Since the end of 2023, the navigation data for ships and aircraft over the Baltic Sea have been massively distorted by jammers on a large scale. The disruptions affect an area that stretches from Sweden across the Baltics and Poland deep into the northeast of Germany. There is much speculation about the background of this situation, known as the "Baltic Jammer," which is dangerous for maritime and air traffic, but so far there are no reliable findings. Now the German security company hensec, together with the GNSS cybersecurity platform GPSPatron and the Gdynia Maritime University, has presented the first comprehensive analysis based on a six-month study of the situation in the Baltic Sea region. It can be viewed here.
The result is summarized by hensec owner Kevin Heneka as follows: "We are under an intentional, ongoing highly professional attack on GNSS signals, which is very likely being carried out by military jammers on ships."
GNSS stands for Global Navigation Satellite System and includes GPS (Global Positioning System, USA), Galileo (European Union), Glonass (Russia), and BeiDou (China). Particularly fatal: Many maps based on ADS-B data (Automatic Dependent Surveillance-Broadcast), which are customary in air traffic and with which aircraft automatically send their position to ground stations and other aircraft, did not even partially display the disruptions.
Dangers from Jamming and Spoofing are Underestimated
Security expert Kevin Heneka explains: "Awareness of the dangers of jamming and spoofing is still underdeveloped in the German economy, even though both are already real."
Jamming refers to the disruption of a navigation signal such as GPS, so that no precise location can be determined, while spoofing involves the emission of falsified signals, thereby faking an incorrect location.
Not only maritime and aviation sectors are at risk, but also numerous critical infrastructures, emphasizes the security specialist. As examples, he mentions the energy supply, telecommunications (cellular towers and data centers use GPS for time synchronization), healthcare, as well as any autonomous systems such as drones or self-driving vehicles.
Kevin Heneka makes it clear: "Ongoing GPS manipulations can affect public transportation, disrupt rescue chains, or render critical communication networks unusable. Therefore, KRITIS companies in particular should take jamming and spoofing very seriously as security risks."
Baltic Jammer as a Wake-Up Call for the Economy
According to its own statements, hensec is the only security company in the German-speaking region that offers specially developed analysis systems for terrestrial detection of jammers and spoofers. The necessary ground-level sensors not only detect what type of interference signal it is, such as jamming or spoofing, but can also classify and locate it. The German company works closely with GPSPatron in this regard.
“All sensors and devices for our jammer and spoofer detection come from the European Union; the data centers for signal analysis are all located in Germany. The Baltic Jammer should be a wake-up call for companies to take precautions against jamming and spoofing attacks,” recommends Kevin Heneka. “Unfortunately, many companies only react when something happens. Yet, precaution is crucial,” says the expert, who regularly raises awareness about this critical issue in companies.
About hensec
hensec – secure solutions specializes in 360° security solutions for industry, business, and authorities. According to the insight “A chain is only as strong as its weakest link,” the company focuses on holistic security concepts that encompass both physical security and cybersecurity. To achieve this, hensec relies on highly qualified personnel and modern security technology. There is hardly an aspect of the security field in which hensec is not active: audio surveillance protection, drone defense, Industry 4.0, information security, critical infrastructures, open source intelligence, OT security, perimeter protection, social engineering, video surveillance. hensec reviews existing security concepts, carries out risk assessments, conducts personnel qualification measures, and develops and implements new security solutions that take into account today's threat landscape, particularly with regard to hybrid attack scenarios.
