By Robert Schoon (r.schoon@latinospost.com) | First Posted: Jul 31, 2013 12:49 AM EDT
Close

(Photo : YouTube: CockrellSchool)

Researchers have effectively hacked a large yacht's Global Positioning System to lead it astray, while keeping the crew completely in the dark about its whereabouts.

Don't worry though, this was just a test, conducted with the crew's knowledge, led by University of Texas assistant professor Todd Humphreys, the world's top academic expert in GPS "spoofing," according to ArsTechnica. The test was conducted last month, and represents the most sophisticated GPS forgery attack ever performed and reported.

Humphreys tested his GPS spoofing system, after years of work by him and his team, on the "White Rose of Drachs," an $80 million superyacht in the Ionian Sea, off the coast of Italy. Humphreys generated fake signals that the yacht's onboard GPS - which the White Rose of Drachs, and most civilian craft - was tricked into receiving as authentic.

"What we did was out in the open. It was against a live vehicle, a vessel - an $80 million superyacht, controlling it with a $2,000 box," said Humphreys to Ars. "This is unprecedented. This has never been shown in this kind of demonstration. That's what's so sinister about the attack that we did. There were no alarms on the bridge. The GPS receiver showed a strong signal the whole time. You just need to have approximate line of sight visibility. Let's say you had an unmanned drone. You could do it from 20 to 30 kilometers away, or on the ocean you could do two to three kilometers."

Humphreys' team took advantage of the fact that GPS signals are sent from satellites - orbiting about 12,000 miles above Earth - to GPS receivers without authentication or encryption. Normally, the GPS receiver would accept a spoofed signal without question, but because GPS usually relies on anywhere from four to up to 10 satellite signals to determine the receiver's position, one spoofed signal is likely to be dropped as erroneous. If the receiver did accept the one signal, it would probably be obvious that the system was malfunctioning.

(Credit: YouTube: CockrellSchool)
(Credit: YouTube: CockrellSchool)

That's what Humphreys' and his team did differently. From the White Rose of Drachs, Humphreys' team sent out a signal that faked all of the GPS signals headed to the receiver. "We mimicked the entire GPS constellation," said Humphreys. "We had a counterpart for each signal coming down from every satellite in the sky. When they mixed together with legitimate signals in the receiver, ours were slightly stronger."

Because the entire GPS range was spoofed, the navigational computer was tricked into going off course, while still showing on the display chart that the yacht was moving in a straight line, on its course. In Humphreys' video, he explains how repeatedly spoofing the GPS signal took the superyacht several hundred meters off course, without the crew knowing.

This is believed to be the first time a GPS system has been spoofed so thoroughly, and it could be a big problem for ocean transit systems. "If it was to get out, it would be a real problem for transportation systems," said Humphreys. Navigation by GPS is ubiquitous, and Humphreys' $2,000 box could be a crack in the entire system.

The University of Texas professor has some advice for protecting GPS receivers, involving introducing unpredictable digital signatures to challenge conceivable GPS spoofers. Not using GPS is not an alternative at this point, says Humphreys. "There's not much they can do out in open ocean, at this point, only GPS is available to them," he said. "Nobody knows how to use a sextant."

© 2015 Latinos Post. All rights reserved. Do not reproduce without permission.