Russia has been conducting a major campaign to experimentally hijack signals sent by Global Navigation Satellite Systems (GNSS) systems such as GPS, researchers have claimed in a detailed report.
Technically, GNSS spoofing (as opposed to simpler jamming) is an attempt to send false positional signals to a receiver using global satellite networks such as the US GPS, China’s Beidou, Russia’s GLONASS, and Europe’s Galileo.
In recent years, there have been a flurry of small-scale reports of spoofing plus one major incident in the Black Sea in 2013 when at least 20 ships reported positioning anomalies blamed on the phenomenon.
What the team at the Center for Advanced Defense (C4ADS) has uncovered is the first confirmed example of a nation using this technique on a large scale.
The evidence emerged after the team spent a year crunching satellite data gathered by the International Space Station (ISS), detecting 9,883 suspected spoofing incidents at 10 global locations connected to its military, including Crimea, Syria, and the Russian Federation.
Since February 2016, this resulted in 1,311 civilian ships being fed the wrong positional coordinates from a range of civilian satellite networks.
Even when the attacks are noticed and corrected the effect is that of a nuisance denial-of-service on targets which are forced to fall back on older, less convenient systems. Says the report:
In effect, Russian forces now have the capability to create large GNSS denial-of-service spoofing environments, all without directly targeting a single GNSS satellite.
Another apparently routine if slightly From Russia With Love application of is to block the tracking of politicians, with numerous reports of “a close correlation between movements of the Russian head of state and GNSS spoofing events.” This suggested the development of mobile jamming units.
The researchers also found previously unreported evidence of GNSS interference near Russian military activity that represented a danger to civilian airliners using the same airspace.
The wider threat
Because the technology to carry out spoofing attacks is now so cheap, GNSS spoofing is unlikely to be the preserve of Russia for long and is now within the grasp of small groups and perhaps even lone wolves, the researchers say.
Meanwhile, because GNSS technology is now widespread in sectors such as energy, financial telematics, policing, and transport, there is no shortage of economic significant targets to aim at.
State and non-state actors engaged in illicit activity continue to show the lengths to which they are willing to go in order to both conduct and conceal their operations.
Their conclusion is that the world is likely entering an era when GNSS interference will become an everyday hazard, which sounds a bit alarming.
The counter view is that they’re easy targets and that not enough effort has been made to come up with ways of defending GNSS systems. The good news is that it’s not that hard to detect spoofing with the right technology, nor work out who might be doing it. For instance:
The collaboration between C4ADS and UT Austin researchers shows how GNSS receivers based on low-Earth-orbit satellites can be used to detect and geolocate interference signals worldwide.
However, it’s still the case that not enough people are paying attention to the problem or doing this kind of research. Perhaps publicity over the alleged Russian programme will achieve what expert opinion has so far failed to.
Mahhn
And thus the return to map reading with stars, compasses and time begins.
anonymous coward
I thought the military had its own GPS system that couldn’t be tampered. This is a surprise to me. Isn’t this why so many redundant GPS satellites are in orbit?
Hopefully, scouts and military officers will continue to train in the older art of navigation. Reliance on any single technology is poor form in any situation where lives or significant property is involved.
Anonymous
Not cool, Russia!
Peter Sketchley
A modern twist on ‘moving heaven & earth”?
j karna
I lived under the Russian dictatorship in Eastern Europe and the Russians are like wolves, always looking for the weakest.
Do the same to Russia as they respect only an iron fist and they will capitulate.
anthonymaw (@anthonymaw)
Is this article referring to just the US C/A GPS signal? The US GPS P and newer M codes with their long keys were always supposed to be jam and spoof-proof.
Anonymous
exactly plus gallileo as well
John E Dunn
The report covers all civilian signals (including L1 C/A) but also those used by non-US satellite systems. This isn’t just about GPS.
Phil Tritschler
Electronic Countermeasure (ECM); Electronic Counter Countermeasure (ECCM); Electronic Counter Counter Countermeasure (ECCCM). The side with the most “C’s” wins!
Sam Varghese
I think you should be very careful of things that are sponsored by Palantir. I don’t think I need to specify why.
Dude with the red beard
This is an interesting post. This reminds me of an event that took place yesterday. I was attempting to use my GPS and my map showed me i was in a completely different area of the city. Tried another device and yielded incorrect results again. After several reboots both devices started working again. Is this coincidence or was i just having weird interference?
Paul Ducklin
Phones often guess at your location via other data (phone tower? Wi-Fi position?) until a GPS signal is received. This can take some time. My Garmin sometimes takes a couple of minutes to decide that it knows where I am and that is outside in the open air on a bicycle.
So you may see your position being off by a fair bit, or where you were last, for a while.
Marcos Rodriguez
Your article even mentions Crimea and Syria.
The detailed report mentions them.
Why doesn’t your headline???
AmitS
Hope IRNSS will not impacted…
Anonymous
1st April joke :)
Hello from Russia with ❤
csbcohen
My conclusion too
David Bennett
Do intercontinental ballistic missiles use GPS?
John E Dunn
Given that they’ve been around since the 1950’s, I’d imagine they depend on old-fashioned inertial guidance systems of the sort used by vintage jets. Cruise missiles famously use GPS but it’s the encrypted, high-accuracy military version not the commercial one discussed in this report.
Daedelus
With the introduction of automatic speed limiters on vehicles (one system relying on a GPS map of speed limits), this could have interesting effects.
All vehicles on East bound autobahns limited to 10km/hr, whilst West bound are unlimited?
Paul Ducklin
A weird change from the Cold War days when the big Soviet concern was people leaving the Union to get to the West :-)
Mahhn
ahhh, now it all makes sense. When people try to head West, it points them East.
Daedelus
I was more thinking of the style of cold war days when the fear was a Russian Blitzkrieg tank attack across the plains of Germany. In the very early stages being able to clog up east bound civilian traffic would slow down military traffic wanting to get to the “front”, whilst making it easy for the attckers to go westbound. It would take a while for the military to realise that (1) the emergency was real and (2) the clogged roads were no coincidence and they should cross the central reservation and risk going down the wrong carriageway!
Bruce
Thank you Russia for stress testing GPS. Please keep at it so we evolve a more robust and secure system. I’d rather be inconvenienced now than surprised during a major crisis. 😀
Mara Alexander
Hey Sophos, here’s a thought. Be careful of what news story you post on April 1st. I came back today expecting to see this was an April Fools day prank…
Paul Ducklin
So we should avoid posting anything true on 01 April in case people think it’s false? Sort like Fake News only… backwards?
WB
Their conclusion is that the world is likely entering an era when GNSS interference will become an everyday hazard,
Meanwhile, the world is entering an era of autonomous vehicles.
Emily A Smyder
I have noticed quite a bit of GPS snafu on and off but more of the sorts lately! I knew I was not that crazy being suspicious but no way to really prove my point! Excellent and Timely post, please follow up as often as possible! Techology42