GPS spoofing can probably make your self driving car go right off the cliff! What is GPS Spoofing? Its when the GPS information going to you device does not reflect your current location because its been hacked and given the wrong info.
Picture you’re this, you’re at work in the middle of an important meeting and get a call from the landline at your house. You’re thinking, “how can this be?”. After all, you live alone and haven’t given anyone your landline number because you only got it because it came with your cable bundle. You answer the call and its a robocall from whatever the latest scam is. For a brief second that telephone number spoof caused chaos.
Imagine if the spoof wasn’t focused on your phone and was instead focused on your GPS. The potential chaos is enormous. Whether redirecting customers to competitors, causing maritime traffic on shipping routes, accidents in self driving vehicles, or any of a wide variety of technology issues for systems reliant upon GPS. Today, more and more systems are reliant upon GPS and these are physical systems that dictate basic logistical functions so this is likely the to be the security vulnerability with the greatest danger to your physical well being.
Back in July the Department of Homeland Security reported that our power grid had been infiltrated by state sponsored actors showing their advanced capabilities to gain access to mission critical infrastructure systems. GPS Spoofing adds a new layer of danger. GPS receivers are able to access the Global Positioning System which uses DOD satellites to provide information. Those receivers are vulnerable to attack.
The Wall Street Journal’s Adam Janofsky published an article yesterday claiming that with a $223 device, a team from Microsoft Research and the University of Electronic Science and Technology of China were able to redirect 40 drivers, sending them to destinations of the hacker’s choice. 95% of people followed the route to a place they did not want to go.
This ability, as you can imagine, that GPS Spoofing provides hackers doesn’t have an easy solution and hackers are continuing to develop their attacks as we patch vulnerabilities. The Department of Homeland Security has produced an unclassified document that shows organizations and individuals and organizations 22 specific recommendations to protect themselves from GPS Spoofing.
Some of their recommendations are to obscure antennas, provide decoy antennas, introduce redundancy, practice good cyber hygiene, use whitelists, and enhance anti jam capabilities. The report is pretty in-depth and is recommended if you want to learn more information on GPS Spoofing.
If you’re worried about employees and/or contractors engaging in GPS Spoofing to fool your timecard and telemetry systems adding billing dollars onto your bottom line, its a real concern. This shows that cyber security is a concern that has wide stretching implications that all of the departments across your organization should weigh in on to develop the right strategy to protect your organization.
So, the next time you hop into an Uber or Lyft, make sure your driver is taking you directly to your destination and not GPS Spoofing you to add a few dollars onto your fare.