Image: UK Aircraft Accident Investigations Branch
Blog Editor’s Note: We love these ‘year end reviews’ Guy publishes. He and his LinkedIn group are great sources for information on jamming, spoofing, and interference of all kinds.
While we try to keep close track of these kinds of things ourselves, Guy always has some interesting cases that we had not seen before.
We are very glad to have Guy as a member of RNTF’s International Advisory Committee (full disclosure, Guy is employed by Spirent, a corporate supporter of RNTF).
Well done, Guy!
From downed drones to stolen quad bikes: a review of GNSS vulnerabilities in 2021
As GPS jamming becomes endemic in some parts of the world, 2021 saw a big step towards resilient PNT standards for safety- and liability-critical systems.
Users of satellite-based position, navigation and timing (PNT) systems have for a long time been engaged in an arms race with a variety of threats that prevent those systems from operating.
In 2021, some of those threats have become endemic – at least in certain parts of the world. From the Arctic Circle to the Suez Canal, and from China to the USA, jamming of global navigation satellite systems (GNSS) made life very difficult this year for users of PNT systems, particularly in commercial aviation and maritime operations.
Signal jamming continues to increase in geopolitical hotspots
In September, for example, Defence and Security Systems International reported that “the volume of GPS jamming incidents has increased across the globe”. In particular, it noted that “in the Middle East, jamming incidents of both civil and military platforms are equally common” and that “there is extremely aggressive Electronic Warfare in the area of Ukraine and in the Baltic region.”
Indeed, in May, the United Nations OSCE Special Monitoring Mission (SMM) to Ukraine reported that one of its observation drones was forced to make an emergency landing after GPS jamming disabled its onboard navigation systems, preventing it from carrying out its mission.
Vessels find DIY workarounds in the Eastern Mediterranean
Also in September, the US DoT Maritime Administration extended its maritime industry advisory (MARAD) for the Eastern Mediterranean – a vast region encompassing Italy, Cyprus, Egypt, Lebanon and other countries. It warned commercial shipping operators of continued “instances of significant interference… resulting in lost or inaccurate GPS signals affecting bridge navigation, GPS-based timing, and communications equipment.” Most of this activity is likely related to ongoing conflict in Syria.
Reports from individual vessels published on the US Coastguard’s Navigation Center (NAVCEN) database show what this interference looks like operationally. Two separate ships’ captains reported that GPS jamming around Port Said is so bad that they decided to switch from GPS as their primary position sensor to a secondary receiver that also uses the Russian GLONASS system. “It worked,” reported one. “We never received alarms, or lost our ECDIS picture.”
Switching to GLONASS may have worked for these users, but DIY workarounds like this are not a viable long-term solution to the problem of continual signal jamming. Instead, commercial GPS users in geopolitically sensitive regions need practical advice on protecting and toughening their systems, and augmenting them where possible with additional positioning technologies.
Domestic jamming poses a growing threat to commercial aviation
And signal jamming isn’t just happening in conflict zones. The USA has seen a sharp increase in domestic military jamming tests, creating problems for commercial pilots. In May, previously undisclosed FAA data revealed that in 2017 and 2018, hundreds of aircraft lost GPS reception in the vicinity of military tests.
One report to NASA’s Aviation Security Reporting System (ASRS) exemplifies the problem. The flight crew had become so used to jamming near a missile range that when they experienced a course error, they assumed it was due to military testing. In fact, the crew had introduced the error themselves through inaccurate data entry. “Expectation bias led me to being complacent about a required descent briefing,” admitted the crew member submitting the report.
In May, the Federal Aviation Authority said it acknowledged the concerns of commercial aviation, but its proposed solutions – such as extending notice periods of jamming events – were unlikely to help much, according to the Aircraft Owners and Pilots Association (AOPA).
New resilient PNT standards may provide a solution
In light of the growing threats from jamming interference, it was very encouraging to see major steps being taken this year towards resilient positioning, navigation and timing (PNT) standards.
In August, the IEEE started work on developing the P1952 resilience standard for receivers used in critical applications. Spirent is happy to be a contributor to this ongoing project, and we would encourage others in the industry to get involved too.
If you’d like to know more, Spirent’s on-demand webinar series and accompanying series of blogs explains why resilience standards are needed for PNT systems, how to conduct a risk assessment of your PNT system, and how to test its resilience.
What other GNSS vulnerabilities came to light in 2021?
While the threat to shipping and aviation from military jamming was the big theme of the year, we also saw many other incidents and threats. Here’s a quick roundup of some that stood out:
January: In India’s Telangana province, thieves employ a GPS jammer to defeat tracking devices protecting a shipment of gold. A cunning plan… except it seems they forget to switch the jammer on, enabling Telangana police to locate the gold – and apprehend the thieves.
March: The Arctic Institute reports on escalating geopolitical tensions in the Arctic Circle, where climate change is prompting new economic and territorial interests. Those tensions have already included “several incidents of Russian jamming, resulting in lost GPS signals for both civilian and allied air traffic in the northern part of Norway,” according to the Institute.
May: Farmers Weekly reports that some farmers are experiencing interference issues with John Deere Starfire 3000 and older Starfire 6000 satellite receivers. John Deere UK and Ireland confirms that a small number of customers in the UK and the Netherlands have been affected, and says the interference is caused by newly-introduced 4G mobile network frequencies.
June: A drone display goes badly wrong in Shanghai when “dozens of drones” start falling from the sky in a waterfront area of the city. No explanation is given, but in October, a similar incident occurs in Zhenghzhou. There, local drone technology reporter Kanzhaji says organizers suspect their competitors of transmitting interference to overwhelm the drones’ navigation systems.
With incidents like this becoming more common, drone operators will need to tighten defences against GPS interference to avoid the risk of personal injury or property damage.
August: NFU Mutual’s 2021 Rural Crime report reveals that criminals in the UK are using GPS jammers to assist in the theft of quad bikes and other expensive farm vehicles equipped with GPS tracking devices.
October: The US Cybersecurity and Infrastructure Security Agency (CISA) issues a warning about a GPS Daemon (GPSD) bug that may take effect on 24th October, with possible impacts on critical infrastructure. The bug particularly affects two versions of the GPSD software, it says.
This has echoes of the 2019 GPS week number rollover event, which affected systems ranging from New York traffic lights to Australian weather balloons. Although no incidents have been reported (that I know of) from the GPSD bug, it does highlight the importance of understanding how systems rely on GPS for timing, and ensuring those systems are adequately protected.
December: In Canada, there are reports of criminals using GPS and Bluetooth trackers to track target vehicles with a view to stealing them. If this trend continues, it may encourage otherwise law-abiding citizens to consider employing a GPS jammer to prevent tracking.
My prediction for 2022: More focus on location authentication
Given all that’s happened in 2021, how is GNSS cybersecurity likely to evolve in 2022? Apart from the development of resilience standards, my big prediction is that we’ll see more focus on technology for positioning authentication and proof of location.
Such technologies will be needed to combat location-spoofing activities like illegal fishing and sand theft. And as companies strive to reduce their environmental impact, they’ll also be needed to provide reliable data on supply chain routes taken and carbon emitted.
Authentication schemes like Open Service Navigation Message Authentication (OSNMA) for Galileo and CHIMERA for GPS are already advanced, and we should see early adopters starting to use them in the coming year. Ultimately, I expect authenticated position and trajectory history will become core business components across many relevant sectors.
Stay up to date with GNSS vulnerabilities
Threats to GPS/GNSS are evolving all the time. To stay up to date with the latest news, events and incidents, join nearly 2,000 industry professionals in the GNSS Vulnerabilities LinkedIn group.