Russia accused of massive GPS spoofing campaign

Russia has been conducting a major campaign to experimentally hijack signals sent by Global Navigation Satellite Systems (GNSS) systems such as GPS, researchers have claimed in a detailed report.

Technically, GNSS spoofing (as opposed to simpler jamming) is an attempt to send false positional signals to a receiver using global satellite networks such as the US GPS, China’s Beidou, Russia’s GLONASS, and Europe’s Galileo.

In recent years, there have been a flurry of small-scale reports of spoofing plus one major incident in the Black Sea in 2013 when at least 20 ships reported positioning anomalies blamed on the phenomenon.

What the team at the Center for Advanced Defense (C4ADS) has uncovered is the first confirmed example of a nation using this technique on a large scale.

The evidence emerged after the team spent a year crunching satellite data gathered by the International Space Station (ISS), detecting 9,883 suspected spoofing incidents at 10 global locations connected to its military, including Crimea, Syria, and the Russian Federation.

Since February 2016, this resulted in 1,311 civilian ships being fed the wrong positional coordinates from a range of civilian satellite networks.

Even when the attacks are noticed and corrected the effect is that of a nuisance denial-of-service on targets which are forced to fall back on older, less convenient systems. Says the report:

In effect, Russian forces now have the capability to create large GNSS denial-of-service spoofing environments, all without directly targeting a single GNSS satellite.

Another apparently routine if slightly From Russia With Love application of is to block the tracking of politicians, with numerous reports of “a close correlation between movements of the Russian head of state and GNSS spoofing events.” This suggested the development of mobile jamming units.

The researchers also found previously unreported evidence of GNSS interference near Russian military activity that represented a danger to civilian airliners using the same airspace.

The wider threat

Because the technology to carry out spoofing attacks is now so cheap, GNSS spoofing is unlikely to be the preserve of Russia for long and is now within the grasp of small groups and perhaps even lone wolves, the researchers say.

Meanwhile, because GNSS technology is now widespread in sectors such as energy, financial telematics, policing, and transport, there is no shortage of economic significant targets to aim at.

State and non-state actors engaged in illicit activity continue to show the lengths to which they are willing to go in order to both conduct and conceal their operations.

Their conclusion is that the world is likely entering an era when GNSS interference will become an everyday hazard, which sounds a bit alarming.

The counter view is that they’re easy targets and that not enough effort has been made to come up with ways of defending GNSS systems. The good news is that it’s not that hard to detect spoofing with the right technology, nor work out who might be doing it. For instance:

The collaboration between C4ADS and UT Austin researchers shows how GNSS receivers based on low-Earth-orbit satellites can be used to detect and geolocate interference signals worldwide.

However, it’s still the case that not enough people are paying attention to the problem or doing this kind of research. Perhaps publicity over the alleged Russian programme will achieve what expert opinion has so far failed to.