Students Use GPS Spoofing to Push Yacht Off Course
A team of engineering students has demonstrated for the first time how hijackers can use GPS spoofing techniques to gain navigational control of a vessel.
The students from the Cockrell School of Engineering at the University of Texas (UT) in Austin were following up on a 2012 study, which saw them gain control of a drone. The group had been invited to try and hack a drone by Homeland Security, ahead of a Federal Aviation Administration's mandate that will allow government and commercial drones in US airspace by 2015. They used the same technique to bring the drone down from one kilometre away that an Iranian engineer claimed to have used when he captured a US drone in 2011: GPS spoofing.
Though the UT team, led by UT engineer Todd Humphreys, plans on taking charge of a drone from distances up to 10km away this year, they have now gone for a somewhat more dramatic demonstration of the technology's threat by steering a 65-metre super yacht off course. (See the video demonstration below.)
The hack of the $80 million (£52 million) yacht took place off the southern coast of Italy in June this year and is described in the embedded video. The yacht, named the White Rose of Drachs, was on course to Greece from Monaco, when the team of students was invited onboard.
"Thirty miles off land, the crew's sense of the ship's location is based entirely on civil GPS signals broadcast from orbiting satellites. A UT student serving as the attacker commands the spoofing device to transmit fake counterfeit signals towards the ship's antenna. The attacker increases the power of the spoofing signals until they are stronger than the satellite signals, gaining control of the navigation system."
In the experiment, the team adjust the yacht's navigation system to say it was drifting three degrees off course. The crew then applies a correction, but this "correction" in fact sends the ship course, straight into the path of pirates (or whoever else fancies themselves captain of an oligarch's vessel). No alarms are triggered, because the navigation system thinks it's still on course.
"The ship actually turned and we could all feel it, but the chart display and the crew saw only a straight line," Humphreys said in a statement. The team set out on the study to find out how vulnerable the ship's sensors would be to attack. "I didn't know, until we performed this experiment, just how possible it is to spoof a marine vessel and how difficult it is to detect this attack," added Humphreys
The students were onboard the vessel at the time of attack, gradually upping the signal strength from the yacht's upper deck. Further studies will be needed to see how the spoofing works from bigger distances.
As with the drone study, the intention is to warn policymakers about what could be.
"This experiment is applicable to other semi-autonomous vehicles, such as aircraft, which are now operated, in part, by autopilot systems," said Humphreys . "We've got to put on our thinking caps and see what we can do to solve this threat quickly."
(Source: Google News: Wired. View the original story here)
Image from UT-produced YouTube video.
See also: University of Texas
Post your comment
You cannot post comments until you have logged in.
Login to post a commentComments
No one has commented on this page yet.
RSS feed for comments on this page | RSS feed for all comments