[time-nuts] Ships fooled in GPS spoofing attack suggest Russian cyberweapon

Tim Shoppa tshoppa at gmail.com
Mon Aug 14 12:09:43 EDT 2017

Bringing this back around to time-nuts - wouldn't the timescale
discontinuity at the receiver, be a powerful clue that spoofing was going
on? But these being navigation receivers they aren't looking so critically
at the time.

Presumably this was a single-transmitter jammer that pretended it was a
whole GPS constellation.

A 32 kilometer jump in position would've been a 10 to 100 microsecond time
jump for at least some of the receivers in that section of the Black Sea.
And 10 microseconds sticks out like a sore thumb to a time nut.

I think if you are only trying to spoof a single receiver it would be
possible to walk a spoofed time/space code in a way that time moved without
so obvious of a discontinuity. I'm sure there would be effects a time-nut
could notice still.

Tim N3QE

On Sat, Aug 12, 2017 at 5:23 PM, John Allen <john at pcsupportsolutions.com>

> FYI, John K1AE
> -----Original Message-----
> From: YCCC [mailto:yccc-bounces at contesting.com] On Behalf Of ROBERT
> Sent: Saturday, August 12, 2017 9:26 AM
> To: YCCC Reflector
> Subject: [YCCC] Fwd: Re: [Radio Officers, &c] Ships fooled in GPS spoofing
> attack suggest Russian cyberweapon
> As if there were not enough problems in the world .....
> Whitey  K1VV
> >     Date: August 12, 2017 at 7:37 AM
> >     Subject: Re: [Radio Officers, &c] Ships fooled in GPS spoofing
> attack suggest Russian cyberweapon
> >
> >     Ships fooled in GPS spoofing attack suggest Russian cyberweapon
> >
> >     News from: New Scientis (article reported by R/O Luca Milone –
> >
> >     https://www.newscientist.com/article/2143499-ships-fooled-
> in-gps-spoofing-attack-suggest-russian-cyberweapon/#.
> WY6zNfZq1VA.google_plusone_share https://www.newscientist.com/
> article/2143499-ships-fooled-in-gps-spoofing-attack-
> suggest-russian-cyberweapon/#.WY6zNfZq1VA.google_plusone_share
> >
> >
> >     On date: 10 August 2017
> >
> >     By David Hambling
> >
> >
> >     Reports of satellite navigation problems in the Black Sea suggest
> that Russia may be testing a new system for spoofing GPS, New Scientist has
> learned. This could be the first hint of a new form of electronic warfare
> available to everyone from rogue nation states to petty criminals.
> >
> >
> >     On 22 June, the US Maritime Administration filed a seemingly bland
> incident report. The master of a ship off the Russian port of Novorossiysk
> had discovered his GPS put him in the wrong spot – more than 32 kilometres
> inland, at Gelendzhik Airport.
> >
> >
> >     After checking the navigation equipment was working properly, the
> captain contacted other nearby ships. Their AIS traces – signals from the
> automatic identification system used to track vessels – placed them all at
> the same airport. At least 20 ships were affected
> http://maritime-executive.com/editorials/mass-gps-spoofing-
> attack-in-black-sea .
> >
> >
> >     While the incident is not yet confirmed, experts think this is the
> first documented use of GPS misdirection – https://www.marad.dot.gov/
> msci/alert/2017/2017-005a-gps-interference-black-sea/  a spoofing attack
> that has long been warned of but never been seen in the wild.
> >
> >
> >     Until now, the biggest worry for GPS has been it can be jammed
> https://www.newscientist.com/article/dn20202-gps-chaos-how-
> a-30-box-can-jam-your-life/  by masking the GPS satellite signal with
> noise. While this can cause chaos, it is also easy to detect. GPS receivers
> sound an alarm when they lose the signal due to jamming. Spoofing is more
> insidious: a false signal from a ground station simply confuses a satellite
> receiver. “Jamming just causes the receiver to die, spoofing causes the
> receiver to lie,” says consultant David Last
> http://www.professordavidlast.co.uk/ , former president of the UK’s Royal
> Institute of Navigation.
> >
> >
> >     Todd Humphreys http://www.ae.utexas.edu/faculty/faculty-directory/
> humphreys , of the University of Texas at Austin, has been warning of the
> coming danger of GPS spoofing for many years. In 2013, he showed how a
> superyacht with state-of-the-art navigation could be lured off-course by
> GPS spoofing. “The receiver’s behaviour in the Black Sea incident was much
> like during the controlled attacks http://onlinelibrary.wiley.
> com/doi/10.1002/navi.183/full  my team conducted,” says Humphreys.
> >
> >
> >     Humphreys thinks this is Russia experimenting with a new form of
> electronic warfare. Over the past year, GPS spoofing has been causing chaos
> for the receivers on phone apps in central Moscow to misbehave
> https://themoscowtimes.com/articles/the-kremlin-eats-gps-
> for-breakfast-55823 . The scale of the problem did not become apparent
> until people began trying to play Pokemon Go. The fake signal, which seems
> to centre on the Kremlin, relocates anyone nearby to Vnukovo Airport
> http://www.thetruthaboutcars.com/2017/01/bizarre-gps-
> spoofing-means-drivers-near-kremlin-always-airport/ , 32 km away. This is
> probably for defensive reasons; many NATO guided bombs, missiles and drones
> rely on GPS navigation, and successful spoofing would make it impossible
> for them to hit their targets.
> >
> >
> >     But now the geolocation interference is being used far away from the
> Kremlin. Some worry that this means that spoofing is getting easier. GPS
> spoofing previously required considerable technical expertise. Humphreys
> had to build his first spoofer from scratch in 2008, but notes that it can
> now be done with commercial hardware and software downloaded from the
> Internet.
> >
> >
> >     Nor does it require much power. Satellite signals are very weak –
> about 20 watts from 20,000 miles away – so a one-watt transmitter on a
> hilltop, plane or drone is enough to spoof everything out to the horizon.
> >
> >
> >     If the hardware and software are becoming more accessible, nation
> states soon won’t be the only ones using the technology. This is within the
> scope of any competent hacker http://www.comsoc.org/ctn/
> lost-space-how-secure-future-mobile-positioning . There have not yet been
> any authenticated reports of criminal spoofing, but it should not be
> difficult for criminals to use it to divert a driverless vehicle
> https://www.newscientist.com/article/2142059-sneaky-
> attacks-trick-ais-into-seeing-or-hearing-whats-not-there/  or drone
> delivery, or to hijack an autonomous ship. Spoofing will give everyone
> affected the same location, so a hijacker would just need a short-ranged
> system to affect one vehicle.
> >
> >
> >     But Humphreys believes that spoofing by a state operator is the more
> serious threat. “It affects safety-of-life operations over a large area,”
> he says. “In congested waters with poor weather, such as the English
> Channel, it would likely cause great confusion, and probably collisions.”
> >
> >
> >     Last says that the Black Sea incident suggests a new device capable
> of causing widespread disruption, for example, if used in the ongoing
> dispute with Ukraine. “My gut feeling is that this is a test of a system
> which will be used in anger at some other time.”
> >
> >
> >     73’s
> >     webmaster
> _______________________________________________
> YCCC Reflector mailto:yccc at contesting.com
> Yankee Clipper Contest Club  http://www.yccc.org
> Reflector Info: http://lists.contesting.com/mailman/listinfo/yccc
> ---
> This email has been checked for viruses by Avast antivirus software.
> https://www.avast.com/antivirus
> _______________________________________________
> time-nuts mailing list -- time-nuts at febo.com
> To unsubscribe, go to https://www.febo.com/cgi-bin/
> mailman/listinfo/time-nuts
> and follow the instructions there.

More information about the time-nuts mailing list