Thiruvananthapuram: The mysterious dual-engine failure of Air India flight AI-171—once dismissed as “pilot error”—is resurfacing with alarming implications.
Aviation and security experts now suggest that the 2017 incident could represent the world’s first major civilian test case of “Pahagalm,” an emerging cyber-offensive strategy that disables targets without firing a single shot, by manipulating satellite and communication systems, aviation cyber analysts told UNI.
The theory has gained traction after the Supreme Court sharply criticized the official probe for ignoring cyber-forensic angles, calling the Aircraft Accident Investigation Bureau’s (AAIB) conclusions “irresponsible speculation.”
The court’s remarks echo concerns long voiced by cyber-security researchers that civilian infrastructure, particularly aviation, is increasingly vulnerable to state-sponsored digital intrusions.
For years, hostile cyber units linked to China and Pakistan have been accused of perfecting high-end signal spoofing, GPS manipulation, and satellite communications (SATCOM) interference in military contexts.
From hijacking Indian military drones in 2024 to disabling surveillance systems along the border, adversaries have repeatedly demonstrated these tactics, methods consistent with what security insiders call the “Pahagalm” playbook, advanced disruption without direct kinetic force.
“The hallmark of Pahagalm is denial—crippling systems by manipulating their trust in digital signals. Civil aviation, built heavily on SATCOM and GPS dependency, is the next frontier,” warned a former top cyber-defense official, emphasizing that India cannot afford to underestimate the threat to civilian platforms.
Air India’s Boeing 787 fleet, including AI-171, was flagged as particularly exposed.
Aviation advisories dating back to 2017 cautioned that the Dreamliner’s network architecture lacked proper segmentation, potentially allowing a malicious actor to infiltrate avionics from non-critical systems.
While global regulators mandated fixes, Air India reportedly lagged behind in compliance, leaving its aircraft vulnerable to exploitation.
“This wasn’t a random glitch. The vulnerabilities were known, adversaries had the capacity, and the conditions were ripe for testing such tactics on a civilian aircraft,” the cyber analysts said.
What troubles experts most is not just the incident itself—but the way it was handled.
Investigators did not perform a full forensics sweep of the aircraft’s operational technology (OT) and network systems, effectively ruling out the cyber possibility before even examining it.
“The same mistake was made during the 2020 Mumbai power grid blackout, where authorities first blamed routine failures before cybersecurity evidence forced a rethink,” said a policy researcher at a Delhi-based think tank. “In aviation, such denial could be fatal.”
The AI-171 episode, experts argue, should be treated as a grave warning. With adversaries already field-testing cyber tactics against India’s defence infrastructure, the migration of these threats into civilian domains marks a dangerous escalation.
The report concludes with three urgent demands, full-scale cyber-forensic investigations into aviation incidents, strict enforcement of cyber-resilience mandates across airlines, and immediate classification of aviation as Critical Information Infrastructure under Indian cyber law.
“The question isn’t whether AI-171 was a Pahagalm attack, it’s whether India is prepared for day one certainly is,” warned the analyst. “At this moment, the skies are exposed.”
