- GPS spoofing threat was pushed higher up the global news agenda, when more than 20 vessels in the Black Sea reported AIS traces erroneous in 2017.
- All of the ships’ tracking systems placed them in the same nonsensical location, led to informed speculation.
- It is still unconfirmed officially that the incident could be attributed to Russian testing of satellite navigation spoofing technology as part of its electronic warfare arsenal.
- A UK-based cyber vulnerability testing firm’s researchers shared how electronic chart systems could be hacked to spoof the size and location of vessels.
- SDRs are cheaply available online, and, with the right software can be used to mimic satellite signals and transmit fake ones and can actually trick an entire ship.
- Customers should set a standard for the GNSS receiver manufacturers and insist on antenna and receiver that are un-jammable and un-spoofable.
According to an analysis published in Ship Technology, GPS spoofing or GNSS spoofing more accurately is a much-discussed cyber-threat to ship navigation systems. Chris Lo in the analysis questions, with the potential for paralysed shipping lanes, collisions and even untraceable piracy incidents, what is the current state of play between the shipping industry’s cyber-defences and the malicious actors who aim to cause chaos through GPS spoofing?
Here’s an excerpt from it.
The incident that put the threat on top list
The shipping industry has been aware of the threat of GPS spoofing for years, but one incident in 2017 pushed the issue higher up the global news agenda.
In June of that year, at least 20 vessels in the Black Sea, in the vicinity of Novorossiysk Commercial Sea Port, reported that their automatic identification system (AIS) traces erroneously showed their position as Gelendzhik Airport, around 32km inland.
Electronic warfare arsenal?
The large number of vessels involved and the fact that all of the ships’ tracking systems placed them in the same nonsensical location, led to informed speculation – still unconfirmed officially – that the incident could be attributed to Russian testing of satellite navigation spoofing technology as part of its electronic warfare arsenal.
“My gut feeling is that this is a test of a system which will be used in anger at some other time,” the UK Royal Institute of Navigation’s former president David Last told New Scientist in 2017.
Shipping industry vulnerable to GPS Spoofing
Since then, there have been persistent concerns that the shipping industry may be vulnerable to GPS spoofing, raising the risk of keeping ships at sea longer than necessary to clear the confusion, as occurred in the Black Sea, or even dangerous scenarios such as ship collisions, either with other ships or with land.
Earlier this year, UK-based cyber vulnerability testing firm Pen Test Partners released information from a demonstration at the Infosecurity Europe conference, where the company’s researchers showed how electronic chart systems could be hacked to spoof the size and location of vessels.
This, they argued, could cause chaos in a busy shipping lane such as the English Channel.
What exactly is GPS spoofing?
GPS spoofing: from military to civilian
GPS spoofing could be described more specifically as Global Navigation Satellite System (GNSS) spoofing, as this is the generic term for satellite navigation systems with global coverage, including GPS (US), GLONASS (Russia), BeiDou (China) and Galileo (Europe), all of which are used in the shipping industry.
How does it work?
The fundamentals of GNSS spoofing involve an actor replicating satellite navigation signals with an identical signal that is strong enough to force out the original transmission, as GNSS receivers lock on to the strongest available signal.
Once the spoof signal is in place, rogue transmissions can mislead onboard navigation systems about fundamental calculations such as location, velocity and heading.
Up until the last few years, there was a wide gulf in the knowledge and equipment required for a user to carry out a full GNSS spoofing attack, rather than a jamming hack, which simply blocks the satellite signal and is much easier to detect.
Cheap SDRs available online
More recently, however, the commercial availability of radio hardware and downloadable software has brought GNSS spoofing from the military into the civilian realm, according to Roi Mit, chief marketing officer at Israel-based cybersecurity firm Regulus Cyber.
Software-defined radios (SDRs) are cheaply available online, and, with the right software can be used to mimic satellite signals and transmit fake ones.
Trick own phones with SDRs?
“We’ve done some testing at our lab at Regulus, where we purchased an SDR from Amazon, and without any technical knowledge we could easily, in a matter of a few days, completely replicate the entire GNSS satellite system transmission,” says Mit.
He added that one of the largest vendors for SDRs online said there was a big surge in the amount of systems he was selling because of games like Pokemon Go, which are based on GPS position.
The kids don’t want to leave their home and walk around outside with their phone – they just buy this device, transmit their location and they trick their own phones’ GPS.
But that exact same device can actually trick an entire ship.
What threat does spoofing pose to shipping?
Given that GPS spoofing exists in the shadowy world of cybercrime and electronic warfare, with few publicly acknowledged cases to analyse, it’s difficult to get a handle on the exact risks that spoofing realistically poses to commercial ships.
As well as the aforementioned issues around ships unnecessarily idling at sea which can cost shipowners millions in extra fuel and operational expenses ship-to-ship and ship-to-land collisions are a possibility.
What does 2017 study reveal?
A 2017 study, published by University of Texas at Austin researchers Jahshan Bhatti and Todd E. Humphreys, cites a field test showing how a 65m yacht was successfully hacked and supplied with fake positioning data, creating an obvious collision risk.
Mit raises another disturbing possibility: that the ease with which malicious actors can access GNSS spoofing tech could turn protecting commercial vessels against pirate raids from tricky to near-impossible.
What if pirates get the technology?
“There is evidence that Somali pirates, for example, can acquire such technology,” he says. “It can be transmitted over a very long range, and the thing is, once the ship goes off-course close the coast of Somalia, it’s not only at risk of being raided, but also when they call for help from the international force there meant to protect them, the location they will transmit won’t be real. So the intervention force will actually reach a location when there’s nobody there.”
Action the industry should take to reduce the risk
In terms of countermeasures, back-up navigation methods obviously exist from the centuries before the 1980s, when ships didn’t rely on satellite navigation – but the main issue is being able to detect when a hack is occurring, and when GNSS signals can and can’t be trusted.
Spoofing detection technologies originating from the defence industry are now coming on to the civilian market, while more advanced add-on systems offer a mitigation capability to ensure that connection to the satellite signal can always be maintained.
Go for un-jammable and un-spoofable receivers
But Mit argues that more pressure must be applied on GNSS hardware manufacturers to offer systems that are tested against jamming and spoofing.
“If the industry, the customers themselves, set a standard for the GNSS receiver manufacturers and tell them, ‘we will only acquire your antenna and your receiver if it is un-jammable and un-spoofable,’ they will motivate the manufacturers to start investing in protecting their own devices,” Mit says.
“I don’t think maritime customers should compromise on buying a GNSS receiver that is not protected, and then having to deal with the right add-ons, like the Regulus technology, to equip on it.”
Cyber risk management incorporation deadline
The International Maritime Organization (IMO) has given shipowners until January 2021 to incorporate cyber risk management into ship safety protocols, and as navigational security is likely to play a central role in these measures, so in the coming years protection against spoofing is likely to become a matter of regulatory compliance, rather than simply operational risk management.
Working together to tackle the GPS spoofing threat
The human element is obviously a vital component of any cybersecurity strategy, and onboard a ship this factor is particularly pronounced. While technology can do much of the heavy lifting, without cyber-savvy humans at the helm, basic vulnerabilities will remain.
Pen Test Partners noted in its investigation that some vessel satellite communication terminals were still using default username and password credentials.
Maritime cybersecurity training
Training courses on maritime cybersecurity are increasingly prevalent in the industry, and can simulate cases of spoofing to run through the recommended actions to take.
Best-practice guides are also becoming more common; the UK National Cyber Security Centre published a code of practice for ship cybersecurity in 2017.
Incidents not being shared is the barrier
One potential barrier to the shipping industry dealing effectively with the spoofing threat is the general veil of secrecy that hangs over the risk.
“It usually doesn’t get published if a shipping company has been spoofed,” say Mit. “It’s bad branding for the company and it’s something they want to keep under cover.”
By not sharing, the entire industry is slowed down in being prepared for such risks. Some kind of panel or committee, with closed doors, where all those companies could really discuss the types of threats they’re dealing with without risking their brand image, would be ideal.
Autonomous ship could be controlled by malicious actor?
The approaching prospect of autonomous and semi-autonomous ship technology raises the stakes in terms of cyber security, especially with regards to onboard navigation systems.
The spoofing threat have to be dealt with definitively before the industry entrusts ship navigation to automated systems or remote operators.
“2019 is a monumental year for the maritime industry, because right now it seems like all the major players are pursuing semi-autonomous and autonomous ships. Since GNSS is a core technology in every single autonomous ship that I’ve read about or have been told about, we should all wait and think about if this is something we’re really ready to release into the ocean. You cannot save an autonomous ship if it’s completely controlled by a malicious actor. It should be a very slow process and it should only be done when we’re almost 100% sure it’s cyber-secure,” concludes Mit.
Did you subscribe to our daily newsletter?
It’s Free! Click here to Subscribe!