Just hours before U.S. president Barack Obama delivered his final State of the Union speech in January, two U.S. Navy patrol boats wandered into Iranian waters. The Iranian military intercepted the vessels and captured 10 U.S. sailors, making for an awkward moment as the president took the stage.
The seamen were released the next day, but no military official seemed able to explain why the boats had strayed from their intended path. Defense Secretary Ashton B. Carter simply said the highly trained crew had “misnavigated.” An investigation is still under way.
Without a clear explanation, the incident prompted speculation that Iran had sent false GPS signals to lure the sailors onto another course. It would not have been easy for the Iranians to hijack the GPS system—military GPS signals are heavily encrypted—but the idea wasn’t inconceivable. In 2011, Iran boasted that it had captured a highly classified drone belonging to the CIA by fooling its GPS to make it land in Iran rather than Afghanistan.
Three years before the drone’s capture, one of us (Humphreys) had developed the only publicly acknowledged GPS spoofer that could perform such a feat. A spoofer transmits false GPS signals, which to a navigation system are indistinguishable from real ones. Meanwhile, the other of us (Psiaki) was hard at work on detectors to catch spoofers in the act.
Prodded by the Iranians, the U.S. Department of Homeland Security decided to investigate spoofing soon after the drone incident. The agency invited Humphreys’s group at the University of Texas at Austin to attack a helicopter drone at White Sands Missile Range, N.M., in June 2012. The team’s mission was to force the hovering aircraft to land by sending false positional data to its GPS. The spoofer told the drone it was climbing, causing it to automatically adjust—and nearly crash into the sand.
An operator averted disaster by manually overriding the spoofed autopilot before impact. Still, the White Sands drone hack made national news and rattled lawmakers. Soon after, Humphreys appeared before a U.S. congressional committee concerned with drone safety.
Since then, GPS spoofing has continued to pose a dangerous but poorly understood threat to the trustworthiness of critical navigation systems. To prevent spoofing, we need to understand how antagonists can corrupt GPS signals in the first place. With that knowledge, we must act quickly to develop ways to alert GPS users to these false signals.
The drone demonstration starkly indicated GPS’s vulnerabilities, but we believe that other targets are far more worrisome. Cellphone towers, stock exchanges, and the power grid all rely at least partly on GPS for precise timing. A well-coordinated spoof could interrupt communications, confuse automated financial traders, and inflict crippling power outages. In a worst-case scenario, a spoofer’s operator could overtake airplanes or ships to induce a crash, facilitate a heist, or even kidnap a VIP.
Those and other scenarios concerned Andrew Schofield as he listened to Humphreys present the details of his White Sands drone test at the South by Southwest Interactive conference in 2013. Schofield approached Humphreys after the talk and presented his card, on which his title read “Master of the White Rose of Drachs.” Then he asked, “How would you like to go after bigger prey?”
The White Rose is a 65-meter (213-foot) superyacht that relies on GPS to safely navigate the high seas. The US $80 million vessel, which boasts paintings by old masters and marble-and-gold bathrooms, belongs to a U.K. real estate tycoon. Schofield, the ship’s captain, was offering to take Humphreys out to sea to test whether his trusted ship could be spoofed.
