Disrupted Signals: How Estonia Found Itself on the Front Lines of GNSS Interference in Europe

Advances in cyber and electronic warfare spurred by the war in Ukraine are forcing the space sector to race to find fixes to long overlooked GNSS and cyber vulnerabilities that make services “juicy targets” for hackers.

In April last year, Finland’s flagship airline Finnair suspended flights between the Finnish capital Helsinki and the east-Estonian city of Tartu after ongoing jamming of the GNSS signal repeatedly prevented aircraft from landing.

The incident was a culmination of ongoing disturbances by Russia, which the tiny Estonia – a former Soviet republic with a population of less than 1.4 million – has been aware of for years. The Tartu incident was one of the most high-profile instances of GNSS jamming affecting civilians in a country not at war and it raised concerns about the security of satellite navigation systems and the dependence of 21st century society on the services they provide.

Experts caution that incidents in Estonia and other countries bordering with Russia are just the beginning as nefarious actors all over the world are taking notice of the disruptions and the ease with which harm can be inflicted.

“The cost to disrupt signal is very low, especially for people who aren’t suspecting it and haven’t prepared for it — which is very much most of the commercial world,” Phil Carrai, president of the Space Division at Kratos Defense & Security Solutions, a leading provider of ground infrastructure for space systems, tells Via Satellite.

Instances of deliberate interference with satellite navigation systems — jamming and spoofing — have risen exponentially since the beginning of the war in Ukraine. Both sides in that conflict are relying on methods of electronic warfare to prevent the adversary from using off-the-shelf drones to find and destroy targets.

Disturbing the radio and satellite navigation links that those drones rely on is the only currently existing defense method. It works wonders, making drones crash down like struck by lightning or hover aimlessly until they run out of power. Missiles, too, rely on satellite navigation, and so do ground, sea and land forces that need awareness of the battlefield situation.

Take out the GNSS navigation services provided by the American GPS, European Galileo or Russian GLONASS constellations – and the troops are pretty much back in the 1960s.

“You have to make sure that your soldiers today know how to use a compass,” Clémence Poirier, a cybersecurity researcher at ETH Zurich, tells Via Satellite. You need to train them so that they still can operate in the environment without GPS.”

Whether the disturbances in countries like Estonia are an overspill from Russia’s attempts to deny Ukraine access to GNSS is not clear. Estonia has publicly accused Russia of violating international rules.

Erko Kulu, head of the Estonian Consumer Protection and Technical Regulatory Authority Frequency Management Division, tells Via Satellite that since June 2023, the authority has been aware of an increase in GPS interference in Estonian airspace. “The effects of the interference are still present. This summer, the first notifications were also received from ships sailing in the Gulf of Finland,” Kulu says.

Hundreds of flights passing near active war zones including Ukraine and the Middle East experience GNSS jamming every day, according to the Times.

It’s not just air and sea traffic that suffers when satellite navigation systems are down. GNSS signals are invisibly ubiquitous in today’s world. In addition to helping billions of people around the globe to get safely to their destinations, the signals are used to timestamp ATM withdrawals and stock exchange transactions, provide precision guidance for offshore oil drilling or synchronize traffic signals and cellular base stations.

And a future world where autonomous transport and advanced robotics are a reality will only be more vulnerable to GNSS disruption. But the journey to securing the precious signal from unwanted meddling may not be straightforward.

Lessons from Cyber Neglect

Carrai and Poirier think that the vulnerability of GNSS systems, laid bare by the recent rise in jamming attacks, presents another rude awakening to the global space sector, which has until recently rested in the illusion of untouchability.

“The space sector frequently relies on legacy hardware, legacy equipment that is decades old and developed at a time when nobody thought about cybersecurity,” says Carrai. “These systems don’t have the in-built security we see in our IT networks and become juicy targets for attacks.”

The first blow came on the eve of the Russian invasion when a sophisticated cyberattack designed to prevent Ukraine’s armed forces from accessing satellite communication services disrupted ground infrastructure of the U.S. satcom provider Viasat. Poirier, who had been researching space sector cyber vulnerabilities prior to that incident, says the attack provided a long overdue wake-up call.

“When I did my thesis on this topic in 2019, nobody in the space sector cared about cybersecurity,” Poirier says. “Literature was limited, and companies didn’t put a lot of resources into it. It was completely overlooked. But when the Viasat attack happened, we saw an immediate shift in the sector and the topic suddenly became very important.”

The tiny Estonia, in fact, has been one of the earliest advocates for increased cybersecurity measures in the space sector. The Russian menace had been present in the Estonian public space for over a decade prior to the invasion of Ukraine. In 2007, the nation had suffered an extensive cyberattack attributed to Russian state-funded actors, which had taken down websites of prominent organizations including Estonia’s parliament, ministries, banks, and major broadcasters.

After joining the European Space Agency (ESA) in 2015, Estonia made it its mission to put cybersecurity on the European space industry’s agenda.

“The 2007 attacks accelerated our awareness and knowledge about cybersecurity,” Paul Liias, head of the Space Department at Estonia’s Ministry of Economic Affairs and Communications, tells Via Satellite. “When we started working on our space policy, we thought that bringing cybersecurity into the space domain could be our unique contribution. But at that time, it was perceived that there was no threat, and it was not perceived as something important. But we continued none the less.”

A few years later, the Estonian insights would prove prescient. By 2023, ESA awarded Estonia a development contract for the first commercial space cyber range in Europe, a facility that will enable space companies to test and certify space-technologies and operational processes in search for vulnerabilities using digital twin simulators.

Expected to open in Estonia’s capital Tallinn next year, the Space Cyber Range will also address vulnerabilities posed by attacks on the GNSS signal.

“The Space Cyber Range provides a platform for simulating cyber threats like denial- of-service attacks and GNSS jamming, allowing, organizations to test their systems' resilience in a virtual environment,” Silver Lodi, CEO of Tartu-based Spaceit, which is leading the cyber range development, tells Via Satellite. “Through real-world scenario simulations, the [range] helps companies develop countermeasures and enhance their ability to recover from attacks, thereby increasing their overall robustness against GNSS jamming and other cyber risks that affect satellite-based services.”

Liias stresses that being prepared is the number one prerequisite for speedy recovery and limited disruption.

“If you are already under attack, it’s too late,” Liias says. “But you can play through different scenarios and teach the operators how to behave in such situations. You can use these simulations already when the satellites are being developed, for example to test software security and find weaknesses.”

Inherently Vulnerable

Carrai points out that the satellite navigation signal such as that provided by the U.S. GPS constellation is more vulnerable than its widespread utilization in many indispensable technology systems of today would suggest. GPS signals are weak and by design not protected, meaning they can be easily suppressed with devices producing louder radio noise of the same frequency. While Russia relies on powerful military jammers located along its western borders to affect adversary territories, portable devices commercially available for a few hundred dollars can cause havoc locally.

“GPS is a service that we haven’t thought before was at risk,” says Carrai. “It’s only recently that we have realized that it is a target of opportunity and now we see that there is a problem.”

The current generation of the U.S. GPS constellation as well as Europe’s Galileo produce two types of signals: The basic, unencrypted signal available to the public and commercial users, and the encrypted signal for military and government users. Carrai, however, stresses that encryption offers no protection against jamming and only secures the contents of the signal from interception.

Sophisticated military receivers can, to a degree, limit effects of jamming by enabling frequency hopping and using directional antennas to detect the real signal amidst the electronic warfare onslaught, but even that has its limits.

Alternative technologies to supplement or even briefly take over the tasks of positioning, navigation and timing (PNT) traditionally served by GNSS, are being developed, mostly aiming to help military actors remain oriented in highly contested environments.

“There is an emerging market looking at alternatives to GPS that would provide the same services using other types of technologies including orientation based on star positions or Earth observation,” Poirier says.

Alternative satellite systems are also being looked at that use optical or radio communication links to carry the PNT information. Companies like Xona Space Systems and TrustPoint are developing proliferated LEO constellations that could serve as a GPS back-up. The U.S. Space Force has recently awarded contracts to four other companies — Astranis, Axient, L3Harris, and Sierra Space — to augment the GPS constellation with fleets in other orbits as part of the Resilient GPS program. That, however, might not solve the GNSS jamming problem entirely.

In Ukraine, drone developers have moved from simple hobbyist-grade drones equipped with basic GPS receivers to systems capable of switching between multiple constellations. Fully autonomous drones that can execute their missions completely without GNSS access using on-board maps and AI-driven visual navigation are the latest trend. The Russians, on the other hand, managed to circumvent GNSS jamming by connecting their drones to spools of hair-thin optical fibers.

The Long Way Out

For the majority of GNSS users, however, the journey to securing, uninterrupted access will be long and complicated.

In 2018, the U.S. Air Force began rolling out its third generation of GPS satellites, capable of generating a more protected type of signal known as the M, or military, code. The M-code is what Carrai describes as a protected waveform, a signal designed to virtually hide in the general radio noise.

“You can change what the waveform looks like so that it isn’t visible, and you have a low probability of detection,” says Carrai. “By spreading the wave, it becomes more difficult to jam, certainly without sophisticated military equipment.”

M-code, however, will only be available to military and other high-importance users equipped with next-generation GPS receivers. The signal is not designed for everyday uses in the first place, Carrai adds, featuring a much lower bandwidth than required by commercial applications.

“What happens is that the performance drops,” says Carrai. “You’re not pushing as many bits through as through a broader waveform. It works fine military-wise, but consumer-wise, it’s more difficult.”

The expected higher cost of the new receiver technology will also limit adoption. As things stand, most military users have not yet been equipped with the new receivers leaving the “ground segment several years away from matching the spacecraft capabilities,” according to Carrai.

“For the next several years, we will have to get more resilient through other means than jam-resistant waveforms,” says Carrai. “It goes back to the understanding of what is happening in the environment, whether jamming is taking place and whether there is anything I can do to mitigate that.”

At Tartu Airport in the east of Estonia, a tiny airfield hosting one or two flights a day, new infrastructure was installed to enable Finnair, the only airline serving the city, to resume operations, Liias says. Unlike major international airports equipped with a plethora of radar-based back-up systems, such an infrastructure upgrade at Tartu is an investment with a slow and long-term return.

But cheap is no longer an option in the new reality of electronic warfare, says Carrai. And GPS users will either pay to become resilient or be forced to deal with even costlier disruptions. VS

Lead photo: The Viru Gate in Tallinn, Estonia. Shutterstock photo, Via Satellite illustration