Drone and Cyber Intrusions Expose Gaps in European Aviation Security

  • Igor Koval
    By Igor Koval | Cyber & Electronic Warfare Specialist
  • September 24, 2025

Recent incidents involving rogue drones and GPS spoofing have raised alarms across Europe’s aviation sector. From airport disruptions to suspected state-linked cyber intrusions, the continent is facing a multi-domain threat that combines unmanned aerial systems (UAS) with electronic warfare (EW) tactics. These events underscore the urgent need for integrated counter-UAS (C-UAS) capabilities and hardened navigation systems across civilian and military infrastructure.

Drone Incursions Disrupt Major European Airports

Over the past 18 months, several major European airports—including London Gatwick, Frankfurt am Main, Warsaw Chopin Airport, and Oslo Gardermoen—have reported unauthorized drone activity near runways or within controlled airspace. In multiple cases, flight operations were suspended for hours as authorities scrambled to locate or neutralize the aerial intruders.

One of the most disruptive events occurred at Warsaw Chopin Airport in early 2024 when a commercial flight was forced to abort landing due to a small quadcopter operating dangerously close to its glide path. Polish officials later confirmed that the drone had not been detected by radar and was only visually identified by the pilot—a stark reminder of the limitations of conventional air traffic control systems against low-RCS (Radar Cross Section) threats.

In response to these incursions, several EU member states have accelerated procurement of C-UAS technologies. Germany’s Bundeswehr has deployed mobile anti-drone units equipped with Hensoldt’s Xpeller system at key transportation hubs. Similarly, France has expanded deployment of CerbAir’s Hydra RF detection suite around Paris Charles de Gaulle Airport.

GNSS Spoofing Incidents Raise Alarm

Beyond physical drones, a more insidious threat is emerging in the form of Global Navigation Satellite System (GNSS) spoofing—a technique that manipulates GPS signals to mislead aircraft navigation systems. Between late 2023 and mid-2024, multiple airlines reported anomalies over Eastern Europe and parts of Scandinavia where aircraft autopilot systems briefly deviated from intended courses due to corrupted positioning data.

The European Union Aviation Safety Agency (EASA) issued a safety bulletin in July 2024 warning operators about increased occurrences of GNSS interference affecting both civil aviation and maritime sectors. The bulletin cited “deliberate signal manipulation” as a likely cause but stopped short of attributing responsibility.

Open-source intelligence analysts suggest that some spoofing events may be linked to Russian EW platforms such as Krasukha-4 or Tobol-M operating near Kaliningrad or Belarusian territory. These mobile ground-based systems are capable of generating false GNSS signals over hundreds of kilometers—a capability previously observed during Russian operations in Syria and Ukraine.

Civil-Military Coordination Lags Behind Threat Evolution

A recurring criticism from aviation security experts is the lack of seamless coordination between civilian aviation authorities and military EW/counter-drone assets. While NATO countries maintain robust air defense networks for military threats—including SHORAD and radar coverage—these are not always integrated with civilian ATC or airport security protocols.

EASA has called for greater information sharing between Eurocontrol centers and national defense ministries to enable real-time tracking of anomalous aerial behavior. However, bureaucratic hurdles remain high due to sovereignty concerns over military sensor feeds and rules-of-engagement constraints on kinetic responses within civilian zones.

The UK Civil Aviation Authority (CAA), for instance, has limited authority to deploy jamming equipment near airports due to spectrum regulation laws—even when rogue drones pose an immediate hazard. This legal grey zone hampers rapid response capabilities unless military units are formally mobilized under emergency mandates.

Counter-UAS Technologies See Rapid Uptake

The surge in drone-related incidents has catalyzed demand for C-UAS solutions across Europe’s critical infrastructure sectors—not just airports but also power plants, government buildings, stadiums, and border crossings.

Leading technologies being adopted include:

  • RF Detection & Direction Finding: Systems like DedroneTracker or Rohde & Schwarz ARDRONIS use radio frequency pattern analysis to detect UAS command links.
  • EO/IR Visual Tracking: Electro-optical/infrared cameras coupled with AI-based object recognition help identify drones visually even under poor weather conditions.
  • Kinetic Interceptors: Some nations are trialing interceptor drones (e.g., DroneHunter by Fortem Technologies) capable of netting rogue UAVs mid-air.
  • Spoofing/Jamming Defenses: Anti-GNSS-spoofing receivers using inertial backup navigation are being evaluated for commercial aircraft avionics upgrades.

The EU-funded ALADDIN project (Advanced hoListic Adverse Drone Detection IntegratioN), launched under Horizon 2020 framework in partnership with Leonardo S.p.A., Thales Group, and Fraunhofer Institute among others, aims to develop an interoperable C-UAS architecture suitable for urban environments by 2026.

Aviation Sector Faces Growing Hybrid Threats

The convergence of physical drone threats with cyber-electronic attacks represents a new class of hybrid warfare targeting soft infrastructure nodes like airports—where disruption yields outsized economic impact without triggering Article V-level responses from NATO allies.

This threat vector is particularly attractive for state actors seeking deniable pressure tactics below kinetic thresholds. The use of commercially available drones modified with autonomous navigation or payload delivery capabilities further complicates attribution efforts by law enforcement agencies across jurisdictions.

EASA is currently working with ICAO on updating international standards around UAS identification protocols (such as Remote ID requirements) while also exploring satellite-based GNSS authentication layers via Galileo OS-NMA (Open Service – Navigation Message Authentication) scheduled for operational rollout by late 2025–early 2026.

Outlook: Policy Reform Needed Alongside Tech Adoption

The technological race against drone-enabled threats cannot succeed without concurrent regulatory reform. Experts advocate for harmonized EU-wide rules on C-UAS deployment authority at civilian sites—including legal clearance for RF jamming under controlled conditions—and faster data exchange mechanisms between intelligence services and civil aviation bodies during active threat scenarios.

A pan-European aviation resilience strategy would also benefit from integrating lessons learned from conflict zones such as Ukraine—where FPV drones combined with EW suppression have become standard battlefield tools—to anticipate future adaptations by non-state actors or proxy forces targeting Western infrastructure hubs via asymmetric means.

Social Share or Summarize with AI
Igor Koval
Igor Koval
Cyber & Electronic Warfare Specialist

I served as a Colonel in the Central European Armed Forces with over 20 years of experience in artillery and armored warfare. Throughout my career, I oversaw modernization programs for self-propelled howitzers and coordinated multinational exercises under NATO command. Today, I dedicate my expertise to analyzing how next-generation defense systems — from precision artillery to integrated air defense — are reshaping the battlefield. My research has been published in several military journals and cited in parliamentary defense committees.

Show Comments (0) Hide Comments (0)
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments