Why GPS is more vulnerable than ever

The space-based navigation and timing system faces a growing risk of attack. But there is a simple solution.

The popular Waze app relies on GPS to direct drivers around traffic backups.

Nir Elias/Reuters

May 10, 2016

From a command center at Schriever Air Force Base, about 10 miles outside Colorado Springs, Colo., seven 20-something airmen are responsible for safeguarding global financial markets, international commerce, the US power grid, all telecommunications, and ensuring that Uber drivers everywhere can find even the most out-of-the-way restaurants.

The highly trained military personnel with Air Force Space Command protect the 31 satellites the US relies on to provide access to terrestrial navigation. Their office is the control center for the Global Positioning System (GPS) that some 4 billion people around the world use daily, making it possibly the largest humanitarian service provided by any one nation.

Most people think of GPS as the ubiquitous yet invisible system that moves the dot on Google maps. But the massive network of satellites and countless receivers do much more. GPS signals provide any object containing a receiver chip with continuous and precise time information from the satellites’ atomic clocks. Any task that requires precision timing (including synchronization telecommunications) or a record of high-speed transactions (including Wall Street trades) uses GPS.

Thanks to Schriever, the security of the physical GPS systems is strong. But Space Command — and most GPS security — focuses on protecting the GPS signal as it is broadcast. The problem, experts say, is protecting signals nearing receivers. Devices designed to disrupt and manipulate GPS signals are more common and more disruptive than ever, often blocking signals from reaching large swaths of territory.

But more concerning, many believe, is that GPS remains incredibly vulnerable and at risk to even more serious attacks from rogue nation states or criminal hackers who want to wreak havoc on American cities. Imagine for a moment New York City without GPS – Wall Street and financial markets come to a halt, traffic jams spread across the city, all air travel, ferries, and trains shut down.

“A few years back, [the military] released a report called ‘A day without space,’ ” says Col. John Dorrian, director of public affairs for Space Command. “It’s still classified, but the gist of it was that there is no such thing. Space capabilities, including GPS, are integrated into everything we do. People count on that capability being there.”

What if GPS breaks?

Newark Liberty International Airport officials know what it’s like to have that capability vanish. In late 2009, the airport was testing a new air traffic control technology called Smartpath intended to improve the flow of planes in and out of the airport. It worked so well that Liberty eventually bought the system. But as they tested it, the airport noticed something concerning: Seemingly at random, it would stop working.

Officials checked the equipment, but the equipment was fine. After a three month investigation, the Federal Communications Commission found the culprit: Gary Bojczak. Mr. Bojczak worked for an engineering firm that tracked its vehicles using GPS. But Bojczak didn’t want his employer constantly looking over his shoulder, according to an FCC report on the incident. So he installed a GPS jamming device in his assigned truck. Every day, he’d drive by the airport and every day his jammer interfered with Smartpath’s GPS receivers. He was eventually caught and fined $32,000.

Why many in Ukraine oppose a ‘land for peace’ formula to end the war

That type of jamming is the most common domestic threat to GPS, according to the Department of Homeland Security. And it’s a global problem, says Charles Curry, cofounder of Britain’s Chronos Technology, which develops jamming detectors. In a study between 2012 and 2013, the company discovered as many as 100 monthly jamming events in London. Today, says Mr. Curry, the problem is only getting worse.

“We had a mobile operator as a customer who just switched to GPS and was starting to blame the equipment [for outages],” says Curry. “But we were able to show the jamming was human. Jamming didn’t happen on public holidays, Christmas, Boxing Day, or weekends.”

And it’s not just van drivers trying to evade their bosses. In Germany, drivers have reportedly used jammers to avoid GPS-based toll systems. Melbourne cab drivers used them to scam a dispatch system that prioritizes taxis that have been idle longest. Curry once had a customer report catching a priest jamming signals to keep parishioners off their cellphones during church service.

Jamming and spoofing

Jamming is illegal in the US, but that hasn’t stopped dozens of Chinese manufacturers from shipping car-mounted devices to the US that are no bigger than the cigarette lighter ports they plug into and cost as little as $40.

“People who sell these devices say they only work for a few yards, which presumably is just enough for what the person buying the device is trying to hide,” said Martin Faga, a former deputy secretary of the Air Force who currently serves on the Positioning, Navigation, and Timing Advisory Board, a federal advisory on GPS issues. “But the reality is that most of them jam GPS for a couple of miles, which creates problems.”

Spoofing devices that can trick GPS receivers into reporting incorrect information aren’t particularly expensive either. At the 2015 European Black Hat hacker conference, a team from the Alibaba Group, the Chinese e-commerce giant, demonstrated one could be assembled for less than $300.

“If you realize what damage a small jammer can do, just think what a slightly larger jammer, mounted on a balloon floating over a city could do,” said Dana Goward, a former director of marine transportation Systems for the US Coast Guard.

Both Mr. Goward and Faga – president and vice president, respectively, of the Resilient Navigation and Timing Foundation, an organization that promotes policies to bolster security for GPS – have grown increasingly concerned with the potential of jamming attacks over the past few years. Adding credence to their concerns, the US military reported that Russia used jamming devices to confuse Ukrainian defenses during their recent Crimean incursion. What’s more, South Korea has claimed North Korea used jamming to stifle its GPS reception.

Jamming isn’t the only threat that GPS experts worry about. Satellites are not beyond the threat of physical attack. In 2007, China successfully tested an antisatellite missile capable of downing a satellite in orbit. Colonel Dorrian says other nations are developing similar capabilities, too. But as of now, the threat of physical attacks is only an emerging one. Simple human error might currently be the biggest risk.

Experts say human error was the cause when every satellite in the GLONASS system – a Russian alternative to GPS – began broadcasting gibberish instead of location signals at 1 a.m. on April 2, 2014. It didn’t stop for 11 hours.

“We are currently experiencing calls from customers all over the world who are experiencing GLONASS ‘outages’ and we have advised customers to switch GLONASS tracking off on our receivers,” Neil Vancans, chief executive of Altus Positioning Systems told the industry trade “GPS World” during the resulting panic. “We don’t have any better information on when normal service is likely to resume from GLONASS satellites. If you do, let me know!”

Yet, GPS historically hasn’t had these kinds of human problems – a key reason for its popularity over GLONASS or the Europe’s new Galileo protocol. Space command prides itself on its training to prevent human errors. “At international conferences, the questions we get asked by other providers and systems boil down to everyone else trying to figure out how we do it,” said Col. Steven Whitney, director of the GPS directorate at the Air Force. “Clearly GPS is still the gold standard in terms of global navigation systems.”

But humans are human. Imagine an error slipped through. Most civilian systems that rely on GPS for timing have back-ups systems. The Navy made headlines in October when it announced that for the first time since 1998, it would begin training sailors to use celestial navigation in case of an attack against GPS systems or an outage.

As space becomes increasingly contested and new, intentional physical threats emerge, Col. Dorrian says the Air Force is considering a change to Space Command’s staffing policy. Currently, Schriever’s GPS team tends to move on to other positions within a few years, leaving its average age at 23. It's working to ensure the team includes more experienced members.

The Air Force is also hardening the GPS signals. The security of GPS has always been limited by a relatively low powered signal. The less strength the signal carries, the easier it is overpower, leaving it possible to jam GPS or even fabricate false broadcasts from earthbound transmitters.

In 2017, the Air Force is slated to launch the latest generation GPS III satellites, which will increase the strength of the signal and encrypts the US military’s private frequency to make it harder to tamper with. But consumers and other nations can’t use that encrypted signal, and the power on the new satellite remains low enough that experts believe attackers will still have the ability to impede GPS.

 

A GPS backup plan

The best solution to protect GPS is a backup system that automatically picks up whenever GPS goes down, according to most experts, including Goward, Faga, Chronos’s Curry, and the man considered the father of the GPS system, Stanford Professor Brad Parkinson. And the infrastructure to do that is already in place.

Before GPS, boats navigated through the LORAN (short for long range navigation) system developed by the US using World War II, which uses earthbound broadcast stations for similar tracking purposes as GPS.

LORAN fell out of favor as satellite navigation took over. But a modernized version called eLORAN would offer enough accuracy in navigation and timing applications to fill in while outages of the more accurate GPS system are investigated and neutralized.

Britain and South Korea have both put LORAN into use as a GPS backup, and the US was very close to funding a LORAN backup in the 2010 budget. But a last minute move by the executive branch’s Office of Management and Budget removed the funding for LORAN as a cost cutting measure. OMB believed LORAN’s similarity to GPS made it a duplicate service. The OMB did not respond to a request for comment.

As far as cost cutting measures go, it wasn’t a major one. GPS costs the US about $1 billion a year. LORAN would cost less than half as much for the first 20 years of service in the continental US. “It’s the most economical solution,” says Dr. Parkinson. “It’s a travesty we don’t use it.”

A LORAN backup, most experts agree, would work as a deterrent against GPS jamming. LORAN has a much stronger signal because it can rely on conventional power plants, so it would be a much more difficult thing to take offline. Because of that additional power, it could provide some additional benefits. It’s hard to receive a GPS signal as you move further and further indoors. LORAN penetrates even sturdy buildings.

Goward has been lobbying for a revival of the LORAN back-up since it was first removed from the budget. But he feels like Congress is conflating its low price tag with its being an issue of low importance. “In one Congressional meeting I said, ‘We could have a solution for as low as $40 million,’ ” says Goward. “Congressman Garamendi joked, ‘We don’t deal in numbers that low,” he said referring to Rep. John Garamendi (D) of California, who has since become an active supporter of the eLORAN system — even introducing a bill to provide that funding.

Goward says he’s frequently approached by international GPS groups asking why the US doesn’t take the lead in this issue. The potential to use LORAN is slipping away — already gone in France and Norway, both of which turned off LORAN at the end of last year to switch to Galileo satellite navigation. Galileo has the same vulnerabilities to spoofing and jamming as the US system.

While the Space Command personnel at Schriever have proven they are capable of safeguarding satellites that provide GPS service, Parkinson, the father of GPS, says the real path to ensure the protection of GPS is a legislative solution. If lawmakers sign something that thwarts an effective back up system, he says, the the ubiquitous navigation system remains at risk. “The greatest threat to GPS assurance might be a policymaker signing the wrong piece of paper."