The Russians are screwing with the GPS system to send bogus navigation data to thousands of ships, think tank claims
The Russians have started hacking into the global navigation satellite system (GNSS) on a mass scale in order to confuse thousands of ships and airplanes about where they are, according to a study of false GNSS signals by C4AD
On May 15, 2018, under a sunny sky, Russian President Vladimir Putin drove a bright orange truck in a convoy of construction vehicles for the opening of the Kerch Bridge from Russia to Crimea. At 11 miles long, it is now the longest bridge in either Europe or Russia.
As Putin drove across the bridge, something weird happened. The satellite navigation systems in the control rooms of more than 24 ships anchored nearby suddenly started displaying false information about their location. Their GPS systems told their captains they were anchored more than 65 kilometers away — on land, at the Anapa Airport.
This was not a random glitch, according to the Centre for Advanced Defense, a security think tank. It was a deliberate plan to make it difficult for anyone nearby to track or navigate around the presence of Putin, C4AD says.
Putin drives a Kamaz truck at the opening of the Kerch Bridge in 2018. Hackers partially disabled nearby ships' navigation systems during the event(Reuters/ Alexander Nemenov)
“All critical national infrastructures rely on GNSS to some extent” — and the Russians have started hacking it
The Russians have started hacking into the global navigation satellite system (GNSS) on a mass scale in order to confuse thousands of ships and airplanes about where they are, according to a study of false GNSS signals by C4AD.
GNSS comprises the constellation of international satellites that orbit the earth. The US's Global Positioning System (GPS), China's Beidou, Russia's GLONASS, and Europe's Galileo program are all part of GNSS.
Your phone, law enforcement, shipping, airlines, and power stations — anything dependent on GPS time and location synchronization — are all vulnerable to GNSS hacking. “All critical national infrastructures rely on GNSS to some extent, with Communications, Emergency Services, Finance, and Transport identified as particularly intensive users,” according to a report commissioned by the UK Space Agency. An attack that disabled GNSS in Britain would cost about £1 billion every day the system was down, the report said.
The jamming, blocking, or spoofing of GNSS signals by the Russian government is “more indiscriminate and persistent, larger in scope, and more geographically diverse than previous public reporting suggested,” according to the Weekly Intelligence Summary from Digital Shadows, a cyber security monitoring service.
This diagram shows GPS signals for a ship jumping around between the accurate location at sea and a false location at a nearby airport(C4AD)
Nearly 10,000 incidents of ships being sent bad location data
The C4AD study says:
- 1,311 civilian ships have been affected.
- 9,883 incidents were reported or detected.
Until the last couple of years, C4AD believed the Russians used GNSS jamming or spoofing mostly to disguise the whereabouts of President Putin.
For instance, a large area over Cape Idokopas, near Gelendzhik on the Black Sea coast of Russia, appears to be within a permanent GNSS spoofing zone. The cape is believed to be Putin's summer home, or dacha. It contains a vast and lavish private residence: “a large Italianate palace, several helicopter pads, an amphitheater, and a small port,” C4AD says. It is the only private home in Russia that enjoys the same level of airspace protection and GNSS interference as the Kremlin.
C4AD believes Putin's summer “dacha” is protected by a permanent GNSS spoofing zone.(C4AD)
“Russian forces had developed mobile GNSS jamming units to provide protection for the Russian president”
“The geographical placement of the spoofing incidents closely aligns with places where Vladimir Putin was making overseas and domestic visits, suggesting that Russian forces had developed mobile GNSS jamming units to provide protection for the Russian president. The incidents also align with the locations of Russian military and government resources. Although in some areas the motive was likely to restrict access to or obstruct foreign military,” according to Digital Shadows.
Ships sailing near Gelendzhik have reported receiving bogus navigation data on their satellite systems. “In June 2017, the captain of the merchant vessel Atria provided direct evidence of GNSS spoofing activities off the coast of Gelendzhik, Russia, when the vessel's on-board navigation systems indicated it was located in the middle of the Gelendzhik Airport, about 20km away. More than two dozen other vessels reported similar disruptions in the region on that day,” C4AD says.
Putin addresses workers at the Kerch Bridge opening ceremony(Reuters/ Alexander Nemenov)
An $80 million superyacht was sent off-course by a device the size of a briefcase
Most of the incidents have been recorded in Crimea, the Black Sea, Syria, and Russia.
Perhaps more disturbingly, GNSS spoofing equipment is available to almost anyone, for just a few hundred dollars.
“In the summer of 2013, a research team from The University of Texas at Austin (UT) successfully hijacked the GPS navigation systems onboard an $80 million superyacht using a $2,000 device the size of a small briefcase. The experimental attack forced the ship's navigation systems to relay false positioning information to the vessel's captain, who subsequently made slight course corrections to keep the ship seemingly on track,” C4AD reported.
Since then the cost of a GNSS spoofing device has fallen to about $300, C4AD says, and some people have been using them to cheat at Pokemon Go.
Read more from Business Insider:
- One of the West's biggest cybersecurity vulnerabilities is our idiotic habit of sending servers full of sensitive information to foreign countries
- Someone is trying to take entire countries offline and cybersecurity experts say 'it's a matter of time because it's really easy'
- Trump labeled Iran's most powerful military branch a terrorist group, and it's ready to strike back
- Hackers posted personnel information of hundreds of federal agents and police officers online
- An Assange supporter in Ecuador has been arrested over an alleged plot to blackmail the president