GPS is easy to spoof
The Global Position System (GPS) is increasingly being used for crucial safety and security applications such as emergency response services, law enforcement, cargo security, nuclear materials transport, aircraft navigation, and critical time & synchronization standards for utilities, telecommunications, and computer networks. This heavy reliance on GPS may be a mistake. The Department of Transportation (DOT) has warned that the civilian GPS signals (the only ones available to most government users and all private users) are not secure. Few GPS users are paying attention.
In a recent paper [Journal of Security Administration 25, 19-28 (2003)], the VAT demonstrated how civilian GPS satellite signals can be easily spoofed, not just jammed. With spoofing, an adversary provides fake GPS signals. This convinces the GPS receiver that it is located in the wrong place and/or time. Remarkably, spoofing can be accomplished without having much knowledge about electronics, computers, or GPS itself.
The VAT has
proposed simple, inexpensive countermeasures to spoofing. These could be retrofitted to most existing
See Jon S. Warner, Roger G. Johnston, "GPS Spoofing Countermeasures", Homeland Security Journal, December 12, 2003.
For more information, see:
- J.S. Warner, and R.G. Johnston, "GPS
Spoofing Countermeasures", LAUR-03-6163, Appeared in Homeland
Security Journal, December 12, 2003
- J.S. Warner, and R.G. Johnston, "A
Simple Demonstration that the Global Positioning System (GPS) is Vulnerable to
Spoofing", LAUR-03-2384 The Journal of Security Administration
25, 19-28 (2002)
In the Press
- Eric Parizo, “Researcher Details Findings on Spoofing GPS, Malicious Insiders”, SearchSecurity, September 14, 2012
Drones May Be Vulnerable to Sabotage Because of GPS -- The Daily Beast (Dec
rising threats from cybercriminals -- Computerworld (May 19, 2011)
Roger Johnston interviewed -among other experts- by John Brandon of Computerworld. Roger discussed with him about GPS spoofing.
- The Security
Fallacy: Seven myths about physical security -- Argonne News Release (Oct.
Argonne researcher Roger Johnston finds vulnerabilities in surprising places—including voting machines, GPS and even high-tech security devices that use iris or fingerprint scans.
MAKE: Magazine blog (Sep. 19, 2008)
Spoofing by Bruce Schneier
Schneier on Security blog (Sep. 17, 2008)
and Wall Street by Sheri Davidoff
Philosecurity blog (Sep. 11, 2008)
Spoofing by Sheri Davidoff
Philosecurity blog (May 25, 2008)
Last Modified: Mon, September 30, 2013 7:47 PM