Russia Suspected In GPS-Spoofing Attacks On Ships

How did a 37-ton tanker suddenly vanish from GPS off the coast of Russia? AmiMoJo shares a report from Wired: The ship's systems located it 25 to 30 miles away -- at Gelendzhik airport... The Atria wasn't the only ship affected by the problem... At the time, Atria's AIS system showed around 20 to 25 large boats were also marooned at Gelendzhik airport. Worried about the situation, captain Le Meur radioed the ships. The responses all confirmed the same thing: something, or someone, was meddling with the their GPS...

After trawling through AIS data from recent years, evidence of spoofing becomes clear. GPS data has placed ships at three different airports and there have been other interesting anomalies. "We would find very large oil tankers who could travel at the maximum speed at 15 knots," said a former director for Marine Transportation Systems at the U.S. Coast Guard. "Their AIS, which is powered by GPS, would be saying they had sped up to 60 to 65 knots for an hour and then suddenly stopped. They had done that several times"...

"It looks like a sophisticated attack, by somebody who knew what they were doing and were just testing the system..." says Lukasz Bonenberg from the University of Nottingham's Geospatial Institute. "You basically need to have atomic level clocks."
The U.S. Maritime Administration confirms 20 ships have been affected -- all traveling in the Black Sea -- though a U.S. Coast Guard representative "refused to comment on the incident, saying any GPS disruption that warranted further investigation would be passed onto the Department of Defence." But the captain of the 37-ton tanker already has his own suspicions. "It looks like the Russians define an area where they don't want the GPS to apply."

GPS Spoofing

[iggymanz]

It's all fun and games until a ship runs aground or collides with something, and an eye gets poked out

Re: GPS Spoofing

[bestweasel]

They thought they were in the Mediterranean but something was wrong with their GPS.

Re:GPS Spoofing

[Hognoxious]

Given that the first thing the Russians would do in an actual war would be to take out the GPS satellites I suspect there's an inertial and possibly a visual b@7;'[[*&)>..
no carrier

Re: GPS Spoofing

[Type44Q]

These days only in name.

Re: GPS Spoofing

Incorrect, the ottoman Empire handed Crimea over in 1783, and Crimea was a separate SSR from 21 to 45, then part of the Russian SSR from 45 to 54, then a part of the Ukrainian SSR from 54 to 91, and then a part of an independent Ukraine from 91 to 2014.

So. Try to keep up!

Re: GPS Spoofing

what is more democratic than 99%.

letting the other 80% vote too?

Re: GPS Spoofing

[cheesybagel]

Nice excuse. Military vessels are supposed to have radar you know? What if they had to, shudder, fight an actual war where the enemy doesn't have their GPS transponder on to begin with?

Re: GPS Spoofing

[Plumpaquatsch]

99% of their population voted to stay with Russia. So now you can just fuck off, if you aren't a Crimean resident. Democratic election is what American regime claims it is spreading throughout the world, what is more democratic than 99%.

00% of Chechnya's population wants independence - and Russia gives a shit about that. Fuck Putin.

Re: GPS Spoofing

[gotan]

Why? Because it happened at sea?

For the Fitzgerald accident there is consistent AIS data that indicates that the freighter sent correct GPS positions. Also we don't see any ships in the vicinity being affected, their AIS-Data (in effect their position based on the GPS-data they received) should show anomalies if their GPS was affected by a spoofing attack.

In addition the US-Navy doesn't use civilian GPS, it's questionable that their GPS-based-systems can be spoofed as easily. Also they should have redundant positioning systems (it is well known that GPS can be jammed, so it'd be foolish to have warships entirely relying on that, even normal ships should have redundant positioning systems). If the GPS-position deviates significantly from other positioning or is simply inconsistent with the current course that should raise massive warnings (on civilian ships it does). Finally the Navy personnel should have seen the other ship visually and on radar.

Re: GPS Spoofing

[Gryle]

I'm assuming you're referring to the 2002 Millennium Challenge Exercise. The popular accounts are incredibly one-sided (Malcolm Gladwell is a particular offender here) and ignore that many aspects of the war-game were unrealistic. For example, the red team leader, Van Riper, had small boats firing missiles that were physically beyond the capability of the boat to carry and having those same boats move as if they were unencumbered. While there is a lot to be learned from the reports of the exercise, it's not as bad as many people make it out to be.

Source: Conversations with a participant of MC02.

Time to add encryption to civilian GPS?

[Baron_Yam]

The US military already encrypts GPS for themselves - it can still be jammed, but it can't be spoofed.

Maybe it's time encryption was applied to civilian GPS as well. It's not like consumer electronics don't have the capability to handle the decryption, and it's not like you'd have to use the same keys as military GPS.

Re:Time to add encryption to civilian GPS?

[Nutria]

it can still be jammed

That's why the USN has started teaching Old School navigation methods again.

Re:Time to add encryption to civilian GPS?

[MightyMartian]

Welcome to the age of electronic warfare, where sextants and typewriters may be brought out of mothballs before it's all said and done.

Re:Time to add encryption to civilian GPS?

[Nutria]

where sextants and typewriters may be brought out of mothballs before it's all said and done.

I think the Russians have already done that.

Re: Time to add encryption to civilian GPS?

Wrong. Russia already spoofs GPS signals around Moscow to make it look like you're at the airport - sounds a lot like this. You can google the Moscow GPS events if you want.

Re:Time to add encryption to civilian GPS?

[ctilsie242]

Encryption wouldn't be needed, but signing would be important. However, how does one offer this? An encrypted stream takes very little overhead to keep going with, because block and stream ciphers are very efficient. However, plaintext signing is a different ball game together. How do you sign a stream?

Re:Time to add encryption to civilian GPS?

[mbone]

The US military already encrypts GPS for themselves - it can still be jammed, but it can't be spoofed.

Of course it can be spoofed ("meaconned"), even if you assume that the encryption cannot be cracked. An attacker can receive the satellite signal and retransmit it. This signal will arrive at the target late, but it will still be valid - of course the attacker has to manipulate power / jamming etc to convince the receiver that the meacon signal is the valid one. You can be sure much thought has been given to this topic.

The particular attacks in the original post appear to be related to protecting Putin. I doubt the military attacks get rolled out for such a simple purpose.

Re:Time to add encryption to civilian GPS?

[MountainLogic]

There is indeed a separate higher resolution encrypted feed for the military. Encrypting for civilian channel use is very impractical as many many devices lack the ability to update keys (no network connection). Encryption also burn clocks and batteries. With billions of devices being made all over the world by thousands of manufacturers keeping the keys private is unrealistic. Further with only one global key to crack by state supported entities it would not last long. (yes, the old /. meme of "imagine a Beowulf cluster" does apply here).

Re:Time to add encryption to civilian GPS?

[fahrbot-bot]

it can still be jammed

That's why the USN has started teaching Old School navigation methods again.

How old school? Sextants, paper and pencil or "Alexa? ..."

Re: Time to add encryption to civilian GPS?

[msauve]

"If you did with a spoofed signal, you'd need a rather powerful antenna given the range"

So, you'd need something more powerful than the 26 W a GPS satellite transmitter puts out from 21000 km away? Wow, that's a lot. <rolleyes>

Re: Time to add encryption to civilian GPS?

[Hognoxious]

Russians have their own "GPS" and thus no need to spoof it, especially not in Russian territory.

Eh? The point of spoofing it is to deny the enemy the use of it.

It makes as much sense to say "Russians have their own submarines/bombers and thus no need to sink/shoot down the US ones".

Re:Time to add encryption to civilian GPS?

[Xylantiel]

As another poster says, what's needed is signing (authenticity verification) not encryption. I agree that this would be pretty difficult for devices that can't update, but it seems like it would be possible to periodically publish a public key that allows some sort of authenticity check for systems that can receive regular updates to this key. Though even then I'm unsure if one could defend against re-transmission attacks that do not alter the signals, just re-transmit certain ones with a carefully chosen delay. But it seems like it would be possible to build a receiver that could detect attacks without signing. If the signal is too strong for the reported location of the satellite, then something is very wrong. Since an attacker can't override a signal with a similar strength signal, this would make it possible to jam but not spoof. Though it may be that the signal strength cannot be computed with this much accuracy, or possibly not without a lot of information (weather) and computing power.

Re:Time to add encryption to civilian GPS?

[chihowa]

What you're describing was Selective Availability and is no longer in use. What the GP was describing is the P(Y)-code, which is an encrypted PRN. All of this information is readily available these days and there's no need to rely on impressions.

37-ton tanker ?

[tomhath]

Nice proofreading. That's not even a big truck. The article says 37000 ton

Re:37-ton tanker ?

[AmiMoJo]

TFA says "tonnes". Maybe we should just use gigagrammes for clarity.

sophistication

[phantomfive]

These attacks have been known for a while, and are not hard at all. All you need is a radio that is stronger than the GPS signal. It's been demonstrated multiple times at DEFCON, and there are youtube videos that show you how to do it with a hackrf radio (for example, if you want to move to a particular place while playing Pokemon Go).

Wikipedia suggests that Russia spoofs GPS whenever Putin is in the area.

Re:sophistication

[93+Escort+Wagon]

Wikipedia suggests that Russia spoofs GPS whenever Putin is in the area.

No! No hack, no spoof. Putin Strong, like bull. Forceful personality warps space around him. West just jealous they not have such leader.

Re:sophistication

[sysrammer]

"Our great leader has a furry alien parasite on his head"
That's the trouble with Tribbles.

AIS or GPS?

[Known+Nutter]

Are we spoofing GPS here, or are we spoofing AIS? Just so we're clear... GPS is obviously GPS, but the summary seems to conflate GPS and AIS. AIS is a terrestrial based VHF system which takes GPS data from individual ships adds identifiers and transmits it to anyone who cares to listen, which usually means other ships and shore-side receivers. It sounds to me like it is AIS that is being spoofed -- which would be trivial compared to GPS.

Keep in mind that AIS is just one of several redundant systems which ships use to navigate waterways and track positions of nearby vessels.

No investigation has indicated suspicions that Russia did anything. The only one who suspects Russia is one captain of a tanker ship.

Re:AIS or GPS?

[Solandri]

Yeah, I monitor AIS to help decide where to take my boat fishing (track where the charter sportfishing boats are going). It's fairly common to see glitches in AIS tracks. Ships traveling at warp speed are pretty frequent too. My guess is AIS glitches and reports the same GPS position for a while (as if the ship is stationary). Then all of a sudden it reports the correct location and it looks like the ship has traveled at high speed to the new location.

Re:AIS or GPS?

[laughingskeptic]

The article clearly states that it is the GPS position that is being tampered with. AIS is the means by which the positions are reported, it is not the system for determining positions. These ships are reporting bad positions that they are getting from their GPS systems. The ship captains seem to be aware that their GPS positions are incorrect. As I type this the ship KAREEM JUNIOR is reporting that it is sitting on land at the Gelendzhik airport ( https://www.marinetraffic.com/... ). Before it jumped onto land it's reported path zig-zagged at sea off the Russian port of Tuapse. The link I provided will show any other ships that find themselves reporting positions at the Gelendzhik airport in the future.

Want an overview of Russian government?

[Futurepower(R)]

Mod parent up!

If you want an overview of the degradation of the Russian government, I suggest this book: The New Tsar: The Rise and Reign of Vladimir Putin, by Steven Lee Myers (2015)

For those who want an overview of the degradation of the U.S. government, can you recommend a book?

Why airports?

[blindseer]

Anyone else notice a pattern? It seems that when the signals are spoofed the reported location is at an airport. Why would that be?

Is this to protect the airport? For example, a GPS guided bomb dropped on the airport would think it is on target when in fact it is 30 miles out from shore. Is it to protect other targets? They'd be willing to go sacrificing the airport (presumably a low occupancy area with few buildings, most of the area being runways and such) instead of a higher value target.

Maybe it's just that an airport is a convenient place to hide the equipment and the device is re-transmitting it's own location to get around the problems of having to decode and re-encode the GPS signals.

Maybe I'm seeing a pattern that isn't there.