Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Transportation

How Shady Ships are Spoofing Their Locations with Fake GPS Coordinates (nytimes.com) 92

Slashdot reader artmancc writes: Like aircraft, many of the world's ocean-going vessels are required to have transponders that broadcast their location. The information is public and can be seen on websites such as AIS Marine Traffic. But according to an analysis reported in The New York Times , a maritime data company called Windward "has uncovered more than 500 cases of ships manipulating their satellite navigation systems to hide their locations."

The article, by Anatoly Kurmanaev, highlights the Cyprus-registered tanker Reliant, which was observed taking on oil at a Venezuelan refinery last December. At the same time, however, the ship was reporting its position as some 300 nautical miles (about 500 kilometers) away, "drifting innocuously off the coast of St. Lucia."

It's illegal (under international law), but the rapidly-growing practice lets ships circumvent international laws and sanctions, the Times reports, and "could transform how goods are moved around the world, with profound implications for the enforcement of international law, organized crime and global trade." Its use has included Chinese fishing fleets hiding operations in protected waters off South America, tankers concealing stops in Iranian oil ports, and container ships obfuscating journeys in the Middle East. A U.S. intelligence official, who discussed confidential government assessments on the condition of anonymity, said the deception tactic had already been used for weapons and drug smuggling. After originally discovering the deception near countries under sanction, Windward has since seen it spread as far as Australia and Antarctica.

"It's a new way for ships to transmit a completely different identity," said Matan Peled, a founder of Windward. "Things have unfolded at just an amazing and frightening speed...." The spread of AIS manipulation shows how easy it has become to subvert its underlying technology — the Global Positioning System, or GPS — which is used in everything from cellphones to power grids, said Dana Goward, a former senior U.S. Coast Guard official and the president of Resilient Navigation and Timing Foundation, a Virginia-based GPS policy group. "This shows just how vulnerable the system is," he said.

This discussion has been archived. No new comments can be posted.

How Shady Ships are Spoofing Their Locations with Fake GPS Coordinates

Comments Filter:
  • .. or people who want to do shady things will bypass it.

    • by Z00L00K ( 682162 )

      Best enforcement would be "oops, you weren't there on the GPS tracker so we thought that the water was clear for our live ammo shooting exercise".

    • Up next: the rule that tracks all cars. Then we can start tracking all the people. Think of the crime we can stop!
      • Already here. We already have phones that could do that. All we need is a commitment by a government to do it. I've seen videos of some things going on in China that look very similar today.
  • Working as designed (Score:5, Informative)

    by ugen ( 93902 ) on Sunday September 04, 2022 @11:49AM (#62851267)

    Just to be clear, all of the "subvert technology" talk is sort of pointless. The AIS system is designed this way. AIS is using specific short wave frequency to send what amounts to clear text ASCII strings in packet form. These carry an individual ship identifier (MMSI number assigned globally) and a GPS position of the ship, as reported by the ship itself. The position is usually derived from a GPS receiver, but that is not a part of AIS system per-se, and it is both trivial and quite legal to provide the position in some other way (including entering it manually).

    Not only that, but as this is a clear text broadcast on radiowaves - there is nothing preventing a ship from entering another ship's identifier, or simply turning off its AIS transmitter. The system has no provisions for authentication or authorization and really cannot (at a minimum - it can always be turned off). While having an AIS transmitter is mandatory for large commercial vessels due to various laws, there are no technological means in the protocol to enforce that.

    In addition, some ships report position using a proprietary satellite tracking system. Again, there is nothing (other than the specific proprietary software interface) preventing the ship from keyeying in a position manually. This system is not considered mandatory (unlike the true AIS).

    The only way to track ships in a way that does not rely on their goodwill/cooperation is to use some form of an active tracking, where each ship must carry a non-powered identification device (antenna resonator?) and is surveyed externally (by satellite?). Even that could be somewhat circumvented (cover the antenna or cut it off and throw overboard) but the stakes are higher, and it's something that could be readily verified. I don't see that becoming the case anytime soon though.

    • Re: (Score:1, Troll)

      by ickleberry ( 864871 )
      AIS was designed for safety, so other ships would know where you are and not crash into you, not to help enforce Orwellian government big brother measures.
      • by ArchieBunker ( 132337 ) on Sunday September 04, 2022 @12:41PM (#62851353)

        I’m struggling to find what’s Orwellian in this story. Enforcing international maritime laws is big brother now?

        Falsifying your position in busy shipping lanes absolutely is a safety issue.

        • Enforcing international maritime laws is big brother now?

          For some people enforcing any law is Orwellian / big brother -- especially when it's a law they're breaking.

          • Re: (Score:1, Insightful)

            by Anonymous Coward

            That's too easy. It shows you both have something to learn about privacy.

            Car analogy? The registration plates are there to find you if you fuck up. "Who ran over this old lady then drove off?" They're not there to, say, track your every move. As is now happening with ubiquitous ANPR and massive databases with movement data. That's really repurposing the reason registration plates are there for. Same with, say, auto-toll transponders and putting receivers elsewhere to track so-equipped vehicles. They're the

            • That's too easy. It shows you both have something to learn about privacy.

              Car analogy? The registration plates are there to find you if you fuck up. "Who ran over this old lady then drove off?" They're not there to, say, track your every move. As is now happening with ubiquitous ANPR and massive databases with movement data.

              That argument might be true if license plates weren't passive devices. Ship tracking requires a signal to be broadcast. If you don't like that then maybe operating a cargo ship isn't for you.

            • by Kisai ( 213879 )

              They don't exist for vehicles because vehicles pre-date such safety systems by a century. At the speeds a car drove back in the 1920's, you not only heard them coming, but you could get out of the way. By the 1940's that was no longer the case, and by the 1960's everyone owned a car.

              Turning signals are about the only thing vehicles have that are used this way.

              However we really should be tracking vehicles from the second they enter a public road. We all pay to use the roads regardless if we drive a car, bike

              • by sfcat ( 872532 )

                But Americans won't stand for that tracking, so it will likely never become a standard feature in cars.

                You are welcome. Maybe this is why wherever you are from doesn't get to make such decisions?

            • Fog. Your 4d location for sale. The part Hollywood got wrong was how easy it is to get.

          • ickleberry was buying Russian oil under the table, and he would have gotten away with it if it weren't for you pesky kids!
        • It's "Orwellian" in that this is a clear example of taking a basic technical physical safety system meant for anti-collision and maybe some search and rescue work and using it for unrelated "political" goals. In this case that's various trade sanctions and fishing rights... and then complaining when people opt out of the original system.

          it's akin to other safety systems like moderation: It starts out banning porn and snuff films. ok.
          then "terrorism"
          then "hate"
          then "misinformation"

          So now you've got a syst

          • using it for unrelated "political" goals. In this case that's various trade sanctions and fishing rights

            What you describe is called a crime, not politics. You wouldn't be upset if someone started hunting on your property without permission? Oh that's just politics.

    • by tlhIngan ( 30335 )

      Authentication will be extremely difficult because you're talking about boats from all over the world - how would you coordinate handling and transmission of a current list of whatever you use to authenticate? After all, such a list is basically outdated the instant its published, and not all boats can be updated in real time.

      It's the same as with things like ADS-B - you need everyone to be able to receive it, so you can't really encrypt it, and if you authenticate it, there's no way to reliably distribute

      • Encryption isn't the solution, a signed attested message is. Then, the signature can confirm "the location provided has come from an approved device, and that device has attested that it is correctly operating". That's standard hardware security module functionaility.

        Having said that, overloading the receivers input with spoofed GPS location radio signals is trival, and costs a few hundred dollars for an SDR radio, and the free software https://github.com/osqzss/gps-... [github.com]

        I used that in a factory test jig to t

      • by larwe ( 858929 )

        Authentication will be extremely difficult because you're talking about boats from all over the world - how would you coordinate handling and transmission of a current list of whatever you use to authenticate? After all, such a list is basically outdated the instant its published, and not all boats can be updated in real time.

        It really isn't difficult. Look at Apple cables and the Made for iPhone program. There are millions of accessories made under that program that are paying license fees to Apple so they can have a security chip in them to enable features. All you need to do to protect this data is say "Only data signed by a trusted certificate will be accepted as valid position data". And then you only allow a very small number of very trusted chipmakers to have the intermediate certificates required to generate those truste

      • Authentication will be extremely difficult because you're talking about boats from all over the world - how would you coordinate handling and transmission of a current list of whatever you use to authenticate? After all, such a list is basically outdated the instant its published, and not all boats can be updated in real time.

        It's the same as with things like ADS-B - you need everyone to be able to receive it, so you can't really encrypt it, and if you authenticate it, there's no way to reliably distribute the information around.

        So in the end, it's basically going to be cleartext anyways - any encryption is going to be known to everyone because everyone has to be able to send and receive AIS or ADS-B messages.

        In the end, there's very little one can do. ADS-B can be enforced by various aviation organizations as it's required to be a part of air traffic control, but what they can do is limited. AIS is even more limited because only the coastal receives and coast guards can really enforce it, and there's a lot of water otherwise.

        In the end, it's really more about safety than anything - if you're misreporting your AIS and someone crashes into you, then maybe you have some explaining to do because everyone else's AIS will have records showing that. And there are plenty of things out there without AIS - swimmers, paddlers, canoers, kayakers, and other small vessels aren't required to equip AIS. (Of course, it also relies on the fact that the other vessel can probably avoid other ships easily, but you'll also probably want to not swim in busy shipping lanes).

        How many countries are ships registered in? If you exclude Panama, how many are left? So the answer is tie it to their insurance. Also, we're talking about commercal vessles, not Jeff Bezos yacht.

    • by Strider- ( 39683 ) on Sunday September 04, 2022 @02:09PM (#62851525)

      So Class A transponders must have their own internal GPS receiver to operate as the SOTDMA transmission system requires the precise timing signal to work. The regulations that cover these transponders in turn require that the transmitted position be fed to a Class A transponder from the ship’s navigation system. The firmware on the transponder is supposed to sanity check that provided position against its internal receiver, and refuse to transmit if they’re more than x meters different (I think 300m).

      It’s pretty clear that these ships are running hacked transponders. However, it’s not hard to sanity check the data. The range of an AIS transmission is about 40 nautical miles at most. If you’re receiving a position that is more than that away from the receiver, you can pretty much consider it to be bogus.

      • Mod parent up- spoofing AIS in this way is obviously possible, but it at least for larger vessels it's not nearly as trivial as the OP makes it out to be. Maritime authorities also cross reference AIS data with radar and potentially other sources.
        • Yep. Then you get into the fun that is AIS for warships. All the rules go out the window. A warship can reprogram its MMSI at will, can transmit bogus positions, encrypt the data, all sorts of fun things. If you look at the west coast of Vancouver Island, youâ(TM)ll often see âoeFisheries Researchâ ships moving around at 20 knots. They arenâ(TM)t.

      • by vrt3 ( 62368 )

        > The range of an AIS transmission is about 40 nautical miles at most. If youâ(TM)re receiving a position that is more than that away from the receiver, you can pretty much consider it to be bogus.

        At sea, yes. On land (for inland shipping) and maybe near the coast there are AIS base stations that can relay AIS messages. Still there is a limit on the amount of hops and it's still shouldn't be too hard to filter for obviously bogus positions.

    • by larwe ( 858929 )

      The only way to track ships in a way that does not rely on their goodwill/cooperation is to use some form of an active tracking, where each ship must carry a non-powered identification device (antenna resonator?) and is surveyed externally (by satellite?).

      With sufficient optical coverage you wouldn't need any equipment on the ship at all - the satellite constellation could simply identify the overhead silhouette, at least to the ship class - and could keep track of where each vessel had been such that it could disambiguate between sister ships in different locations.

      • by kmoser ( 1469707 )
        This. Given the resolution of satellite images, AI should be able to scan them and quickly and reliably distinguish ships as they traverse the globe.
        • by Agripa ( 139780 )

          High resolution satellite images come from low earth orbit satellites, which necessarily have a small horizon, so tracking is intermediate at best, and why warships can plot courses which avoid satellite coverage if they need to.

    • by fuzzyfuzzyfungus ( 1223518 ) on Sunday September 04, 2022 @02:28PM (#62851565) Journal
      It's certainly a lot less convenient; but I'd imagine that, at least for the larger cargo and fishing vessels, optical satellite observations allow for some location inferences that would be pretty hard to avoid.

      Not 100% reliable, since you can't assume 24/7 coverage at sufficient resolution and and the correct wavelengths to deal with the weather in a given area; but between the ship itself and the wake they show up just fine when you do photograph an area; and they aren't blazingly fast so computing the potential movement during the times you don't have an eye on them is reasonably productive(and trivial, if you just draw a circle of the appropriate radius; more accurate if you've got information on currents and meteorological conditions).

      As with most inferential attacks, this also gets more powerful if you have other datasets to cross-reference it against: if a ship needs to stop lying on AIS, say, they run the risk of being either correlated with non-AIS detections of their earlier position via satellite or radar or of introducing a 'jump' in their position that cannot be reconciled with their actual maximum speed and/or the ships that weren't detected in a given area during the time they would have had to be travelling there for the route to work out. There's also observational data from ports and ships considered reliable(own and allied ports and coast guards, commercial observers in ports suspected of operating on a see-no-evil basis but not sufficiently hostile that such observers run a serious risk of getting shot for spying, own or friendly merchant ships given inducements for voluntary data sharing); and finally outright just sending someone to take a look if you care so much about it.

      Yes, more expensive than just taking an AIS dataset and having some Treasury GIS guys crunch up a report from the comfort of their office; but (except for very high value/very hot stuff that gets the disposable narco-sub treatment, is very carefully mixed with legitimate goods by competent smugglers, or which travels by diplomatic bag) the mere presence of bulk cargo ships and tankers, and the ports that serve them, is hard to hide; and there are few restrictions on RF or optical inspection of ships in international waters(or within national waters but from international waters). Something like the Venezuelan oil smuggling? Venezuela has a limited number of oil terminals(and apparently Jose Terminal accounts for the bulk of traffic), and those aren't something you build overnight or without being noticed; plus they all dump you into the Caribbean, which offers a handy mix of jurisdictions such that more or less anyone who isn't a total pariah state can find a friendly dock in the vicinity if they don't want to use a long-endurance blue water navy for the job of just keeping an eye on shipping. If the feds actually care there isn't an awful lot something with the radar signature of an oil tanker could do to avoid being observed going in and coming back out of one of the terminals and, approached closely enough to verify visual details and buoyancy changes consistent with having loaded or unloaded cargo. This will presumably get even harder to avoid as time goes on and drones with adequate range and good cameras become cheaper and more common, and partially autonomous operation of ships(to avoid the drag on endurance that having a crew eating food and getting bored causes) becomes more viable.

      Probably the bigger question is the 'and what are you going to do about it?' aspect. Even with today's rather haphazard enforcement you get periodic reports like this one(sometimes generalist, sometimes from specifically interested groups trying to protect fisheries or displeased at the flouting of a specific sanction); but unless getting caught is actually an expensive risk it doesn't really matter. There doesn't seem to be a lot of appetite for measures like cracking open the shell companies and going after the operators; or forbidding a ship caught flouting the rules from doing business in reputable ports from then on; or just plain boarding and seizing the thing. If there were, even a fairly leaky detection system would be a lot scarier.
    • by vrt3 ( 62368 )

      AIS is not exactly ASCII clear text. Your point still stands since there is no encryption at all going on, but I thought I'd mention some details for who might be interested.

      AIS messages are broadcasted as binary data from which you can extract the different pieces of data according to the specification for each message type (of which there are about two dozen not including regional extensions): first 6 bits for the message type, next 2 bits for a repeat indicator, then 30 bits for the MMSI of the sender, a

  • by SchroedingersCat ( 583063 ) on Sunday September 04, 2022 @11:52AM (#62851271)
    How is this news on slashdot? Everyone knows that rebels and smugglers used fake transponder codes thought history. Millennium Falcon had multiple transponder codes.
    • Yeah, well, the Millennium Falcon was a look long time ago, and far far away...
  • by gurps_npc ( 621217 ) on Sunday September 04, 2022 @12:04PM (#62851283) Homepage

    1) To avoid sanctions. The US has placed some sanctions on Venezuelan oil, which is why the ship was pretending to not be there while it was taking on oil. Similarly, russian yachts do not want to let people know where they are.

    2) Avoid pirates. While ship piracy has mostly vanished (due to law enforcement going to the places where ships were taken to and taking the ships back), it does still exist.

    3) Avoid James Bond. That SOB keeps showing up at every single ship based plan to take over the world.

    • Left out how to stop this:

      Make it legal to confiscate any ship that does this and do some spot checking with satellites. If a ship is not where it is supposed to be, confiscate it the next time it does show up.

      • Re: (Score:3, Insightful)

        Legal according to whom? Which country's laws? Every ship has a flag, and the flag determines which country's laws govern it. The US has 3,400 ships, China has 3,700. Panama has north of 8,000 ships flagged, the next highest are Liberia, the Marshall Islands, Hong Kong and Singapore. All of these have open registries, with very lax laws and little to no income tax, making it both lucrative for ship owners to operate cheap foreign labor and pay no taxes with minimal legal oversight of the ship's operati
        • Legal according to whom? Which country's laws?
          The laws of the waters you are operating in ...

          • by larwe ( 858929 )

            Legal according to whom? Which country's laws? The laws of the waters you are operating in ...

            The waters where this is being done are either waters where it is the LOCAL GOVERNMENT who wants the skulduggery happening (e.g. sanctioned countries wanting to sell their oil, and not wanting people to know which ships are there filling up with it), or international waters where the rules of engagement are much more complicated. A US military vessel, for instance, can't just randomly stop any ship it wants to in international waters.

      • Re: (Score:3, Insightful)

        by Rymberger ( 2764489 )

        I presume it would be enough to deny them entry into ports and/or deny them insurance. No need to confiscate them right away. That is Russian airplanes and tankers are dealt with now.

        Also, broadcasting false location should be interpreted as lying to insurance company and traffic authorities

      • I think the spot checking with satellites is going to grow as more imaging satellites go into orbit. There are already dozens with public imagery available. Within the next few years, that may grow to hundreds, such that near-real-time tracking of ships will be possible by coordinating AIS reports with imagery and applying a little machine learning. A ship that reports a position a few miles off of its actual location could just be a positioning error, but if the AIS reporting and the visible track continue

      • Sure, make it part of international maritime law.

        Only problem is, don't expect everyone to sign up to it.

    • In regions of Asia and Africa, piracy is still a huge deal.
      Especially "stealing" from oil tankers or hijacking Yachts.

  • Sink them. (Score:4, Funny)

    by Gravis Zero ( 934156 ) on Sunday September 04, 2022 @12:14PM (#62851301)

    The obvious solution is to sink boats that aren't where they aren't meant to be.

  • "Oops! Sorry, we didn't know you were there when we started testing our live torpedoes on a 'special training mission'!"

  • "It's illegal (under international law)..."

    Yeah. Well, so is piracy (as in the ship-attacking and boarding kind), but we seem to barely be doing fuck-all about that problem, so part of me certainly understands the "problem" of GPS spoofing.

    Kind of falls into the No-Shit-Sherlock category of The-Fuck-Did-You-Expect department.

  • Coming soon to cars and drones "near" you!

  • Surely ships dont simply rely on other ships GPS coords being correct? Dont they have an old school radar backup to avoid collisions?

  • Oh that's right, for being communists. The communism kind of worked while oil prices were high. Too bad the party ended when prices tanked. But prices are again high and sanctions are only easing thanks to an a worse threat from Russia: https://www.theguardian.com/co... [theguardian.com]
  • Been around for a long while. All the cool kids use it. Iran, Russia, China, North Korea.
  • I used to do fake my GPS corrdinate on my phone so I can play Pokemon Go.

  • So apparently Dutch Trawlers also spoof their locations. They then sneak into danish waters and trawl the areas (beam trawling which partly destroys the fishing areas, and makes future fishing worse). My posting fu sucks though, so if you are interested you will have to google it....
  • I gave a paper on this at an international conference on Vessel Monitoring Systems back in the 90's.

    The POC was demonstrated on a piece of commercial equipment (no names - given the time that has passed it would not be fair) where the device internally used a 3rd party GPS module rather than a solution integrated into the main PCB. It was trivial to unscrew the lid, tap into this connection and manipulate/substitute the legitimate NMEA data with a modified version. This resulted in my backyard clotheslin

  • by Tom ( 822 )

    "This shows just how vulnerable the system is," he said.

    Which system? The one where ships voluntarily report their own position? Yeah, that comes as a total surprise that someone would think of messing with that to hide their illicit operations. Being a criminal is one thing, but hiding it ? - oh the humanity.

  • As the US becomes more and more aggressive in enforcing its own rules upon the rest of the world, it is instead turning the oceans into a wild west where there are no rules. When will we have the US Navy raising the Jolly Roger and confiscating Iranian, Venezuelan and Russian oil on the high seas? Seems it's only a question of time.
  • Seems to me those ships broadcasting fake credentials are perfect piracy opportunities. How could I have possibly robbed you when you say your 500km away.

Real programmers don't comment their code. It was hard to write, it should be hard to understand.

Working...