We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not an Insider? Subscribe now for unlimited access to online articles.

Intelligent Machines

“Spoofers” Use Fake GPS Signals to Knock a Yacht Off Course

Civilian GPS is vulnerable to being spoofed—and researchers are looking for ways to ensure the signals are legit.

Millions of cars, computer networks, and devices rely on GPS.

University of Texas researchers recently tricked the navigation system of an $80 million yacht and sent the ship off course in an experiment that showed how any device with civilian GPS technology is vulnerable to a practice called spoofing.

Lurking trouble: A console on the yacht that was taken over by University of Texas researchers who made bogus GPS signals seem legitimate.

Led by GPS expert Todd Humphreys, the researchers used a handheld device they built for about $2,000. It generates a fake GPS signal that appears identical to those sent out by the real GPS. The two signals reach the targeted system in perfect alignment. The strength of the fake signal slowly ratchets up and overtakes the real one.

The yacht’s captain offered up his boat for the experiment after seeing Humphreys give a presentation at this year’s SXSW conference. The takeover took place in June while the boat was traveling in the Mediterranean off the coast of Italy. From a perch onboard the yacht, the spoofing researchers shifted the ship’s course three degrees to the north. They also convinced the yacht’s GPS system that the boat was underwater.

“[The captain] invited me to basically try kicking the tires of his security system,” Humphreys says. “And yeah—they were flat.”

Until now, the threat of spoofing existed mostly on paper. Humphreys’s team had demonstrated the device in experiments with unmanned aerial vehicles. Those tests established that the technology can work from up to 30 kilometers away, Humphreys says.

Now the yacht experiment shows it can be used to fool a navigation system in the real world. This has implications for any system that relies on civilian GPS—a list that includes commercial aviation, smartphones, and the stock market.

“Civilian GPS is not encrypted and not authenticated, so that means it’s entirely predictable,” Humphreys says. “Predictability is the enemy of security.”

Although there is no evidence that spoofing has been used maliciously, other researchers are developing preëmptive solutions.

Mark Psiaki at Cornell University, a former adviser of Humphreys, has been at the problem for several years. Psiaki’s group has a patent pending on a device that would help civilian GPS piggyback off military signals. In this scenario, incoming civilian GPS signals would be compared to military GPS signals that are broadcast on the same frequency. Although the military’s GPS is encrypted, it contains some distinctive features that indicate its relationship to the true civilian GPS signal.

The signals would be processed by one or more intermediate receivers in a secure location unlikely to be spoofed—such as the middle of a desert. However, this means that the solution would require substantial infrastructure to work on a large scale, with receivers spread out in desolate areas around the country.

A simpler answer might be better. Psiaki’s team has built a modified GPS receiver that wiggles its antenna back and forth a couple of inches at a high frequency. Moving the GPS antenna like this alters a characteristic of the incoming signal called the carrier phase. True GPS signals arrive from multiple locations, and this will be evident when looking at the differences in their carrier phases. Fake GPS signals, which are broadcast from a single location, will show the same signature in each carrier phase.

Psiaki’s team tested a prototype based on this idea last year while Humphreys was demonstrating his spoofing device on a drone helicopter. Psiaki says his group detected the spoofing attempt. “If we’d taken [our prototype] out on the yacht, the yacht would not have been fooled,” he says.

Be the leader your company needs. Implement ethical AI.
Join us at EmTech Digital 2019.

Register now
More from Intelligent Machines

Artificial intelligence and robots are transforming how we work and live.

Want more award-winning journalism? Subscribe to Insider Basic.
  • Insider Basic {! insider.prices.basic !}*

    {! insider.display.menuOptionsLabel !}

    Six issues of our award winning print magazine, unlimited online access plus The Download with the top tech stories delivered daily to your inbox.

    See details+

    Print Magazine (6 bi-monthly issues)

    Unlimited online access including all articles, multimedia, and more

    The Download newsletter with top tech stories delivered daily to your inbox

You've read of three free articles this month. for unlimited online access. You've read of three free articles this month. for unlimited online access. This is your last free article this month. for unlimited online access. You've read all your free articles this month. for unlimited online access. You've read of three free articles this month. for more, or for unlimited online access. for two more free articles, or for unlimited online access.