Suspected mass-spoofing of ships’ GPS in the Black Sea

Imagine alarms ringing out on more than 20 ships located near the Russian port of Novorossiysk in the Black Sea, as their GPS systems suddenly gave them false readings, placing some inland, some at airports, blinking back and forth between accurate positions and pure fiction.

This type of GPS spoofing has been done before, but the incident in the Black Sea, which happened in June, appears to be the first well-documented account of mass-spoofing happening outside the confines of a university experiment.

Four years ago, students using a blue box about the size of a briefcase showed us it was possible to fool the GPS navigation system of an $80 million super-yacht. Their spoofing device – cobbled together for about $1000 – sent counterfeit signals that slowly, subtly overpowered the authentic GPS signals until the ship ultimately came under their control.

Under the direction of University of Texas/Cockrell School of Engineering Assistant Professor Todd Humphreys, the yacht takeover – along with the school’s hijacking of a drone a year earlier – were both designed to shed light on the perils of navigation attacks, serving as evidence that spoofing is a serious threat to marine vessels and other forms of transportation.

Now, with what looks to be real-world spoofing of ships in the Black Sea, Humphreys’ warnings seem prescient.

According to the Norwegian news outlet NRK, the spoofing attack was first reported by Maritime Executive.

Maritime Executive picked up on an unconfirmed report of GPS interference in the Black Sea, posted by the US Dept. of Transportation’s Maritime Administration (MARAD) on 22 June.

This is the report made from one of those ships to the US Coast Guard Navigation Center:

GPS equipment unable to obtain GPS signal intermittently since nearing coast of Novorossiysk, Russia. Now displays HDOP 0.8 accuracy within 100m, but given location is actually 25 nautical miles off…

In fact, the ship’s navigation system reported that it was on land, close to an airport in the Russian city of Gelendzhik. Within a few days, over 20 ships, all in the same area, had reported similar anomalies.

According to Dana Goward, the president of the Resilient Navigation and Timing (RNT) Foundation – a non-profit which, in part, monitors GPS incidents – this wasn’t an isolated incident, though it is the first well-documented account of mass GPS spoofing:

The RNT Foundation has received numerous anecdotal reports of maritime problems with the automatic identification system (AIS), a tracking system used for collision avoidance on ships, and with GPS in Russian waters, though this is the first well-documented public account.

GPS signals going awry near the Kremlin is a well-known phenomenon.

NRK Moscow correspondent Morten Jentoft has posted a short video demonstrating that when he’s near the Kremlin, his cell phone shows that his location has been spoofed to be at an airport that’s over 40 kilometers away (to see English subtitles click on Subtitles/closed captions). Others reportedly claim similar GPS glitches near President Vladimir Putin’s residence at the Black Sea.

GPS is crucial for many applications. The Global Positioning System’s 24 satellites beam down a radio signal to feed positioning information to all manner of vehicles and devices from our phones, to our drones, and to the navigation systems on ships. Those satellites fly in medium Earth orbit, which is more than 20,000 kilometers (12,550 miles) above the planet’s surface. That distance makes the GPS signal strength quite low by the time it reaches the Earth. Given how weak the signal is, it’s not hard to overpower them with stronger signals sent from a hacker’s rig that’s nearer the target.

Since Humphreys’ graduate students spoofed the yacht’s GPS with their $1000 homemade kit, spoofers have gotten a whole lot cheaper. You can ruin a game of Pokémon Go with a HackRF One, for example, for less than $300. It can transmit on frequencies between 1 MHz and 6 GHz, which covers most of the modern radio spectrum, including the frequency used by GPS.

In 2015, fully cognizant of the ease of GPS spoofing, the US Naval Academy opted to reinstate instruction of celestial navigation – that is, navigating by the stars – for the first time in 10 years.

Wired talked to one of the captains of a ship involved in the Black Sea mass-GPS spoofing. Fortunately, he said, his ship can survive without GPS, as it has backup navigation. When the ship’s systems went offline, Gurvan Le Meur told Wired, he relied on radar and dead reckoning.

Le Meur says that every time his ship returns to the same area, his GPS once again gets disrupted. Nowadays, his crew just turns it off on arrival so they don’t have to listen to the alarms.

But for any ships relying solely on GPS, operating on auto-pilot or in conditions that make other forms of navigation difficult, GPS-spoofing can mean they’re literally stumbling around in the dark.

Some experts have interpreted the incident as an intentional attack.


What this case shows us is there are entities out there that are willing and eager to disrupt satellite navigation systems for whatever reason and they can do it over a fairly large area and in a sophisticated way. They’re not just broadcasting a stronger signal and denying service this is worse they’re providing hazardously misleading information.