Spotlight

GPS is under attack

July 2024: As GPS service is threatened by spoofing and jamming, many modern day operations dependent on it are being threatened as well. As reported by the New York Times, in the last year over 60, 000 commercial aircraft have been victims of GPS spoofing. Our dependence on GPS and GNSS in general spans from emergency services like ambulances, communications with cell phones, and many other modern day services. Despite the importance of the service GPS provides us, the U.S. “has no civilian backup system” for it.

According to the article, the U.S. is lagging behind competing GNSS systems by replacing the aging satellites slowly while other countries develop “newer alternatives.” Europe’s Galileo system authenticates its signals. China’s Beidou system has the most satellites, and the country has built land-based infrastructure meant to support their system, but also act as a backup. “A U.S. backup plan was proposed a decade ago but never took off. New American technologies are in development but could take years before they are widely adopted.” For more on this, visit the article here.

The RNL has already found that a major source of spoofing in the Middle East is an Israeli air base with a speculated main purpose of disrupting Hamas rockets, but also affecting commercial flights in the region. According to another New York Times article, “the Israeli military declined to comment” when asked about it. As spoofing becomes more prevalent, some regions are more affected than others, like the Middle East, or the Baltics. For more visit the article here.

Israel’s GPS spoofing disrupting all GPS-dependent operations

July 2024: GPS spoofing signals in the Eastern Mediterranean have reportedly been affecting areas in Lebanon, Israel, Syria, Jordan, Egypt, Turkey and Cyprus. These signals affect various operations, the most worrying being aviation. “Researchers from SkAI Data Services, using information from the OpenSky Network, detected almost 2,000 spoofed planes” over a recent 72-hour period. The RNL’s researchers have geolocated the transmitter to an air base in northern Israel.

Beyond commercial aviation, the spoofing affects Hezbollah’s Iran-supplied “arsenal of GPS-guided munitions, including drones,” with Israeli military spokesman Rear Adm. Daniel Hagari saying “[they] are aware that these disruptions cause inconveniences, but it is a vital and necessary tool in [their] defensive capabilities.” In addition to the intended military targets, and unintended commercial aviation, the spoofing affects maritime shipping and everyday civilians (Google maps, food delivery, dating apps). The RNL’s Dr. Humphreys says “his is an attempt to use the most potent form of GPS electronic and navigational warfare. Yet they cannot contain the spoofing to just the borders of Israel, because they need it to overwhelm receivers that are designed to resist such spoofing. They need to have many times the traditional power to overcome a GPS receiver, so the signals are being felt all the way out to Cyprus.” For more details on the story, visit the article here.

First instance of jamming for a commercial transatlantic flight

June 2024: A flight from Madrid to Toronto was the victim of a GPS Jamming attack over the Atlantic. The attack prevented the pilot from ascending to a higher altitude. The source has yet to be identified. The RNL’s Dr. Humphreys said the incident was a “more deliberate attack against commercial aircraft” rather than “the usual spillover of electronic warfare”. He also weighed in saying “it could be individual hackers who have learned from media reports how vulnerable commercial aircraft are to GPS jamming… It’s hard to see why a state actor would do this, though I don’t deny that Russia’s penchant for hybrid warfare that involves creating whatever mayhem it can in the West.” For more, visit the original article here.

Spoofing in the Mediterranean disrupting everyday activities

June 2024: Reports continue coming in of GNSS spoofing in the eastern Mediterranean. Accounts from the island of Cyprus range from delivery service timing being absurd, to commercial aircraft and ships having their GNSS services disrupted. The main effect, according to a Forbes article, is having one’s location spoofed to the Beirut Airport. The RNL’s Dr. Humphreys says “it’s not just Russia, China, and Iran anymore – GPS spoofing has gone mainstream.” For more on the story, visit the Forbes article here.

How GPS warfare is playing havoc with civilian life

May 2024: “NATO has blamed Russia for such GNSS interruptions across large parts of Europe,
including one that affected a flight carrying the UK defense secretary. Conflict in the Middle East has also increased GPS manipulation in the region. Some world leaders, including Russia’s Vladimir Putin, reportedly use mobile jammers for protection when travelling.” The RNL’s Dr. Humphreys says “This is a dangerous situation. Pilots can become so confused about their location, they end up having to call aircraft control and ask for turn-by-turn directions . . . It’s past the line of just a nuisance.” For more on the story visit the Financial Times article here.

The Dangerous Rise of GPS Attacks

May 2024: “Attacks against GPS, and the wider GNSS category, come in two forms. First, GPS jamming looks to overwhelm the radio signals that make up GPS and make the systems unusable. Second, spoofing attacks can replace the original signal with a new location—spoofed ships can, for example, appear on maps as if they’re at inland airports. Within the Baltic region, 46,000 aircraft showed potential signs of jamming between August 2023 and March this year, according to reports and data from tracking service GPSJam. Benoit Figuet, an academic at the Zurich University of Applied Sciences who also runs a live GPS spoofing map, says there have been an additional 44,000 spoofing incidents logged since the start of this year.”

The RNL’s Zach Clements states “the biggest change in the past six months is definitely the amount of spoofing that’s going on. For the first time, we’re seeing widespread disruptions in civil aviation, especially in the Eastern Mediterranean, the Baltics, and the Middle East. In prior years, there were reports of spoofing impacting marine vessels, but not aviation.” For more on the subject visit the Wired article here.

Israel GPS spoofing for Defense also affecting civilian planes

April 2024: The RNL’s Dr. Humphreys speaking to NPR says “I like to say that spoofing is the new jamming.” GPS interference is now not only conducted by usual suspects, but also U.S. ally Israel. Israel themselves have reportedly acknowledged blocking GPS for defensive purposes since last October. Dr. Humphreys and the RNL have “traced the origin of the false signals using data collected from receivers in low Earth orbit,” with the data pointing to a particular airbase in Israel, according to Dr. Humphreys.

“The most recent guidance from the main carriers … is that you have to be shutting off GPS inputs to your system long before you’re in conflict areas,” says Dr. Humphreys. According to the NPR article, “Members of the United Nations’ International Telecommunications Union (ITU), which regulates communication technology, passed a motion in December in Dubai that for the first time allows spoofing of GPS for national security reasons.”

Specifically in Israel “most of the spoofing around Israel is directing aircraft to believe that they are at the Beirut airport,” with a possible reason being “commercially available drones, which can be modified for attack, are built to freeze in the vicinity of an airport.” For more details on the story, visit the article and audio interview here, or a short video here.

GPS spoofing affecting civil aviation

March 2024: Since August of 2023, “pilots operating in the Middle East began to report instances of their onboard navigation systems being overtaken by fake GPS signals. The first reported incidents took place in a strip of Iraqi airspace close to the country’s border with Iran that is commonly used by flights traveling between Europe and the Gulf states.” The RNL’s Dr. Humphreys along with Zach Clements have been using data from low-earth-orbit satellites to geolocate the spoofing sources. Their efforts located a spoofer close to a location in the Iranian capital, Tehran. “On Oct. 15, the IDF acknowledged that GPS signals along Israel’s northern border with Lebanon, where Hezbollah is based, would be restricted but made no reference to spoofing.” Dr. Humphreys says, “you know it’s gone mainstream not when the Russians are practicing it, or the Iranians, or the Chinese, but when allies of the United States are practicing it.” For more, read the article here.

Flight MH370 and what the barnacles tell us as a “natural data logger”

March 2024: Jeff Wise, journalist and aviation expert, has written an article summarizing the information that can be gleaned from barnacles found on Flight MH370’s debris. That information, paired with the communications system providing pings onboard turning off raise more unanswered questions. The RNL’s Dr. Humphreys says “after a failed search, you have to recalibrate,” and that “sometimes you preclude the possibility of even looking for evidence because you have very strong priors against it. I think by this point, we’ve been pushed into a corner where we do need to revisit those priors.” For more on the story, read New York Magazine’s The Intelligencer article here.