance network functional despite widespread spoofing is multilateration. Ground-based receiver stations independently calculate aircraft position using time-difference-of-arrival methods. Three or more stations receiving the same transmission can triangulate actual position regardless of what the GPS-derived position claims. A significant divergence between the ADS-B-reported position and the multilateration-derived position is a detectable spoofing signature.

Eurocontrol has developed cross-validation guidance specifically addressing this discrepancy. Controllers in affected regions have been trained to treat it as an interference indicator.

The limitation: multilateration requires ground infrastructure. Over oceanic routes, remote terrain, or areas where ground equipment has been damaged - the most aggressive spoofing environments - multilateration doesn’t exist.

The Privacy Tension Built Into the Architecture

ADS-B’s open, unauthenticated broadcast created something system designers didn’t fully anticipate: a global, real-time, publicly accessible aircraft tracking network. A distributed network of enthusiast-operated ground stations now tracks virtually every ADS-B-equipped aircraft in the world. Because the broadcast is unencrypted and unauthenticated, anyone with a receiver and an internet connection can access the surveillance picture.

The public benefit is genuine - investigative accountability, safety research, accident reconstruction. But it creates a structural tension the FAA has struggled to resolve. The FAA Privacy ICAO Address program allows general aviation operators to request rotating ICAO codes that make continuous tracking on public platforms more difficult, but it doesn’t make aircraft invisible to ATC.

The conflict is at the protocol level: closing the spoofing hole, extending privacy protections, and maintaining open accessibility are mutually exclusive goals. You cannot achieve all three simultaneously with the current architecture.

What Pilots Can Do Now

If you fly international routes through high-threat corridors: OPSGROUP maintains an updated threat map at opsgroup.aero, regularly revised and worth including in preflight planning for Middle East, Baltic, or Black Sea routings.

In GPS-degraded environments, FAA guidance calls for cross-checking GPS position against independent navigation sources - VOR, DME, or inertial navigation if your aircraft carries it. If your GPS position disagrees meaningfully with other instruments and doesn’t match ATC expectations, you may be in a spoofed environment. Declare it. Ask for position confirmation. Use conventional navigation skills.

On the technology side, avionics manufacturers including Honeywell and Garmin have active research programs targeting spoof detection at the receiver level. A ground-based counterfeit transmitter produces different signal geometry and Doppler characteristics than a genuine GPS satellite constellation - differences that may be detectable without changes to the broadcast protocol. Production solutions have not shipped, but the engineering work is live.

Key Takeaways

  • ADS-B depends entirely on GPS accuracy and has no cryptographic authentication - any transmitter can inject phantom aircraft into the surveillance picture
  • GPS spoofing in civilian airspace has been documented at thousands of incidents since 2022, concentrated near active conflict zones and electronic warfare environments
  • Real operational effects include false TAWS alerts, corrupted traffic pictures, and potential for erroneous TCAS resolution advisories
  • ADS-B Version 3 includes the authentication fix but has no deployment mandate and faces a realistic transition timeline measured in decades
  • Multilateration is the primary check on spoofed data but requires ground infrastructure that doesn’t exist over oceans or in many affected regions
  • Pilots routing through high-threat corridors should consult OPSGROUP’s threat map and be prepared to cross-check position with conventional navigation sources

Radio Hangar. Aviation talk, built by pilots. Listen live | More articles