FlySafe was not operational during this event. This analysis reconstructs publicly available signals — to demonstrate how predictive airspace intelligence could have provided advance warning.
Middle East GPS Spoofing Campaign
2023–Ongoing — 50,000 Aircraft Affected
Since August 2023, the Eastern Mediterranean and Iraq-Iran border have been the epicenter of the largest GPS spoofing campaign ever directed at civil aviation. By the end of 2024, over 50,000 flights had been affected. Aircraft reported positions 60-90 nautical miles from their actual location. The spoofing didn't just defeat GPS — it corrupted inertial reference systems (IRS), the supposedly spoof-proof backup. IATA confirmed a 500% increase in GPS spoofing incidents in 2024. The source has been traced to Israeli Air Force operations and Iranian countermeasures.
What Happened
Beginning in August 2023, civil aviation across the Eastern Mediterranean and Middle East began experiencing GPS spoofing attacks of a scale and technical sophistication never previously documented in peacetime airspace. Aircraft transiting the UM688 airway — a high-density route running through the Iraq-Iran border region — started reporting position errors of 60 to 90 nautical miles. Crews found their navigation displays placing the aircraft over airports, cities, or terrain that bore no relation to their actual position.
What distinguished this campaign from earlier GPS interference events was the corruption of Inertial Reference Systems (IRS). IRS units are entirely self-contained — they require no external radio signal — and had long been considered the failsafe backstop when GPS is unavailable or unreliable. Spoofed GPS signals were injecting false position data into aircraft Flight Management Systems (FMS) with enough persistence and accuracy to cause IRS units to "learn" incorrect positions, a phenomenon that had no precedent in civil aviation operations. When flight crews switched from GPS to IRS as the backup, they found the IRS had already been poisoned.
The geographic footprint of the disruption was enormous. Events were reported across the Nicosia FIR (Cyprus), Beirut FIR (Lebanon), Baghdad FIR (Iraq), and Tehran FIR (Iran). The airspace above Lebanon became particularly hazardous: at one point, 117 ships and aircraft simultaneously showed false GPS positions placing them at or near Beirut Rafic Hariri International Airport. Lebanon's Civil Aviation Authority took the extraordinary step of instructing airlines to stop using GPS entirely within Lebanese airspace and to revert to conventional VOR/DME-based navigation.
GPS manipulation linked to Iron Dome and Arrow missile defence system operations. Spoofing broadcast to deny adversaries precision GPS guidance over Israeli territory, with spillover into civil FIRs across Lebanon, Cyprus, and the Eastern Mediterranean reaching distances far beyond the intended military zone.
Iran's own GPS spoofing operations — concentrated along the Iraq-Iran border and the UM688 airway corridor — compounded the Eastern Mediterranean sources. By August 2024, the University of Texas GPS research group traced a primary spoofing origin to Tehran, creating overlapping disruption zones that trapped aircraft in multiple simultaneous false-position environments.
Warning Signs
The signals preceding and accompanying this campaign were present in open-source and operational data months before institutional responses materialised. OPSGROUP — an independent aviation safety organisation — began collecting pilot and operator incident reports from August 2023 and had assembled over 50 documented cases by November 2023, three months before IATA formally quantified the disruption scale. Each of the following indicators was observable through systematic monitoring of ADS-B position data, NOTAM issuances, and military conflict zone tracking databases.
Airway UM688 traverses the Iraq-Iran border — one of the world's most active zones of electronic warfare and missile defence activity. The convergence of high-density civil traffic with military EW operations represents the highest-risk combination for navigation interference. This overlap was knowable from public conflict-zone and airways data.
Iron Dome and Arrow system activations generate GPS spoofing as an operational byproduct. The security environment in Israel from mid-2023 was publicly documented as heightened, with increased interception events — each one a potential spoofing emission affecting surrounding FIRs including Nicosia and Beirut.
Aircraft broadcasting ADS-B positions derived from spoofed GPS signals create detectable spatial clustering anomalies — multiple aircraft appear at the same geographic point or move along implausible vectors. The Beirut airport incident (117 simultaneous false positons) was the extreme expression of a pattern visible in aggregated ADS-B data weeks earlier at lower intensities.
Iran has maintained documented GPS jamming capability along its western border since at least 2011. The escalation to active spoofing — injecting false signals rather than simply blocking — was a doctrinal shift traceable through academic and open-source intelligence reporting available to analysts before August 2023.
GPS jamming incidents in the Eastern Mediterranean had been documented since 2017 around Cyprus and parts of the Levant. These earlier, lower-intensity events established the technical and geographic precedent for the 2023 escalation. EUROCONTROL and FAA NOTAMs from 2019–2022 referenced GPS unreliability in overlapping FIRs.
Timeline
First confirmed GPS spoofing incidents emerge across the Eastern Mediterranean and Iraq-Iran border region. Flight crews on UM688 and adjacent airways begin reporting position discrepancies of 60–90 nautical miles. Initial reports are treated as isolated equipment anomalies by most operators. OPSGROUP begins logging incident reports.
Aviation safety investigators confirm what pilots had been reporting: Inertial Reference Systems are being corrupted by spoofed GPS inputs. This is an unprecedented failure mode — IRS units had never before been considered a vulnerability in GPS interference scenarios. The aviation industry has no established procedure for this failure combination. Operators begin issuing internal advisories to crews.
OPSGROUP publishes its analysis of the spoofing campaign, having collected over 50 formal incident reports from operators across multiple airlines and aircraft types. The report identifies UM688, the Beirut FIR, and the Nicosia FIR as the highest-density affected corridors. The document becomes the primary reference for operators — no equivalent ICAO or state authority publication exists at this point.
In one of the most dramatic documented incidents of the campaign, 117 ships and aircraft simultaneously display GPS positions placing them at or adjacent to Beirut Rafic Hariri International Airport. Air traffic controllers face a situation where radar and GPS-derived positions are irreconcilable across an entire sector. The Lebanon Civil Aviation Authority issues an instruction to airlines: stop using GPS in Lebanese airspace and revert to VOR/DME conventional navigation.
The University of Texas GPS research group — which maintains a global network of GPS signal monitors — publishes analysis tracing a primary spoofing source to Tehran. Separately, aviation security analysts confirm Israeli Air Force GPS manipulation as the Eastern Mediterranean source, tied specifically to Iron Dome and Arrow missile defence system operations designed to deny adversaries precision navigation over Israeli territory.
By mid-2024, systematic tracking of GPS anomaly reports confirms that over 1,100 flights per day are experiencing significant GPS disruption across the affected region. The campaign has grown from a localized anomaly to a systemic infrastructure failure affecting a major global aviation corridor. Flights operated by carriers including Emirates, Qatar Airways, Lufthansa, Air France, and dozens of other international operators are affected daily.
IATA publishes its Navigation Disruptions Report, providing the first comprehensive institutional quantification of the campaign's scale. The report documents a 175% increase in overall navigation disruptions and a 500% increase in GPS spoofing events specifically. The IATA data confirms over 50,000 flights affected across 2024 and establishes the Middle East GPS spoofing campaign as the largest sustained navigation infrastructure attack in commercial aviation history.
As of early 2025, the spoofing campaign remains active. No diplomatic or technical resolution has been achieved. ICAO has issued guidance but lacks enforcement authority over state-sponsored electronic warfare operations. Airlines continue operating in affected airspace using degraded navigation procedures, increased crew vigilance requirements, and — where operationally feasible — route modifications.
Aviation Impact
The Middle East GPS spoofing campaign represents the first instance of electronic warfare causing sustained, measurable degradation to commercial aviation navigation infrastructure across multiple sovereign FIRs simultaneously. The quantified impact spans safety, operations, and the fundamental assumptions underpinning modern GPS-dependent aviation.
IATA's February 2025 Navigation Disruptions Report confirmed more than 50,000 flights experienced GPS spoofing or jamming disruption across the affected region during 2024 alone — averaging over 136 affected flights every single day of the year across the Eastern Mediterranean and Middle East corridor.
IATA recorded a 500% increase in GPS spoofing events and a 175% increase in overall navigation disruptions between 2023 and 2024. The rate of escalation — not just the absolute numbers — signals that spoofing is becoming a standard tool of state military operations with no consideration for civil aviation impact.
Position errors of 60 to 90 nautical miles place aircraft over completely different countries than their displayed position. At these error magnitudes, TCAS, terrain avoidance (TAWS/GPWS), and ATC radar correlation all become unreliable simultaneously — creating compounding safety failures across multiple independent systems.
By August 2024, systematic monitoring confirmed over 1,100 commercial flights per day were experiencing significant GPS disruption across affected FIRs. At this scale, the Eastern Mediterranean corridor — one of the world's busiest inter-regional aviation routes connecting Europe, Asia, and the Gulf — was functionally operating without reliable GPS navigation.
The corruption of Inertial Reference Systems by spoofed GPS signals represents the most technically significant safety development of the campaign. IRS units are closed-loop inertial sensors — accelerometers and gyroscopes that track aircraft movement from a known starting position without any external signal. They were designed to be immune to GPS interference. The spoofing signals in this campaign were sustained and precise enough to cause FMS software to continuously update IRS position references with false GPS data, causing the IRS to "drift" to an incorrect position over time. When crews selected IRS as their navigation backup — standard operating procedure — they unknowingly relied on a system that had already been compromised. Airlines including those operating the Boeing 737, 777, and Airbus A320/A330 families reported this failure mode. The industry has no established checklist procedure for simultaneous GPS and IRS position failure.
The Lebanon Civil Aviation Authority's instruction to airlines to discontinue GPS use in Lebanese airspace was without modern precedent — a state aviation authority effectively declaring its own GPS infrastructure unreliable and reverting to 1970s-era navigation standards. VOR and DME navigation has lower precision, requires more ATC workload, reduces capacity, and is unavailable below certain altitudes and in certain terrain — making it an incomplete substitute in a region with complex terrain and high traffic density. The CAA instruction acknowledged that the sovereign state had no ability to stop the spoofing affecting its FIR, and that airlines' only protection was to not trust the signals at all.
Takeaway
The Middle East GPS spoofing campaign exposes a structural vulnerability in how the aviation industry and its regulators assess airspace risk: the near-total absence of systematic monitoring for navigation infrastructure degradation driven by geopolitical and military dynamics. IATA's February 2025 report — published 18 months after the campaign's onset — is the first comprehensive institutional acknowledgement of its scale. Operators and flight crews were navigating the developing crisis with fragmentary OPSGROUP reports and word-of-mouth advisories while their navigation architecture silently failed around them.
The lesson is not primarily technical. The technology to detect GPS spoofing through ADS-B position anomaly analysis, signal-quality monitoring, and cross-referencing of navigation data against inertial and radar tracks has existed throughout this campaign. The missing element was a systematic, forward-looking intelligence layer that treats military conflict escalation, electronic warfare doctrine, and active geopolitical tensions as direct inputs to airspace risk assessment — rather than as background context handled by government NOTAMs that arrive weeks or months after the hazard materialises.
Airlines that continued routing through UM688 and Lebanese airspace without procedural adaptation did so not from negligence but from the absence of timely, synthesised risk intelligence. The data was present — conflict-zone escalation signals, electronic warfare reporting, early ADS-B anomalies — but it was not assembled into an actionable risk picture at the route-planning level.
This retrospective analysis examines signals present in public data before the event. It is provided for educational context only and does not claim predictive capability for future events.
A retrospective analysis suggests FlySafe's indices may have indicated elevated GPS interference probability across the Nicosia FIR, Beirut FIR, and Baghdad FIR from August 2023 — correlating escalating Israeli air defence activation tempo with known Iron Dome GPS emission characteristics and overlaying that signal against the UM688 routing corridor. The simultaneous escalation of Iranian electronic warfare activity along the Iraq-Iran border, traceable through open-source military monitoring feeds, may have indicated a compounding risk elevation for eastbound traffic on the same airway. Before the Lebanon CAA issued its advisory and before OPSGROUP had assembled 50 incident reports, FlySafe's conflict-zone electronic warfare index may have surfaced UM688 and the Beirut FIR as requiring active navigation contingency planning — giving operators the lead time to brief crews, prepare alternate procedures, and evaluate route modifications before encountering the failure modes in flight.
The 500% increase in GPS spoofing documented by IATA is not an anomaly — it reflects the normalisation of electronic warfare as a tool of state conflict in airspace that civil aviation cannot avoid. The Eastern Mediterranean is not a remote or peripheral routing option; it is a primary artery for Europe-Asia and Europe-Gulf traffic carrying hundreds of millions of passenger-kilometres annually. As more state and non-state actors acquire GPS spoofing capability — now commercially accessible at low cost — the frequency and geographic spread of events like this campaign will increase. Airspace risk prediction that does not systematically integrate electronic warfare threat assessment is incomplete for the operational environment that now exists.
Sources
- — IATA — Navigation Disruptions Report, February 2025. Documents 175% increase in navigation disruptions and 500% increase in GPS spoofing events; quantifies 50,000+ affected flights in 2024.
- — OPSGROUP — GPS Spoof Attacks / IRS Failures. Primary operational reporting source; assembled 50+ incident reports by November 2023 and first documented IRS corruption as a failure mode in civil aviation.
- — Foreign Policy — War-Zone GPS Spoofing Threatening Civil Aviation. Analysis of the intersection of state electronic warfare operations and civil aviation navigation infrastructure vulnerability.
- — The National — Israeli GPS Jamming Forces Alternative Landing Systems in Beirut. Reports on Lebanon CAA instruction to airlines to discontinue GPS use and the operational impact on Beirut Rafic Hariri International Airport approach procedures.
- — University of Texas — GPS Spoofing Source Attribution Research. Academic signal monitoring and geolocation analysis tracing primary spoofing emissions to Tehran; provides technical basis for Iranian counter-spoofing attribution along the UM688 corridor.
This is a retrospective analysis of publicly documented events. FlySafe's prediction system was not operational during this event. All information is sourced from public records, aviation authority publications, airline statements, and open data.