Every time I drive somewhere unfamiliar, I trust my navigation to a machine I carry in my pocket. GPS-powered maps are an exceptionally useful tool for figuring out the distance between point A and point B, and while I always try to travel with paper maps stashed somewhere in my car, if I was in a rush in a new city and driving by myself, it’s likely I’d never notice if my GPS was subtly taking me on a sub-optimal path, away from where I wanted to be and toward the waiting hands of a planned ambush. That’s the danger previewed in “All Your GPS Are Belong to Us: Towards Stealthy Manipulation of Road Navigation Systems,” a paper by researchers from Virginia Tech, China’s University of Electronic Sciences and Technology, and Microsoft Research.
As reported by Ars Technica, this subtle form of spoofing comes from an assemblage of cheap commercial parts, built together into a jammer that works on unencrypted GPS signals in near proximity. The priciest piece of hardware is a software-defined radio, which eats the lion’s share of the sub-$300 cost for the device. Paired with a cheap Raspberry Pi computer, a simple antenna and a battery pack, the device can spoof civilian-grade GPS.
“It then uses algorithms to plot a fake ‘ghost route’ that mimics the turn-by-turn navigation directions contained in the original route,” writes Ars Technica. “Depending on the hackers’ ultimate motivations, the attack can be used to divert an emergency vehicle or a specific passenger to an unintended location or to follow an unsafe route.”
The keys to this style of attack are proximity and the generally open nature of the radio signals being targeted. For example, to replicate a similar idea, the hacking party would most likely have to place the whole jamming contraption on or in the target car, or fly a drone close enough that the radio can spoof its target.
It’s important to note that DoD users generally, but not always, use a military-grade level of GPS that’s harder to crack.
Safeguarding the military from hacks like this are, in theory, two major divergences from civilian use. The first is security: this year, the Pentagon is likely to receive over $1 billion in funding for GPS, and just this week Congress tacked on at least another $5 million specifically for GPS cybersecurity. Massive funding doesn’t mean freedom from vulnerability, of course, but it does show that the Pentagon at least prioritizes keeping the security.
A second factor is that, because this attack relies on spoofing unfamiliar routes, the utility of the attack goes down if the target is either familiar with the area or driving outside a city, where roads are fewer and alternative paths may be nonexistent. Now think about a military unit. A similar attack would require access to the vehicle, the military target to be relatively unfamiliar with where it’s patrolling, and for a slight change of course to lead to an ambush. Not impossible, but there are likely other ways for an attacker with access to the vehicle to cause problems, and elaborate hacking maneuvers should always be considered in light of more plausible physical attacks instead, like planting a similarly sized explosive on the target.
And while the attack in present form is unlikely, it does show a vector for future attacks that’s worth watching. If the spoofing can be adapted against more secure GPS receivers, and if the attacker is willing to ambush a vehicle with a drone that attaches to its roof, then this sort of electronic warfare against the basic navigation software of the military could become a real-life concern. Even if it doesn’t, probably a good idea to make sure everyone still caries paper maps and knows how to read them.