A GPS spoofing attack attempts to deceive a GPS receiver by broadcasting incorrect GPS signals, structured to resemble a set of normal GPS signals, or by rebroadcasting genuine signals captured elsewhere or at a different time.
GPS receivers deduce their position by calculating their distance from several satellites at once. Each satellite broadcasts its location, time and signature pattern known as a pseudorandom noise code (or PRN code). These codes identify the satellite transmitting the signal. PRN Codes are necessary because all GPS satellites broadcast civilian signals on the same frequency.
How the spoofing happens ?
Step 1 – To attack civilian receivers, a spoofer figures out which GPS satellites will be in vicinity of the target at a given time, based on the satellites’ orbits. The spoofer then fabricates the PRN code for each satellite. Next, the spoofer broadcasts faint signals carrying the same codes as all the nearby satellites at once. The GPS receiver registers these week signals as though they were part of the stronger, true signals transmitted by those satellites.
Step 2 – Then comes the delicate art of the “drag-off”, in which the spoofer’s operator gently overrides the true signals. To do this, the spoofer’s operator gradually increases the power of the false GPS signals until GPS receivers catch onto these new signals. If the signal increase is too abrupt, the receiver might detect something amiss. Once the receiver has locked onto the false signals, the operator can adjust the GPS receiver’s position to a new set of coordinates. They generally use the algorithms for moving the coordinates of earth’s centre (origin), the earth’s radius or the GPS satellite’s position, to move the location coordinates of the GPS receiver.
All Satellite navigation systems (such as GLONASS, Galileo, BeiDou etc) can be spoofed. Spoofers can also stop/slow down/fasten the time shown on a GPS receiver. Another feature of spoofing is that it is very stealthy ie the user may never realise that his equipment has been compromised. There will be no alarms. In congested waters with poor weather, such as the English Channel, it would likely cause great confusion, and probably collisions.
Spoofing signals will normally be sent from land based stations hence probability of spoofing in coastal waters is higher than in open sea. But there is a possibility that a rogue vessel in mid sea can also send spoofing signals.
Spoofing in general is different from jamming of GPS Signals. Jamming is done by masking the GPS satellite signal with noise.
Todd Humphreys, of the University of Texas at Austin thinks this is Russia experimenting with a new form of electronic warfare. Over the past year, GPS spoofing has been causing chaos for the receivers on phone apps in central Moscow to misbehave. The scale of the problem did not become apparent until people began trying to play Pokemon Go. The fake signal, which seems to centre on the Kremlin, relocates anyone nearby to Vnukovo Airport, 32 km away. This is probably for defensive reasons; many NATO guided bombs, missiles and drones rely on GPS navigation, and successful spoofing would make it impossible for them to hit their targets.
GPS Spoofing related nautical incidents are almost unheard of at present, but as navigators we must understand ‘GPS spoofing’ because we rely heavily on automated GPS position fixing on ECDIS.
If the spoofed GPS position is close to own position, it may remain unnoticed for a long time. Parallel Indexing, Radar Overlay, Echo reference & Visual navigation techniques are important tools to detect GPS position spoofing at early stage, if the spoofed position is a small distance away.
If spoofed position is far away, spoofing will be noticed immediately but it can cause confusion.
An ECDIS alarm for difference between positions given by the primary and secondary position fixing system will also assist if • either of the two (primary or secondary) position fixing systems is not a GPS. • there is a delay between the two GPS receivers getting spoofed (in case the two GPS are selected as primary and secondary position fixing systems).
When GPS Spoofing is detected, and verified by the use of other position fixing methods, officers have to change position plotting method.
• Visual & Radar fixes, Parallel Index, Radar Overlay, Echo reference can be used for coastal navigation. Always remember the U.S. Coast Guard’s advice • Celestial positions can be used during Ocean passages.
Preventing GPS spoofing
There are different ways to prevent GPS spoofing. Some of the most recommended to use are:
- Add a sensor/blocker. Sensors can detect characteristics of interference, jamming, and spoofing signals, provide local indication of an attack or anomalous condition, communicate alerts to a remote monitoring site, and collect and report data to be analyzed for forensic purposes.
- Extend data spoofing whitelists to sensors. Existing data spoofing whitelists have been and are being implemented in government reference software, and should also be implemented in sensors.
- Use more GPS signal types. Modernized civil GPS signals are more robust than the L1 signal and should be leveraged for increased resistance to interference, jamming, and spoofing.
- Reduce latency in recognition and reporting of interference, jamming, and spoofing. If a receiver is misled by an attack before the attack is recognized and reported, then backup devices may be corrupted by the receiver before hand over.
Staying one step ahead
High-end GNSS receivers, particularly those employing spoofing detection and mitigation methods are still relatively safe from spoofers, however the increasing sophistication of both hardware, in the form of SDRs and open-source software means there’s no room for complacency.
Good navigation is about cross-checking navigation systems, and what better way than having two independent electronic systems.
ShipHappens !
The Deep Draft 
Leave a comment