Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Transportation Government

Russia Suspected In GPS-Spoofing Attacks On Ships (wired.co.uk) 194

How did a 37-ton tanker suddenly vanish from GPS off the coast of Russia? AmiMoJo shares a report from Wired: The ship's systems located it 25 to 30 miles away -- at Gelendzhik airport... The Atria wasn't the only ship affected by the problem... At the time, Atria's AIS system showed around 20 to 25 large boats were also marooned at Gelendzhik airport. Worried about the situation, captain Le Meur radioed the ships. The responses all confirmed the same thing: something, or someone, was meddling with the their GPS...

After trawling through AIS data from recent years, evidence of spoofing becomes clear. GPS data has placed ships at three different airports and there have been other interesting anomalies. "We would find very large oil tankers who could travel at the maximum speed at 15 knots," said a former director for Marine Transportation Systems at the U.S. Coast Guard. "Their AIS, which is powered by GPS, would be saying they had sped up to 60 to 65 knots for an hour and then suddenly stopped. They had done that several times"...

"It looks like a sophisticated attack, by somebody who knew what they were doing and were just testing the system..." says Lukasz Bonenberg from the University of Nottingham's Geospatial Institute. "You basically need to have atomic level clocks."

The U.S. Maritime Administration confirms 20 ships have been affected -- all traveling in the Black Sea -- though a U.S. Coast Guard representative "refused to comment on the incident, saying any GPS disruption that warranted further investigation would be passed onto the Department of Defence." But the captain of the 37-ton tanker already has his own suspicions. "It looks like the Russians define an area where they don't want the GPS to apply."
This discussion has been archived. No new comments can be posted.

Russia Suspected In GPS-Spoofing Attacks On Ships

Comments Filter:
  • by iggymanz ( 596061 ) on Sunday October 01, 2017 @12:28PM (#55288057)

    It's all fun and games until a ship runs aground or collides with something, and an eye gets poked out

    • by Anonymous Coward

      What is US Coast Guard doing in the black Sea? There is no US territory, unless they've annexed Turkey.

      • by bestweasel ( 773758 ) on Sunday October 01, 2017 @12:56PM (#55288185)

        They thought they were in the Mediterranean but something was wrong with their GPS.

        • by Z00L00K ( 682162 )

          The USS John McCain and Fitzgerald incidents comes to mind.

          And even though the GPS system requires atomic clocks a system to cause trouble doesn't have to have the same precision - it just has to cause headache by offsetting incoming data.

          • Nice excuse. Military vessels are supposed to have radar you know? What if they had to, shudder, fight an actual war where the enemy doesn't have their GPS transponder on to begin with?

            • Nice excuse. Military vessels are supposed to have radar you know? What if they had to, shudder, fight an actual war where the enemy doesn't have their GPS transponder on to begin with?

              Mmm. Not to mention, in boot camp they're all issued with personal sets of Binocular Integrated Optical facilities Mk 1.

          • by gotan ( 60103 )

            Why? Because it happened at sea?

            For the Fitzgerald accident there is consistent AIS data that indicates that the freighter sent correct GPS positions. Also we don't see any ships in the vicinity being affected, their AIS-Data (in effect their position based on the GPS-data they received) should show anomalies if their GPS was affected by a spoofing attack.

            In addition the US-Navy doesn't use civilian GPS, it's questionable that their GPS-based-systems can be spoofed as easily. Also they should have redundant

    • It's all fun and games until a ship runs aground or collides with something, and an eye gets poked out

      Don't some weapons use GPS for, at least, some navigation? If so, then now there's now an exclusion area.

      • by Hognoxious ( 631665 ) on Sunday October 01, 2017 @02:33PM (#55288599) Homepage Journal

        Given that the first thing the Russians would do in an actual war would be to take out the GPS satellites I suspect there's an inertial and possibly a visual b@7;'[[*&)>..
        no carrier

        • Oh, come on, comrades, this is a funny old tech meme! Lighten up a bit on the mods.

        • by rtb61 ( 674572 )

          Yeah, because we all need global positioning satellites, when we are either dead or hiding underground when the nuclear missiles fly. All I see is a propaganda scam to cover US naval officers illegally forcing right of even when those ships they are targeting with the US navies ego, can not make the manoeuvres they to force of them.

          Reality for a military vessel like a destroyer, if the captain of that vessel, ever allows a slow barely manoeuvrable merchant vessel, even on purpose, to ram it, they should be

          • Probably those destroyers were way, way, way too dependent on networked computer systems for situational awareness. Most likely the captain had no idea anything was amiss until he felt the collision.

            It seems like American military doctrine is too focused on using hyper-modern technology to suppress civilian and paramilitary resistance to an occupation. Glitzy, unproven, unreliable high tech toys are are just great when you're fighting against goatherds with AK-47s.

            But we appear to have lost focus on fighti

            • But we appear to have lost focus on fighting an a "real" war against an evenly matched opponent.

              I believe the opposite is true. We are seeing a military built in a way to fight World War 2 all over again that cannot deal well with "goatherds carrying AK-47s". I recall a US Navy exercise where someone brought in to command the simulated opposition force developed a plan that "sunk" nearly the entire flotilla. Despite the success of the opposition force in the simulation the US Navy tossed out anything that they may have learned and just called the simulation "unrealistic".

              I'm not saying that having

              • Re: GPS Spoofing (Score:4, Informative)

                by Gryle ( 933382 ) on Monday October 02, 2017 @06:21AM (#55291157)
                I'm assuming you're referring to the 2002 Millennium Challenge Exercise. The popular accounts are incredibly one-sided (Malcolm Gladwell is a particular offender here) and ignore that many aspects of the war-game were unrealistic. For example, the red team leader, Van Riper, had small boats firing missiles that were physically beyond the capability of the boat to carry and having those same boats move as if they were unencumbered. While there is a lot to be learned from the reports of the exercise, it's not as bad as many people make it out to be.

                Source: Conversations with a participant of MC02.
            • by rtb61 ( 674572 )

              What a crock, you have sonar, radar, lookouts, officers on the bridge, coxswain in at the con. Only arrogance could have caused those crashes and forcing right of way. The, 'er', we didn't see the merchant vessel that anyone else could see from several kilometres away is no bloody excuse. No matter which way you look at it, a professional crew that could not fail to miss a major merchant vessel is either drunk, wildly incompetent or driven by massive erections. How incompetent, how egoistic https://www.yout [youtube.com]

          • Where did, you learn to, write like William, Shatner, talks?

      • That would be a no.

        Modern weapons can use GPS as one method of in flight guidance, but rarely is it the only method available to it.

        In addition, those same modern weapons can use encrypted versions of said GPS making modifying the data just a wee bit more difficult.

        Have to go with all out jamming for that.

    • by skegg ( 666571 )

      It seems a small crisis is brewing in the South China Sea. Or thereabouts.

      • It seems a small crisis is brewing in the South China Sea. Or thereabouts.

        Right, it sure is hard to know where the crisis is brewing when someone is spoofing GPS.

  • by Baron_Yam ( 643147 ) on Sunday October 01, 2017 @12:34PM (#55288075)

    The US military already encrypts GPS for themselves - it can still be jammed, but it can't be spoofed.

    Maybe it's time encryption was applied to civilian GPS as well. It's not like consumer electronics don't have the capability to handle the decryption, and it's not like you'd have to use the same keys as military GPS.

    • by Nutria ( 679911 ) on Sunday October 01, 2017 @12:38PM (#55288103)

      it can still be jammed

      That's why the USN has started teaching Old School navigation methods again.

      • Welcome to the age of electronic warfare, where sextants and typewriters may be brought out of mothballs before it's all said and done.

        • by Nutria ( 679911 ) on Sunday October 01, 2017 @12:51PM (#55288165)

          where sextants and typewriters may be brought out of mothballs before it's all said and done.

          I think the Russians have already done that. [telegraph.co.uk]

          • Interesting. And they can track the exact machine used by its keystrokes, a nice little side benefit.

            • by Nutria ( 679911 )

              I know that was the case with "pivoting arm" typewriters (at least according to crime fiction) but am not sure that's valid with ball and daisy wheel machines.

              • by hey! ( 33014 )

                Old fart who actually remembers this crap here.

                Daisywheel with a fresh wheel is your best bet for covering your tracks. Over time identifiable damage occurs to the plastic coating of the daisywheel, so changing your daisy wheel every couple of weeks will effectively cover your tracks.

                Typeballs aren't a panacea. While they more uniformly manufactured than type elements in a conventional typewriter, damage through mishandling can occur. Swapping typeballs helps, but over time Selectric type machines develo

                • by Nutria ( 679911 )

                  Most HP Laser Jets didn't have PostScript interpreters. That the reasons host-based PS interpreters were created.

                  Also, flaws in drums will be transmitted to the printed page, allowing them to be traced.

      • it can still be jammed

        That's why the USN has started teaching Old School navigation methods again.

        How old school? Sextants, paper and pencil or "Alexa? ..."

      • by cyn1c77 ( 928549 )

        it can still be jammed

        That's why the USN has started teaching Old School navigation methods again.

        Unfortunately, as recent incidents have shown, the lessons aren't going well!

    • Encryption wouldn't be needed, but signing would be important. However, how does one offer this? An encrypted stream takes very little overhead to keep going with, because block and stream ciphers are very efficient. However, plaintext signing is a different ball game together. How do you sign a stream?

      • Re: (Score:2, Informative)

        by glitch! ( 57276 )

        How do you sign a stream?

        Break the stream into blocks (it probably already has blocks), get a checksum for each block, and sign the checksum. Send them on a separate channel if you don't want to modify the original stream.

        • by rnturn ( 11092 )
          GPS satellites aren't easily reprogrammable communications satellites with spare "channels" available for nifty new purposes. (Not that future ones couldn't have those capabilities.) Then there's the "installed base" problem. Untold number of GPS receivers would be expensive paperweights if you start encrypting the C/A data.
      • >Encryption wouldn't be needed, but signing would be important.

        Encryption's not my strong suit. Is that significantly different from using a private key to encrypt and publishing the decryption key? It's not like you're trying to protect the stream against decryption, you're just trying to prove who is sending the data.

    • by mbone ( 558574 ) on Sunday October 01, 2017 @01:41PM (#55288395)

      The US military already encrypts GPS for themselves - it can still be jammed, but it can't be spoofed.

      Of course it can be spoofed ("meaconned"), even if you assume that the encryption cannot be cracked. An attacker can receive the satellite signal and retransmit it. This signal will arrive at the target late, but it will still be valid - of course the attacker has to manipulate power / jamming etc to convince the receiver that the meacon signal is the valid one. You can be sure much thought has been given to this topic.

      The particular attacks in the original post appear to be related to protecting Putin [nrkbeta.no]. I doubt the military attacks get rolled out for such a simple purpose.

      • An attacker can receive the satellite signal and retransmit it.

        In case the attacker only wants to shift the time a bit -which could be important for communication networks- this would not be too hard indeed. If, on the other hand, he wanted to do a spoofing of the position, that would require capturing the satellite signals and delaying them individually. For the civilian code, the separation of the satellite signals can be done easily by digital correlation. However, because the military code is not publicly known, the isolation of the signals can only be done using l

    • by MountainLogic ( 92466 ) on Sunday October 01, 2017 @01:47PM (#55288421) Homepage
      There is indeed a separate higher resolution encrypted feed for the military. Encrypting for civilian channel use is very impractical as many many devices lack the ability to update keys (no network connection). Encryption also burn clocks and batteries. With billions of devices being made all over the world by thousands of manufacturers keeping the keys private is unrealistic. Further with only one global key to crack by state supported entities it would not last long. (yes, the old /. meme of "imagine a Beowulf cluster" does apply here).
      • As another poster says, what's needed is signing (authenticity verification) not encryption. I agree that this would be pretty difficult for devices that can't update, but it seems like it would be possible to periodically publish a public key that allows some sort of authenticity check for systems that can receive regular updates to this key. Though even then I'm unsure if one could defend against re-transmission attacks that do not alter the signals, just re-transmit certain ones with a carefully chosen
        • Honestly, the bit rate is way too low to support encryption. And as you point out timing is everything and trivial microsecond replay attacks break even signatures.
    • That was not my impression on how GPS worked. The military GPS is the same GPS that everyone else uses. The difference is that the military can predict the noise that was added to the GPS signal - because they added it. Once you know the noise you can subtract it from the observed signal to get the ideal signal with optimal accuracy. So there is no encryption / decryption involved when observing a GPS signal. The encryption / decryption occurs when transferring / calculating the added noise - a comple

      • by chihowa ( 366380 )

        What you're describing was Selective Availability and is no longer in use. What the GP was describing is the P(Y)-code [wikipedia.org], which is an encrypted PRN. All of this information is readily available these days and there's no need to rely on impressions.

    • The US military already encrypts GPS for themselves - it can still be jammed, but it can't be spoofed.

      All GPS receivers do is measure aspects of delay. These measurements become the basis for determining location.

      It is not necessary for an adversary to understand a signal to alter time of receipt and therefore modify calculated position.

      Maybe it's time encryption was applied to civilian GPS as well. It's not like consumer electronics don't have the capability to handle the decryption, and it's not like you'd have to use the same keys as military GPS.

      I would opt for better internal clocks within receivers and schemes such as RAIM to allow meddling to be flagged with high level of confidence.

    • Anybody check GLONASS in the area? And with laser optical gyros, inertial navigation is adequate for navigation in the area.
  • by tomhath ( 637240 ) on Sunday October 01, 2017 @12:35PM (#55288085)
    Nice proofreading. That's not even a big truck. The article says 37000 ton
  • sophistication (Score:5, Interesting)

    by phantomfive ( 622387 ) on Sunday October 01, 2017 @12:42PM (#55288119) Journal
    These attacks have been known for a while [utexas.edu], and are not hard at all. All you need is a radio that is stronger than the GPS signal. It's been demonstrated multiple times at DEFCON [youtube.com], and there are youtube videos that show you how to do it with a hackrf radio (for example, if you want to move to a particular place while playing Pokemon Go).

    Wikipedia suggests that Russia spoofs GPS whenever Putin is in the area.
    • by 93 Escort Wagon ( 326346 ) on Sunday October 01, 2017 @01:42PM (#55288401)

      Wikipedia suggests that Russia spoofs GPS whenever Putin is in the area.

      No! No hack, no spoof. Putin Strong, like bull. Forceful personality warps space around him. West just jealous they not have such leader.

      • Wikipedia suggests that Russia spoofs GPS whenever Putin is in the area.

        No! No hack, no spoof. Putin Strong, like bull. Forceful personality warps space around him. West just jealous they not have such leader.

        That's nothing! Our great leader has a furry alien parasite on his head that makes him hyper intelligent, the greatest negotiator of all time, a business genius without peer and he has good genes... good genes, great genes, absolutely amazing, wonderful genes, he is always a winner and his eloquence warps reality itself into ... an alternate reality, of ... alternative facts... and he gets two scoops of ice cream because he's an alpha male, not a one scoop pyjama boy.

      • No! No hack, no spoof. Putin Strong, like bull. Forceful personality warps space around him. West just jealous they not have such leader.

        For some reason I read that aloud in the voice of a North Korean news reporter.

    • Mod parent up!

      If you want an overview of the degradation of the Russian government, I suggest this book: The New Tsar: The Rise and Reign of Vladimir Putin [amazon.com], by Steven Lee Myers (2015)

      For those who want an overview of the degradation of the U.S. government, can you recommend a book?
  • or maybe there's a bug in the AIS software
  • About a year ago, this same thing was reported on land as well in Russia

    https://news.slashdot.org/stor... [slashdot.org]

  • I thought all the satellites were too old to receive anything from earth, let alone from puny handheld units like as early smartphones were. Maybe that's why it's not called Wireless magazine?

  • AIS or GPS? (Score:5, Insightful)

    by Known Nutter ( 988758 ) on Sunday October 01, 2017 @01:38PM (#55288387)
    Are we spoofing GPS here, or are we spoofing AIS? Just so we're clear... GPS is obviously GPS, but the summary seems to conflate GPS and AIS. AIS is a terrestrial based VHF system which takes GPS data from individual ships adds identifiers and transmits it to anyone who cares to listen, which usually means other ships and shore-side receivers. It sounds to me like it is AIS that is being spoofed -- which would be trivial compared to GPS.

    Keep in mind that AIS is just one of several redundant systems which ships use to navigate waterways and track positions of nearby vessels.

    No investigation has indicated suspicions that Russia did anything. The only one who suspects Russia is one captain of a tanker ship.
    • Re:AIS or GPS? (Score:5, Interesting)

      by Solandri ( 704621 ) on Sunday October 01, 2017 @03:00PM (#55288695)
      Yeah, I monitor AIS [marinetraffic.com] to help decide where to take my boat fishing (track where the charter sportfishing boats are going). It's fairly common to see glitches in AIS tracks. Ships traveling at warp speed are pretty frequent too. My guess is AIS glitches and reports the same GPS position for a while (as if the ship is stationary). Then all of a sudden it reports the correct location and it looks like the ship has traveled at high speed to the new location.
    • Re:AIS or GPS? (Score:4, Informative)

      by laughingskeptic ( 1004414 ) on Sunday October 01, 2017 @04:26PM (#55289013)
      The article clearly states that it is the GPS position that is being tampered with. AIS is the means by which the positions are reported, it is not the system for determining positions. These ships are reporting bad positions that they are getting from their GPS systems. The ship captains seem to be aware that their GPS positions are incorrect. As I type this the ship KAREEM JUNIOR is reporting that it is sitting on land at the Gelendzhik airport ( https://www.marinetraffic.com/... [marinetraffic.com] ). Before it jumped onto land it's reported path zig-zagged at sea off the Russian port of Tuapse. The link I provided will show any other ships that find themselves reporting positions at the Gelendzhik airport in the future.
    • Are we spoofing GPS here, or are we spoofing AIS? Just so we're clear... GPS is obviously GPS, but the summary seems to conflate GPS and AIS. AIS is a terrestrial based VHF system which takes GPS data from individual ships adds identifiers and transmits it to anyone who cares to listen, which usually means other ships and shore-side receivers. It sounds to me like it is AIS that is being spoofed -- which would be trivial compared to GPS.

      It's talking about GPS spoofing where bad AIS data flows from bad GPS data.

      Quoting TFA:

      "Instead of displaying Atria's actual position, the ship's systems located it 25 to 30 miles away â" at Gelendzhik airport"

    • AIS is not used by the ship to navigate, and the ships navigation is broken by this spoof. So it can't be AIS.

      Also, as mentioned above, it is clearly stated that GPS is spoofed and nothing else.

  • How did a 37-ton tanker suddenly vanish from GPS off the coast of Russia?

    What does this even mean? It seem to indicate that the poster thinks GPS is some sort of tracking system.

  • In Soviet Russia GPS spoofs you!

    I mention this in tribute to our favorite russkiy komik, a funny guy from the Cold War. It occurs to me, there must have been some expat Americans over in the USSR doing the comedy circuit. Is anyone aware of anyone?

    wikipedia: His humor combined a mockery of life under Communism and of consumerism in the United States, as well as word play caused by misunderstanding of American phrases and culture, all punctuated by the catchphrase, "And I thought, 'What a country!'"

    What a

  • A 37-ton tanker wouldn't be much use, and would hardly need a GPS.

    (It's only Monday, but I've already met my internet pedantry quota for the week.)

  • Russia's globalnaya navigatsionnaya sputnikovaya sistema? Was that spoofed too?
  • by blindseer ( 891256 ) <blindseer.earthlink@net> on Monday October 02, 2017 @03:49AM (#55290881)

    Anyone else notice a pattern? It seems that when the signals are spoofed the reported location is at an airport. Why would that be?

    Is this to protect the airport? For example, a GPS guided bomb dropped on the airport would think it is on target when in fact it is 30 miles out from shore. Is it to protect other targets? They'd be willing to go sacrificing the airport (presumably a low occupancy area with few buildings, most of the area being runways and such) instead of a higher value target.

    Maybe it's just that an airport is a convenient place to hide the equipment and the device is re-transmitting it's own location to get around the problems of having to decode and re-encode the GPS signals.

    Maybe I'm seeing a pattern that isn't there.

    • Maybe it's just that an airport is a convenient place to hide the equipment and the device is re-transmitting it's own location to get around the problems of having to decode and re-encode the GPS signals.

      You don't need to decode and recode. Other than for the military GPS signals aren't complicated or encrypted. They are well described and open. Also there are freely available tools to create fake GPS signals. All you need to do is pump them through a transmitter, not even a very strong one.

  • How did a 37-ton tanker suddenly vanish from GPS off the coast of Russia?

    Well, it didn't, because you can only receive GPS. Unless you are a satellite, you are not on GPS, so you can not vanish from it.

    • Just another example of terrible headline writing, with the added bonus of uninformed authorship, and a dose of failure-to-consult-experts, though in this case a minute with Wikipedia would have sufficed for an author of average intelligence.

      I know, big assumption there.

  • Last week, I put together a quick write-up of the possible sources of trouble for AIS messages. It doesn't go into the needed depth on topics, but I would appreciate technical feedback and any links to people doing deep dives on any or all of the issues.

    GPS spoofing possibly seen in AIS data: http://schwehr.blogspot.com/20... [blogspot.com]

    And before that I've written quite a bit on the insanity that is AIS:

    AIS Integrity and Security - Part 0: http://schwehr.blogspot.com/20... [blogspot.com]

My mother is a fish. - William Faulkner

Working...