Cyber and spectrum

The cyber and spectrum tab carries the layers that do not fit neatly under conflict, infrastructure, or weather but that nonetheless reshape the operating picture in real time: GPS jamming and spoofing, network-level censorship, BGP routing leaks, and threat-actor presence by country. Each is a public-source feed run through SENTINEL's scoring and dedup logic so analysts see the step-changes rather than the steady-state noise.

GPS jamming hexes come from public position-report telemetry across the commercial aviation network. Aircraft transponders that fail to acquire a fix or report degraded fix quality contribute to a hex bin; the resulting heatmap shows where electronic warfare interference is currently active. The usual hot zones around Russia, Iran, the Eastern Mediterranean, and Israel are persistent; what matters operationally is when the heat extends or contracts, or when a new front appears somewhere previously clean.

Spoofing is distinguished from jamming by the spurious-position signature. When multiple aircraft simultaneously report a fix at the same impossible coordinate, that is spoofing, not jamming. SENTINEL's spoof classifier looks for this pattern, applies receiver-handoff filtering to drop mid-Atlantic and mid-Pacific false positives, and surfaces real spoof clusters as discrete events on the patterns rail.

OONI is the Open Observatory of Network Interference. Their per-country censorship measurement set covers blocked websites, throttled traffic, deep-packet-inspection events, and middlebox interference. SENTINEL renders the per-country state and the most recent measurement events; the country dossier surfaces this alongside the political and military picture so an analyst seeing a sudden block of Telegram or Signal in a country can read it next to the on-the-ground signals.

BGP route leaks come from Cloudflare Radar. When an autonomous system leaks routes that should not have been advertised (whether by misconfiguration, hijack, or coercion), the result is traffic redirection on the underlying internet. SENTINEL surfaces per-country BGP leaks and outages, and ties leaks tied to specific submarine cables back to the cable layer so the operator sees both halves of the picture.

The MISP threat-actor galaxy provides per-country presence of named threat actors (APT groups, financially motivated criminal groups, hacktivist collectives). The country panel surfaces the currently-tracked actors with their last public attribution. This is not a real-time feed; it is the curated state of the open-source threat-actor literature.