Global Navigation Satellite System (GNSS) spoofing is a cybersecurity attack that provides fake position, navigation, and time (PNT) information. A GNSS spoofing attack is easy and inexpensive to create, and a hacker can take control of a GNSS receiver remotely and usually without detection. Also, it can influence critical functions, such as time-sync, speed control, steering, navigation, location, privacy, and more.
Spoofing attacks can produce conflicting data and incorrect system actions. Some failures can create time-sync position and velocity, and fleet-level and telematics problems. Automotive, aviation, and maritime spoofing may confuse the person or crew steering and cause deliberate misdirection, inconvenience, delays, accidents, damages, and jeopardize cargo and lives.
Recently, I talked with Roi Mit, CMO of Regulus Cyber, to learn more about the spoofing situation.
Regulus provides GNSS spoofing detection and protection to organizations requiring location reliability.
What’s behind GPS location spoofing and are there any recent example of these attacks?
The GPS system is an open signal without any encryption. This means any hacker can easily record and transmit this signal. This is true for all types of telecom technologies, including smartphones. GPS spoofing has occurred multiple times already. Some attacks are mobile-related, including spoofing used by UBER drivers to trick the app. A 2017 incident in a Miami conference affected all of the phones. Teenagers can even spoof their phones for Pokémon Go.
How does spoofing work and what are the incentives for it?
The spoofing signal is transmitting a fake satellite signal with more power than the one coming from space, essentially overpowering the real signal. This means that GPS location information can be controlled by a hacker. The typical device used to perform spoofing attacks is an SDR (software-defined radio).
As in any cyberattack, there are multiple incentives, both financial and criminal. Motives for hacking GPS include fun (cheating at Pokémon Go, a location-based game), an alibi (spoofing a mobile phone to change evidence), theft (spoofing a ride-sharing app to catch rides out of your reach), kidnap (spoofing a VIP\celebrity phone, so they can't be tracked), and terror (spoofing multiple vehicles causing a mass accident).
What industries/applications depend on GPS locations?
A major part of our economy depends on GPS, with billions of satellite-connected devices across multiple industries using GPS for timing and location. These industries include consumer solutions, road, manned aviation, drones, maritime, emergency response, rail, agriculture, geomatics, and critical infrastructure. It’s estimated that one day without GNSS would cost the economy one billion dollars per day.
Mobile phones are a huge part of the GPS economy, as it serves as our main point of connection satellite location services, and the entire business model of location-based services and ride-sharing apps depends on on-location services.
How does spoofing affect law enforcement, first responders, medical services, fire fighters, and military users?
Law enforcement and other emergency agencies are using GPS and location services to receive real-time location information following an incident to make it directly to the scene. For example, in Europe, every car is equipped with a GPS transceiver transmitting the real-time location when an accident occurs. The military uses GPS for guided weaponry, tactical navigation, and command and control functions.
What are the liabilities when spoofing occurs?
Any sales and marketing organization that depends on GPS for location-based services (LBS), including ride-sharing (UBER, Lyft, etc.) and advertising (Google maps and Waze), can experience financial and reputational damage when the location data isn’t correct. Incorrect location data can even cause physical damages, leading to lawsuits.
Is this a design or standards issue and is there any way to prevent attacks?
GPS has a built-in vulnerability that existed since the 1980's design of the GPS system. It’s an inevitable issue since GPS is meant to be shared and used by all civilian systems, but at the same time; it makes the signal exposed and vulnerable. GPS receivers can be protected by adding another layer, a form of firewall, which authenticates the signal and ensures that the incoming signal is legitimate.
