Slashdot Mirror

← Back to Stories (view on slashdot.org)

College Students Hijack $80 Million Yacht With GPS Signal Spoofing

Posted by samzenpus on from the made-a-wrong-turn-in-albuquerque dept.

colinneagle writes "A team of students at the University of Texas at Austin built and successfully tested a custom GPS spoofing device to remotely redirect an $80 million yacht onto a different route. The project was completed with the permission of the yacht's owners in the Mediterranean Sea this past June. Because the yacht's crew relies entirely on GPS signal for direction, the students were able to lead the yacht onto a different course without the knowledge of anyone on-board. The GPS spoofing device essentially over-powered all other GPS signals using until the spoofed signal was the only one that the yacht followed. The team then used the GPS spoofing device to convince the ship's crew to redirect onto a different route voluntarily. By changing the signal on the spoofing device, the students led the crew to believe that the ship was drifting off-course to the left. In response, the crew steered the ship to the right, thinking that it would get the ship back on course, when it actually brought the ship off the course entirely."

17 of 140 comments (clear)

  1. Dupe by phizi0n · · Score: 4, Informative

    http://tech.slashdot.org/story/13/07/26/2344215/gps-spoofing-with-3000-worth-of-equipment-and-a-laptop

    1. Re:Dupe by ebno-10db · · Score: 2

      I was about to post that myself. A duplicate from Friday. Come on folks, if a couple of casual readers can immediately spot a duplicate post, can't the editors? This has gotten ridiculous.

    2. Re:Dupe by RedBear · · Score: 4, Interesting

      http://tech.slashdot.org/story/13/07/26/2344215/gps-spoofing-with-3000-worth-of-equipment-and-a-laptop

      It may be a dupe, but I distinctly remember reading post after post on that article from apparently knowledgeable people explaining in great detail how this whole "GPS spoofing" thing was supposedly nearly impossible or at least highly impractical. I am very much interested in having someone explain how these people have managed to accomplish something that is supposedly not doable.

      Seems to me this represents a valid threat to the safety of using civil GPS navigation systems, on land or at sea. Most of the posts on the previous article seemed to indicate that GPS is NOT threatened at all. I am unable to rectify these two opposing points of view without further input from knowledgeable people.

    3. Re:Dupe by Lumpy · · Score: 4, Informative

      It is taking advantage of a poor GPS antenna design. IF the GPS antenna was shielded from ground signals (it would also create a smaller circle of sky to see, but that is not a problem with the number of birds up there) this spoof would have failed unless they were in an aircraft above the yacht.

      --
      Do not look at laser with remaining good eye.
    4. Re:Dupe by tlhIngan · · Score: 4, Informative

      It may be a dupe, but I distinctly remember reading post after post on that article from apparently knowledgeable people explaining in great detail how this whole "GPS spoofing" thing was supposedly nearly impossible or at least highly impractical. I am very much interested in having someone explain how these people have managed to accomplish something that is supposedly not doable.

      Seems to me this represents a valid threat to the safety of using civil GPS navigation systems, on land or at sea. Most of the posts on the previous article seemed to indicate that GPS is NOT threatened at all. I am unable to rectify these two opposing points of view without further input from knowledgeable people.

      Except well, you have to override the receiver of all satellites it can see. Like here, they had to overpower the GPS satellites (it's not hard), but they also had to maintain the lock.

      It's a lot more difficult If you want to misdirect a whole fleet of vehicles because the satellite signal has to follow everyone and in a sensible fashion. If you really wanted to take down GPS, it's far easier to just do a blanket jamming of it than to try to follow each and every vehicle you want to misdirect and aim the antenna at them.

      GPS works by sending a timing pulse from the satellite to the ground - the receiver gets 3 or 4 of these timing pulses, correlates them to figure out how far each satellite is and then uses the spheres to find its location. Each receiver should generally come to a unique solution for position (because well, no two objects can occupy the same space).

      If you broadcast this fake signal out, eventually someone will notice when their GPS suddenly gets a fix hundreds of meters away from them (each unit gets a slightly different signal from the satellite - when they all get the same signal, they all show the same location,). So it works great if you're in a fleet of trucks following some route, but if you're a bit further spaced out, the solution doesn't work so well and each will need its own antenna and transmitter to come up with plausible location information.

      And that's the problem - it doesn't scale. The technique works if you want to misdirect a ship, a drone, a plane, or whatever, but to misdirect multiple requires multiple transmitters in order to send plausible yet fake data to each individual unit. It still is far easier to simply broadcast garbage on the GPS band so no GPS receiver can get a lock.

  2. They did this in tomorrow never dies by Joe_Dragon · · Score: 2

    and that was a step up to the military ones.

    1. Re:They did this in tomorrow never dies by Anubis_Ascended · · Score: 2

      Was just about to post this *shakes tiny fist*

  3. Well, Duh! by zmollusc · · Score: 5, Funny

    Of course you can spoof wireless signals, that is why I ran cat6 to my GPS sats. Even if a solar EMP thing destroys the circuitry I can get a pretty good approximation from the slack in the cable.

    --
    They whose government reduces their essential liberties for temporary security, receive neither liberty nor security.
  4. Re:No... by maliqua · · Score: 3, Informative

    sure you can they clearly state the crew was unaware that its course was being altered by them, by that logic no controlled experiment can ever be considered a success

    also this is a re-post from last week c'mon /. pay attention

  5. Re:No... by Anonymous Coward · · Score: 2

    I'd imagine there's a difference between the owner and the crew when it's an 80 million dollar yacht...

  6. Re:dangerous and illegal by pla · · Score: 2

    Difficult to believe they committed so many dangerous crimes and are bragging about it

    Care to name a few? Specifically?

    Keep in mind they didn't physically disable the ship's controls, they just lied to it about its current location. The crew on board still had every possible means available to them to maneuver the ship away from any threats that may have appeared.


    "permission from the owner" (who apparently was not even aboard) does nothing to mitigate this.

    Of course it does! He, and only he, gets to decide where his boat should go next. And the very fact of his involvement mitigates most of your mythical "dangerous" argument, since presumably the owner wouldn't have let them redirect it over, say, a giant rock just below the surface. Or into pirate-filled Somalian waters. Or across national boundaries that might get them into a pissing contest with various countries over imaginary lines on the map.


    Perhaps more to the point - You can't trust GPS to get you to your destination. Period. This story demonstrates an active attack on that, but the crew of any vehicle always needs to have a backup plan available at a moment's notice. If you really want to point fingers here, try the ship's navigator who somehow failed to notice that reality didn't match his charts.

  7. Always use multiple sources of information by Billy+the+Mountain · · Score: 2

    Not a skipper, but I do fly. If I was on the bridge, at some point I would have noticed that the Magnetic compass heading was not matching the GPS heading.

    There are many different GPS-like systems available now. Glonass is the Russian version and has been available for a long time. Also the EU has Galileo coming on line real soon now. Also heard about both China and India developing their own. Units that can rely on multiple sources would definitely be harder to spoof.

    If you feared that you were under GPS spoof attack while using the GPS on your phone, you could fairly easily detect this by writing an app that compares the GPS heading with your magnetic heading.

    --
    That was the turning point of my life--I went from negative zero to positive zero.
  8. Re:dangerous and illegal by shipofgold · · Score: 4, Insightful

    Perhaps more to the point - You can't trust GPS to get you to your destination. Period. This story demonstrates an active attack on that, but the crew of any vehicle always needs to have a backup plan available at a moment's notice. If you really want to point fingers here, try the ship's navigator who somehow failed to notice that reality didn't match his charts.

    The scary bit is whether the navigator even knows how to read charts any more. Or do dead reckoning or celestial navigation.

    The transportation industry is relying more and more on technology and less on human knowlege to get from point A to point B. GPS, Airline Autopilots and Instrument Landing Systems, train automation are all making significant in-roads to the point that the humans on board are just blindly trusting it.

    I foresee the auto industry going in the same direction. I tease my kids that their kids will not know how to drive a car. Indeed my kids have never looked at a paper map.

  9. Time for a revision to L2C, L1C & L5 messages by tibit · · Score: 2

    I think it's time for a revision to the L2C, L1C and L5 civilian GPS specifications. Right now all signals, if/when present (some are at demo stage only), transmit a default message with no navigational data. It seems to me that messages on those signals should use public cryptography techniques to verify the authenticity and integrity of navigational data. It is feasible to do so, since L2C, L5 and L1C all use a packetized format and to-spec receivers must ignore unknown packets. Thus a cryptographic signature packet can be added in a fully backwards-compatible fashion. Properly done, this prevents spoofing of the navigational data, including preventing replay attacks. It should be sufficient to pretty much end spoofing once and for all.

    --
    A successful API design takes a mixture of software design and pedagogy.
  10. Poor seamanship by n0w0rries · · Score: 2

    Any helmsman worth his salt would have noticed a change in the direction of the swell, the sun, moon, stars, compass, so I would say the crew was not standing a good watch if they weren't properly observing their environment.

  11. Re:Time for a revision to L2C, L1C & L5 messag by WaffleMonster · · Score: 2

    I think it's time for a revision to the L2C, L1C and L5 civilian GPS specifications.
    It seems to me that messages on those signals should use public cryptography techniques to verify the authenticity and integrity of navigational data. ...
    It should be sufficient to pretty much end spoofing once and for all.

    You don't need to be able to generate false signals to defeat GPS. Fixes are based on time of flight of signals. Simply altering propogation delay is sufficient.

  12. The bridge crew should be replaced by TrentTheThief · · Score: 2

    Yes, the crew followed the GPS, like good little auomatons. But being a sailor, especially a navigator or quartermaster is more than just reading a GPS.

    If the bridge crew is not competent enough to read a compass nor experienced enough to look at the sky and realize that something was wrong, they shouldn't be entrusted to control anything more experienced than a dinghy. There's this really cool gadget that, with a little work, tells you almost exactly where you are at. It's called a sextant. Put that together with a decent clock and there's no reason to be sailing in the wrong direction.