GPS Spoofing and the Potential Perils to Ships at Sea

Dennis L. Bryant, Maritime Regulatroy Consulting
Friday, September 20, 2013

Simple annoyance or potential security threat?

Spoof is defined as “a hoax or swindle.”  In the world of electronic networks, a spoofing attack is a situation in which one program successfully masquerades as another by falsifying data and thereby gaining an improper advantage.  We have all heard of, and possibly fallen victim to, fraudulent card readers (often inserted on self-service fuel pumps).  The fraudulent card readers copy security information from the credit card, which is then used to clone an illegitimate credit card and incur improper charges on the victim’s credit card account.  Most spoofing has a financial object, but that is not always the case.
It is now possible to spoof Global Positioning System (GPS) and other space-based positioning, navigation, and timing (PNT) services.  To date (as far as can be determined), intentional GPS spoofing has been limited to research experiments to determine vulnerability.  Iranian officials, though, claim that they were able to acquire an American stealth surveillance drone in December 2011 by transmitting false signals to the drone.  The claim is almost certainly bogus, but impossible to totally disprove.


The reason that PNT receivers, such as the GPS receiver found on almost every commercial vessel in the world, are susceptible to spoofing is that the signal transmitted by the PNT satellite is of very low power.  It does not take much in the way of power from a fraudulent transmitter to overcome that signal.  The same is not true of a Loran signal, since it transmits at a much higher power level.  Unfortunately, there only a few places in the world where the Loran system remains in operation.  It is old technology, not as accurate or efficient as space-based PNT systems, but much more difficult to spoof or jam.
A GPS spoofing attack deceives a GPS receiver by broadcasting a slightly more powerful signal than the real signals, and structured to resemble a set of normal GPS signals. This can be complex because a GPS receiver is usually receiving low-power signals from three or four separate satellites.  Spoofing will become more complex in the future as next-generation GPS satellites broadcast more sophisticated signals.  The spoofed signals are modified so as to cause the receiver to determine its position to be in a determined location other than where it actually is.  Theoretically, this determined location could be anywhere on earth, below it, or above it (at least up to the level of the satellite orbits).  If the location determined by the spoofer is initially very far from the actual location of the GPS receiver, though, the users will quickly detect that something is wrong.  Therefore, it is necessary for the initial fraudulent location to be only slightly different from the actual location.  The spoofing signal then slowly increases the deviation from the actual location.  Many ships and aircraft operate much of the time on auto-pilot.  Making the GPS receiver incorrectly determine the position of the ship or aircraft will cause a change in the course of the ship or aircraft to get it back to the programmed trackline.  If the spoofing can be extended for a sufficient period, the ship or aircraft potentially can be taken far from its true trackline and destination.


In June 2013, a radio navigation research team from the University of Texas at Austin conducted a “proof-of-concept” demonstration on the 213-foot long luxury yacht White Rose in the Mediterranean Sea.  The purpose of the demonstration was to measure the difficulty of carrying out a spoofing attack at sea and to determine whether sensors on the vessel could identify the attack.  With the permission of the owner, members of the team boarded the yacht in Monaco en route Rhodes.  When the yacht was about 30 miles off southern Italy, they transmitted false GPS signals slightly stronger than the actual ones.  The signals were then modified to show that the yacht as slowly moving slightly to starboard.  The signal deviation was slowly increased so as not to arouse alarm.  The yacht, operating on auto-pilot, slowly adjusted its course to port to bring it to where the GPS receiver computed the yacht should be.  The yacht stayed on the fraudulent course for the duration of the experiment. 


One can correctly point out that spoofing to any significant extent can be detected by using an alternative means of determining one’s position.  In the real world, though, this is often not done.  We have become so reliant on GPS that we don’t question it. 
In 10 June 1995, the cruise ship Royal Majesty ran aground in what amounted to a case of accidental spoofing.  The ship was returning to Boston from a voyage to Bermuda.  At dinner, the master explained to the passenger at his table how groundings were a thing of the past because the ship was equipped with all the latest navigation equipment, including GPS.  Unbeknownst to the navigating team on the bridge, as the ship approached the Massachusetts coast, the wire connecting the GPS receiver (located in the chart room) with the GPS antenna came loose and disconnected.  Because loss of the GPS signal can occur for various reasons, such as there not being sufficient visible GPS satellites at the moment to obtain a position fix, the GPS receiver automatically switched to the dead reckoning mode.  When operating on dead reckoning, the GPS receiver activates a flashing red light.  As the receiver was located in the chart room, no one noticed.  Besides, the transition from ship’s actual position to an estimated position was gradual.  The ship continued for some miles on dead reckoning, but was pushed off its intended track by wind and currents.  No one noticed until a buoy was unexpectedly seen where there should not have been a buoy.  Unfortunately, the buoy marked the Rose and Crown Shoal near Nantucket Island.  The navigation team then checked the radar, the fathometer, and the Loran receiver.  They quickly determined that the ship was far off course.  Unfortunately, the grounding was unavoidable by that time.  Fortunately, it was a soft grounding, as these things go. 


The damage to the ship was relatively minor.  The Royal Majesty was refloated by tugs the next day and completed its voyage into Boston, with some hull plating deformation and a lot of embarrassment.  Things easily could have been much worse.
In the intervening years, most navigators have become more, rather than less, reliant on GPS.  Other space-based PNT systems are now available or coming on line soon, including the Russian GLONASS system and the European Galileo system, as well as ones under development by the Chinese and the Indians.  None of them are able to totally avoid vulnerability to spoofing because they all utilize relatively low power transmissions from orbiting satellites.  GPS is now fully integrated into electronic navigation charting and the Electronic Chart Display and Information System (ECDIS), as well as other shipboard systems.
In what I consider to be a short-sighted move, the United States shut down its Loran network several years ago, just as that technology was transitioning to the more sophisticated and less manpower-intensive electronic Loran (eLoran) system.  The United Kingdom has deployed a small eLoran network, but it is primarily effective only in the vicinity of the English Channel.  Until and unless a wide-scale earth-based system such as eLoran is available, ships and aircraft will be vulnerable to spoofing attacks.  The same vulnerability is present in unmanned vessels, aircraft, and vehicles.  Theoretically, a malicious actor could also use spoofing to alter the timing perception of a GPS receiver, giving the spoofer at least the possibility of disrupting the precise timing required to operate our increasingly interlinked financial, communications, and power grids. 
In 2001, the Volpe National Transportation Systems Center conducted a vulnerability assessment of transportation infrastructure relying on GPS.  Among its findings was the following: “As GPS further penetrates into the civil infrastructure, it becomes a tempting target that could be exploited by individuals, groups, or countries hostile to the United States. The potential for denying GPS service by jamming exists.  The potential for inducing a GPS receiver to produce misleading information [e.g., spoofing] exists.”  It should be noted that this study was completed 12 years ago, and little has improved in the interim.
The take-away here is that GPS and other satellite-based PNT services are susceptible to spoofing (intentional or accidental).  It behooves users of these systems to not rely exclusively thereon when making important navigational and operational decisions.

Dennis L. Bryant,
Maritime Regulatroy
Consulting, Gainsville, Fla.
t: 352-692-5493
e: dennis.l.bryant@gmail.com
 

(As published in the September 2013 edition of Maritime Reporter & Engineering News - www.marinelink.com)

  • Dennis L. Bryant,  Maritime Regulatroy  Consulting, Gainsville, Fla.

    Dennis L. Bryant, Maritime Regulatroy Consulting, Gainsville, Fla.

Maritime Reporter June 2014 Digital Edition
FREE Maritime Reporter Subscription
Latest Maritime News    rss feeds

Marine Electronics

Globecomm to Provide VSAT for PBJV Barge

Purpose-built accommodation and pipe-lay barge on charter to Petronas equipped with VSAT and L-Band services. Globecomm Maritime has been awarded a contract

VSTEP Wins Mexican Navy Simulator Contract

The Mexican Navy selected VSTEP to supply a Class A NAUTIS Full Mission Bridge (FMB) Simulator and 24 NAUTIS desktop trainer stations for the Naval Academy in Veracruz.

Raytheon Anschütz Debuts ShipGuard at SMM

In view of an increasing demand for security of merchant ships and maritime trade, Raytheon Anschütz, a German-based manufacturer of Integrated Bridge Systems,

Navigation

General Dynamics gets $25 mi GPS Contract from Lockheed Martin

General Dynamics Advanced Information Systems, a business unit of General Dynamics, was awarded a $25.4 million full-production contract from Lockheed Martin to support the U.

Raytheon Anschütz Debuts ShipGuard at SMM

In view of an increasing demand for security of merchant ships and maritime trade, Raytheon Anschütz, a German-based manufacturer of Integrated Bridge Systems,

House Subcommittee Hearing Highlights “Dismal State” of U.S. Icebreaking Capability

At the July 23, 2014, hearing of the House Subcommittee on Coast Guard and Maritime Transportation on “Implementing U.S. Policy in the Arctic” the committee chairman, Rep.

Maritime Security

The Martitime Security Focus Is Shifting

Former Vice-Admiral and Commander-in-chief of the German Navy Hans-Joachim Stricker, President of the German Maritime Institute (DMI), believes that in terms of

Crew of USCG Cutter Thetis to Return today

The crew of the Coast Guard Cutter Thetis, a 270-foot medium endurance cutter based out of Key West, Florida, is scheduled to return to homeport Tuesday at 11:45 a.

UN Throws the Book at North Korea Ship Operator

A U.N. Security Council committee on Monday blacklisted the operator of a North Korean ship, which was seized near the Panama Canal last year for smuggling Soviet-era arms,

Marine Equipment

Messer's CEO Norville Announces Retirement

Bill Heller to assume the position as Messer Cuttings Systems’ President and CEO Gary Norville started at Messer Cuttings Systems Inc. in September 1980 selling and installing cutting machines.

XtendFRESH Now Available from Carrier Transicold

The XtendFRESH atmosphere control system, which preserves quality and extends shipping distances for perishables shipped in refrigerated containers, is now available from Carrier Transicold.

Voith to Exhibit High Efficiency and DP Systems at SMM

At this year’s SMM in Hamburg, Voith will showcase propulsion systems and vessel concepts focusing on high efficiency and dynamic positioning even under challenging conditions.

Maritime Safety

Bollinger Fourchon: 13 Years Without a Lost Time Accident

Bollinger Shipyards, Inc. announced that their Bollinger Fourchon, L.L.C. facility has worked 13 years without a lost time accident. Building on a philosophy that starts at the top,

Charter Boat Crew Rescued in Gulf of Mexico

U.S. Coast Guard search and rescue crews worked throughout the night to find a missing charter boat with four people aboard as far as 70 miles off Galveston. A

Regulations Threaten Superyacht Innovation

To increase innovation within the superyacht industry, designers need to work with flag states, classification societies and naval architects to ensure regulations are workable, as said by experts.

Government Update

Iraq's Kurds Have Right to Sell Oil While Squeezed by Baghdad

Iraq's Kurdish region has the right to keep selling oil as long as the Baghdad government keeps cutting its budget, the head of the Kurdish parliament's energy committee said on Tuesday,

Russia, China May Develop Floating Nuclear Power Plants

Russia and the world's top energy user China may jointly develop six floating nuclear power plants (NPPs), Russia's nuclear export body said on Tuesday, a further

Update: U.S. to Seize Kurdish Oil from Tanker off Texas

U.S. authorities are set to seize a cargo of oil from Iraqi Kurdistan anchored off the Texas coast after a judge approved a request from Baghdad, raising the stakes

SatCom

Globecomm to Provide VSAT for PBJV Barge

Purpose-built accommodation and pipe-lay barge on charter to Petronas equipped with VSAT and L-Band services. Globecomm Maritime has been awarded a contract

LiveCom Selects iDirect Evolution to Enable Global Expansion

iDirect Asia Pte Ltd today announced that LiveCom Limited (“LiveCom”), a Hong Kong based ISP, has selected Evolution as the platform to help enterprise and government

MTN Lands Cruise Line SatCom Contracts

MTN Communications (MTN) says that three cruise operators around the world have selected the company for its passenger, crew, corporate communications and content services.

 
 
Maritime Careers / Shipboard Positions Maritime Standards Naval Architecture Offshore Oil Pipelines Pod Propulsion Port Authority Ship Repair Sonar Winch
rss | archive | history | articles | privacy | terms and conditions | contributors | top maritime news | about us | copyright | maritime magazines
maritime security news | shipbuilding news | maritime industry | shipping news | maritime reporting | workboats news | ship design | maritime business

Time taken: 0.2055 sec (5 req/sec)