[time-nuts] Ships fooled in GPS spoofing attack suggest Russian cyberweapon

Bob kb8tq kb8tq at n1k.org
Mon Aug 14 12:19:42 EDT 2017


Time is one more thing the spoofer needs to consider. It does not eliminate the
ability to spoof, it just adds one more factor to his setup. If he’s got a “clear” GPS
signal to base his spoof on, that gives him a timebase to use. 


> On Aug 14, 2017, at 12:09 PM, Tim Shoppa <tshoppa at gmail.com> wrote:
> Bringing this back around to time-nuts - wouldn't the timescale
> discontinuity at the receiver, be a powerful clue that spoofing was going
> on? But these being navigation receivers they aren't looking so critically
> at the time.
> Presumably this was a single-transmitter jammer that pretended it was a
> whole GPS constellation.
> A 32 kilometer jump in position would've been a 10 to 100 microsecond time
> jump for at least some of the receivers in that section of the Black Sea.
> And 10 microseconds sticks out like a sore thumb to a time nut.
> I think if you are only trying to spoof a single receiver it would be
> possible to walk a spoofed time/space code in a way that time moved without
> so obvious of a discontinuity. I'm sure there would be effects a time-nut
> could notice still.
> Tim N3QE
> On Sat, Aug 12, 2017 at 5:23 PM, John Allen <john at pcsupportsolutions.com>
> wrote:
>> FYI, John K1AE
>> -----Original Message-----
>> From: YCCC [mailto:yccc-bounces at contesting.com] On Behalf Of ROBERT
>> Sent: Saturday, August 12, 2017 9:26 AM
>> To: YCCC Reflector
>> Subject: [YCCC] Fwd: Re: [Radio Officers, &c] Ships fooled in GPS spoofing
>> attack suggest Russian cyberweapon
>> As if there were not enough problems in the world .....
>> Whitey  K1VV
>>>    Date: August 12, 2017 at 7:37 AM
>>>    Subject: Re: [Radio Officers, &c] Ships fooled in GPS spoofing
>> attack suggest Russian cyberweapon
>>>    Ships fooled in GPS spoofing attack suggest Russian cyberweapon
>>>    News from: New Scientis (article reported by R/O Luca Milone –
>> IZ7GEG)
>>>    https://www.newscientist.com/article/2143499-ships-fooled-
>> in-gps-spoofing-attack-suggest-russian-cyberweapon/#.
>> WY6zNfZq1VA.google_plusone_share https://www.newscientist.com/
>> article/2143499-ships-fooled-in-gps-spoofing-attack-
>> suggest-russian-cyberweapon/#.WY6zNfZq1VA.google_plusone_share
>>>    On date: 10 August 2017
>>>    By David Hambling
>>>    Reports of satellite navigation problems in the Black Sea suggest
>> that Russia may be testing a new system for spoofing GPS, New Scientist has
>> learned. This could be the first hint of a new form of electronic warfare
>> available to everyone from rogue nation states to petty criminals.
>>>    On 22 June, the US Maritime Administration filed a seemingly bland
>> incident report. The master of a ship off the Russian port of Novorossiysk
>> had discovered his GPS put him in the wrong spot – more than 32 kilometres
>> inland, at Gelendzhik Airport.
>>>    After checking the navigation equipment was working properly, the
>> captain contacted other nearby ships. Their AIS traces – signals from the
>> automatic identification system used to track vessels – placed them all at
>> the same airport. At least 20 ships were affected
>> http://maritime-executive.com/editorials/mass-gps-spoofing-
>> attack-in-black-sea .
>>>    While the incident is not yet confirmed, experts think this is the
>> first documented use of GPS misdirection – https://www.marad.dot.gov/
>> msci/alert/2017/2017-005a-gps-interference-black-sea/  a spoofing attack
>> that has long been warned of but never been seen in the wild.
>>>    Until now, the biggest worry for GPS has been it can be jammed
>> https://www.newscientist.com/article/dn20202-gps-chaos-how-
>> a-30-box-can-jam-your-life/  by masking the GPS satellite signal with
>> noise. While this can cause chaos, it is also easy to detect. GPS receivers
>> sound an alarm when they lose the signal due to jamming. Spoofing is more
>> insidious: a false signal from a ground station simply confuses a satellite
>> receiver. “Jamming just causes the receiver to die, spoofing causes the
>> receiver to lie,” says consultant David Last
>> http://www.professordavidlast.co.uk/ , former president of the UK’s Royal
>> Institute of Navigation.
>>>    Todd Humphreys http://www.ae.utexas.edu/faculty/faculty-directory/
>> humphreys , of the University of Texas at Austin, has been warning of the
>> coming danger of GPS spoofing for many years. In 2013, he showed how a
>> superyacht with state-of-the-art navigation could be lured off-course by
>> GPS spoofing. “The receiver’s behaviour in the Black Sea incident was much
>> like during the controlled attacks http://onlinelibrary.wiley.
>> com/doi/10.1002/navi.183/full  my team conducted,” says Humphreys.
>>>    Humphreys thinks this is Russia experimenting with a new form of
>> electronic warfare. Over the past year, GPS spoofing has been causing chaos
>> for the receivers on phone apps in central Moscow to misbehave
>> https://themoscowtimes.com/articles/the-kremlin-eats-gps-
>> for-breakfast-55823 . The scale of the problem did not become apparent
>> until people began trying to play Pokemon Go. The fake signal, which seems
>> to centre on the Kremlin, relocates anyone nearby to Vnukovo Airport
>> http://www.thetruthaboutcars.com/2017/01/bizarre-gps-
>> spoofing-means-drivers-near-kremlin-always-airport/ , 32 km away. This is
>> probably for defensive reasons; many NATO guided bombs, missiles and drones
>> rely on GPS navigation, and successful spoofing would make it impossible
>> for them to hit their targets.
>>>    But now the geolocation interference is being used far away from the
>> Kremlin. Some worry that this means that spoofing is getting easier. GPS
>> spoofing previously required considerable technical expertise. Humphreys
>> had to build his first spoofer from scratch in 2008, but notes that it can
>> now be done with commercial hardware and software downloaded from the
>> Internet.
>>>    Nor does it require much power. Satellite signals are very weak –
>> about 20 watts from 20,000 miles away – so a one-watt transmitter on a
>> hilltop, plane or drone is enough to spoof everything out to the horizon.
>>>    If the hardware and software are becoming more accessible, nation
>> states soon won’t be the only ones using the technology. This is within the
>> scope of any competent hacker http://www.comsoc.org/ctn/
>> lost-space-how-secure-future-mobile-positioning . There have not yet been
>> any authenticated reports of criminal spoofing, but it should not be
>> difficult for criminals to use it to divert a driverless vehicle
>> https://www.newscientist.com/article/2142059-sneaky-
>> attacks-trick-ais-into-seeing-or-hearing-whats-not-there/  or drone
>> delivery, or to hijack an autonomous ship. Spoofing will give everyone
>> affected the same location, so a hijacker would just need a short-ranged
>> system to affect one vehicle.
>>>    But Humphreys believes that spoofing by a state operator is the more
>> serious threat. “It affects safety-of-life operations over a large area,”
>> he says. “In congested waters with poor weather, such as the English
>> Channel, it would likely cause great confusion, and probably collisions.”
>>>    Last says that the Black Sea incident suggests a new device capable
>> of causing widespread disruption, for example, if used in the ongoing
>> dispute with Ukraine. “My gut feeling is that this is a test of a system
>> which will be used in anger at some other time.”
>>>    73’s
>>>    webmaster
>> _______________________________________________
>> YCCC Reflector mailto:yccc at contesting.com
>> Yankee Clipper Contest Club  http://www.yccc.org
>> Reflector Info: http://lists.contesting.com/mailman/listinfo/yccc
>> ---
>> This email has been checked for viruses by Avast antivirus software.
>> https://www.avast.com/antivirus
>> _______________________________________________
>> time-nuts mailing list -- time-nuts at febo.com
>> To unsubscribe, go to https://www.febo.com/cgi-bin/
>> mailman/listinfo/time-nuts
>> and follow the instructions there.
> _______________________________________________
> time-nuts mailing list -- time-nuts at febo.com
> To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
> and follow the instructions there.

More information about the time-nuts mailing list