Sunday, September 28, 2008

Is the GPS network vulnerable to hackers?

GPS network vulnerable to hacks claim researchers at Cornell

A Cornell University research team has demonstrated that it is, and that it is not that difficult to do. The Cornell team’s apparent ease at fooling a GPS receiver, a process termed “spoofing”, was presented in a paper at a meeting of the Institute of Navigation, Sept. 19 in Savannah, Ga.

The researchers demonstrated how their briefcase-size GPS receiver, used in ionospheric research, had been programmed to send out fake signals and when placed in the proximity of a navigation device, was able to track, modify, and retransmit signals being transmitted from the GPS satellite constellation. Gradually, the “victim” navigation device would take the counterfeit navigation signals for the real thing.

A government-led research team at Los Alamos National Laboratory addressed the issue of GPS spoofing in a report detailing seven “countermeasures” against such an attack. According to the Cornell team, such countermeasures would not have successfully guarded against the signals produced by their reprogrammed receiver. ”We’re fairly certain we could spoof all of these, and that’s the value of our work,” claimed paper author Todd Humphreys.

GPS is a U.S. navigation system of more than 30 satellites circling Earth twice a day in specific orbits, transmitting signals to receivers on land, sea and in air to calculate their exact locations. Handheld GPS receivers are popular for their usefulness in navigating unfamiliar highways or backpacking into wilderness areas. But GPS is also embedded in the world’s technological fabric. Such large commercial enterprises as utility companies and financial institutions have made GPS an essential part of their operations.

“GPS is woven into our technology infrastructure, just like the power grid or the water system,” said paper author Kintner, Cornell professor of electrical and computer engineering and director of the Cornell GPS Laboratory. “If it were attacked, there would be a serious impact.”

By demonstrating the vulnerability of receivers to spoofing, the researchers believe they can help devise methods to guard against such attacks.

“Our goal is to inspire people who design GPS hardware to think about ways to make it so the kinds of things we’re showing can be overcome,” said Psiaki, Cornell professor of mechanical and aerospace engineering.

Full story from Cornell Chronicle, via

No comments: