Cyber Incident Victim: Finnish Transport and Communications Agency
Date:
Mar 2022
Location:
Finland
Summary
A Finnish government agency warned of unusual GPS interference affecting aircraft navigation near its eastern border, prompting safety alerts and flight diversions. The disruptions, suspected to involve spoofing attacks, impacted multiple commercial flights—forcing some to return to their departure points—and necessitated reliance on alternative navigation systems supported by air traffic control. While the interference source remained undetermined due to its localized and transient nature, similar disruptions were reported across the Baltic region. The incident highlighted vulnerabilities in GPS technology, which can be disrupted by relatively accessible equipment, though aviation protocols mitigated immediate safety risks.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In early March 2022, Finland’s Transport and Communications Agency (Traficom) detected an unusual surge in GPS interference near the country’s eastern border, prompting a public announcement on March 11, 2022. The interference, first observed during the preceding weekend, persisted at the time of the announcement and originated from unknown sources. Multiple reports from various entities documented disruptions affecting aircraft navigation systems, leading Traficom to issue Notices to Airmen (NOTAMs) to alert pilots and ensure flight safety through additional precautions. A notable incident occurred on Sunday, March 10, when several Transaviabaltika flights en route to Savonlinna, Finland, experienced onboard GPS navigation failures, forcing them to return to their departure point in Tallinn, Estonia. Traficom Director Jari Pöntinen emphasized that aviation remained safe despite the disruptions, citing established airline procedures for GPS signal loss, including reliance on alternative navigation systems and air traffic control support using secondary landing aids. The agency noted the interference signals were airborne, momentary, and localized, making ground-based verification of their source practically impossible.
The incident impacted broader regions beyond Finland, with Poland, Lithuania, Latvia, and the wider Baltic area also reporting GPS disruptions. Traficom’s investigation highlighted the inherent vulnerabilities of GPS technology, which relies on weak satellite signals susceptible to jamming or spoofing by inexpensive, widely available equipment capable of broadcasting counterfeit signals over distances exceeding 80 kilometers. Historical precedents included similar disruptions during NATO exercises in Finland in 2018 and Norwegian accusations of Russian GPS interference during military drills in 2017. The March 2022 interference coincided with a meeting between U.S. President Joe Biden and Finnish President Sauli Niinistö, amid Finland’s deliberations over NATO membership—a prospect opposed by Russia. No attribution for the interference was confirmed, and Traficom outlined technical countermeasures such as GPS firewalls and directional multi-array antennas to mitigate spoofing, though these were not implemented during the incident. The agency’s response focused on operational adjustments and awareness-raising while acknowledging the persistent challenge of securing GPS infrastructure against low-cost, scalable attacks.