Supervised Team Of College Hackers Expose GPS Vulnerability
AUSTIN (CBSDFW.COM) – Hackers at the University of Texas at Austin are shedding some light on the vulnerability of technology many people depend on in today’s world – the Global Positioning System (GPS).
The space-based satellite navigation system informs us where we are, how fast we’re going and where to go next. GPS provides location and time information in all weather conditions, anywhere on or near the planet where there is an unobstructed line of sight to four or more GPS satellites.
Maps were thrown out in favor of satellite-guided GPS years ago.
“Sure we trust these devices, but should we? That was the question I asked and it turns out we shouldn’t, at least not blindly,” said UT Austin professor Todd Humphreys.
Humphreys and his team from the radionavigation lab at UT Austin made headlines last year when they infiltrated the GPS system of a drone.
“Taking control of one of these UAV’s is hard. Crashing it, is easy,” said team member Daniel Shepard of the drone.
The team’s publicized success at taking control of the UAV caught the attention of a wealthy yacht owner. He offered to pay them to try to take control of his $80 million yacht.
“He handed me his card and said, do you think you could hack a super yacht? And I thought to myself, we would love to know,” said Humphreys.
Thus, armed only with a computer and a GPS spoofing device, Humphrey’s team set about hacking into the mega yacht this summer. While piloting through a narrow canal, they sent faint signals; tricking the ships GPS into reacting as though the yacht was traveling on land. Off the coast of Italy, they sent signals to the GPS that indicated the ship was off course. No alarms went off either time. Crews on-board did have any signs of an impending attack.
The crew kept correcting the ship’s path, not realizing they were actually turning the yacht in the exact direction the malevolent attackers wanted it to go. Crews were startled when the luxury yacht, its’ system overcome with conflicting, confusing directives from the hackers, leaned sharply to one side.
“It was surprisingly easy. We found that the instruments on the bridge, while sophisticated, weren’t working cooperatively, and they didn’t have any kinds of built in sense of paranoia that somebody would be doing some kind of attacks like this,” according to Humphreys.
The experiment proves that insecurities about the vulnerability of GPS, which provides critical capabilities to military, civil and commercial users around the world, are well founded.
“This was a very serious vulnerability, a real problem that needs to be fixed.”
The system is maintained by the United States government and is freely accessible to anyone with a GPS receiver.
“Done safely and securely, the team thinks GPS could change our lives. They even envision a day when a GPS-guided drone brings that burrito you wanted for lunch, right to you.”
The possibilities go beyond flying burritos.
The team of ‘hackers’ is using GPS to develop augmented reality, where people could see how objects would look in a real life setting. They are measuring minute-movements of cars and drivers, possibly even people. Similar to how computers had to defend against viruses though, Humphrey’s team said they believe GPS won’t take people anywhere until it’s secure.
The UT team is now working with the government to try to strengthen security for satellites.