This presentation provides an introduction to the vulnerabilities of satellite navigation and timing systems and the ways in which these vulnerabilities have been exploited. First, the specific vulnerabilities of GPS-based systems are introduced – the main vulnerabilities of GPS are due to the very low signal strength of the satellite signals. The paper discusses the effect of RF interference on satellite navigation and timing systems and introduces some real examples of disruption caused by real interference events. Evidence is also produced to show that interference events are widespread. The spoofing of GPS position and timing is also introduced. This presentation shows that spoofing can be carried out either at the application layer (the Pokemon GO game is presented as an example of this kind of hacking) or at RF level, where it is also shown that there are real examples of this kind of attack. Real examples of exploitation of GPS vulnerabilities are presented.
These will include:
Evidence will also be presented to show that there are a significant number of exploitations of RF interference by several groups of attackers with various motives. It will be shown that the groups who are attempting to exploit navigation and timing system vulnerabilities are the same types who have exploited IT systems. Approaches to mitigate systems and devices against the described vulnerabilities are proposed - a protective risk assessment and test framework are presented as being a method that can make significant improvements to existing systems.
We designed and built out a network that receives real-time data from purpose built detectors. The detectors are located at several airports, military bases, ranges, and along highways near tollbooths.
Receivers and sensors along with historical data have been used to hunt down willful and intentional GPS jamming by people wishing to evade tolls, trucking companies, employees wanting to evade employer surveillance as well as sophisticated jamming patterns and spoofing that would require a highly-sophisticated adversary and gear that is not available COTS/to civilians. Technology has been demonstrated to identify, track and report small time offenders, track down complex GPS network issues and assist in investigations where military assets have been targeted. We will demo the detection network, show of some of the historical data and bring sensors to Black Hat for everyone to see and play with. We will also talk through some of the cases where we tracked down sources of intentional jamming.