Computers have been hacked for decades. But now, scientists at Cornell University and Virginia Tech are now warning about the dangers of "spoofing," or hacking into the Global Positioning System (GPS) that controls everything from car navigation to national power grids.
"The average person doesn't realize how much infrastructure is based on GPS and how vulnerable it is," said Brent Ledvina of Virginia Tech, who helped build a spoofer to show weaknesses in the system. "But the truth is that a lot can be done about these vulnerabilities."
A GPS receiver detects signals from about 30 orbiting satellites. Based on the time it takes for the signal to reach the receiver and the direction it came from, the receiver can triangulate an exact time and place, down to hundreds of nanoseconds, according to Ledvina.
The easiest way to mess with a GPS device is simply to jam it, or create a false GPS signal that overpowers the real GPS signal. In this case, the victim would know about the sabotage right away; often the GPS receiver simply doesn't work.
The second, more sinister, method is called spoofing. In spoofing, the intended target doesn't know that the signal received from a GPS unit is wrong: A spoofer creates a false GPS signal that passes as a real GPS signal, and an incorrect time or location appears on the intended receiver.
"It looks exactly like a real GPS signal," said Ledvina. "Everything looks completely normal, but the spoofer is controlling your position in time and space."
Being a couple microseconds off of the real time might not sound like a big deal to the average consumer with a GPS car navigation system, but GPS has spread far beyond what its creators envisioned in the 1970s.
Being even 10 microseconds off could cause power generators, some of which use GPS signals to sync electrical grids to power stations, to explode, said Ledvina. Air traffic controllers use GPS to help avoid plane collisions. Banks time-stamp financial transactions using GPS. Police attach GPS receivers to criminals to monitor their activities.
At its worst, successfully spoofing a GPS receiver could mean plane crashes and exploding generators. A more likely scenario, said Paul Kintner of Cornell University, is less disastrous but still illicit -- people could falsify their geographic or chronological position to avoid house arrest or authorities, for instance.
"Apparently fisherman are required to carry a GPS monitoring unit and already have made crude attempts at spoofing," said Kintner. "There are likely more examples of where people do not want to be tracked that would gladly pay for a spoofer."
The good news is that, for now, it is still pretty hard to create a spoofer. Some of the study authors have been working on GPS technology for more than 15 years now. Kintner estimates it cost them over $1 million to build their spoofer (including manufacturing costs). Ledvina says the hardware alone was about $1,000.
The spoofer itself was the size of a briefcase and was plugged into the wall. The scientists also connected the spoofer to a GPS receiver with a cable instead of broadcasting the signal, which would have violated FCC regulations.
If they had broadcast the signal it would only go a few meters, which means the spoofer and the intended receiver would have to be physically close. Eventually the size of a spoofer could decrease to about the size of a pack of cigarettes.
That said, it only took two part-time students about a week of work each to build the spoofer. The cost of hardware and the expertise necessary to build the next spoofer will drop quickly as well, as Ledvina illustrates.
"Ten years ago it would have taken a grad student a few weeks to jam a GPS receiver," said Ledvina. "Now Virginia Tech probably has 100 students who, with the right equipment, could build a jammer in about ten minutes." Ledvina expects a similar trend to follow spoofing.
Spoofing is not a new concern.
In 2001, the U.S. Department of Transportation released a report on GPS that laid out six countermeasures to deter spoofing, such as adding additional, non-GPS instrumentation, or keeping humans in charge of decision instead of leaving them up to computers. But such measures can be expensive, and they don't necessarily solve the problem.
The Cornell and VT team has successfully found a way around five of the six countermeasures, and are currently working to crack the last one.
The only GPS systems that can't be spoofed are military systems used by some soldiers and GPS guided "smart-bombs," says Richard Langley, a GPS researcher at the University of New Brunswick who reviewed the Cornell and Virginia Tech research.
"The military GPS signals are protected against spoofing by using a secret encryption, so that only receivers with that encryption technology can access the signal," said Langley. "There is no such protection for civilian GPS use."
The large number of civilian GPS devices makes civilian encryption impractical, but it also goes against the creator's original purpose in developing GPS, which was to provide free access to anyone anywhere, said Langley.
Kitner and Ledvina are clearly concerned about the effect that releasing this information to the general public would have. They are, after all, exposing major flaws in vital systems. But ultimately, they released the information in the hope that it would inspire GPS manufacturers and others to put safety measures in place.
"We have a technology-dependent society, and that makes us more vulnerable," said Kintner.