Upcoming Cyber Security Threats Part 6: GPS Jamming and Spoofing

Vehicle GPS deviceDo you wonder what future cyber security threats the cyber crooks are working on to steal our money, through our computer use? According to Computerworld, the cybercriminal list of future law-breaking hacking includes:

– text-message malware
– hacking into smart grids
– social network account spoofing
cyber stalking
hackers controlling your car
GPS jamming and spoofing.

My thoughts on this list are that the threats are plausible (at least one has already begun), the targets are available (or will be), and there is money to be made for the cybercriminal organizations that sponsor these threats. But what really grabs my attention about these future threats is that their development will require resources such as funding, expert programmers, and intelligence, that would mirror the investment in research and development of top corporations. And is easily affordable by the cybercrime organizations because of the large amounts of money they have amassed in recent years…our money.

These six threats has each be addressed in a series of articles on this blog ending with GPS jamming and spoofing in this post.

GPS jamming is a technique used to interrupt the valid signals, driving instructions and other transactions, being sent to your GPS device. Spoofing is when a hacker sends a false signal to your GPS that displays a set of driving directions and transactions that, although seem real, are false and contain information and instructions that are not in your best interest.

The best known use of GPS is for receiving driving directions in our vehicles. We’ve come to know and love those tidy little displays on our dashboards and those interesting accents the voices have. We trust that, barring a bit of confusion from time to time, that they are accurate and will get us to the place we desire.  Enter the future cybercriminals. It looks like they’ll be jamming and spoofing the GPS signals on high-value target vehicles, like transport trucks, armored cars, …you get the picture. They will alter the driving directions to lead the target vehicle to a place where the thieves will attack and hijack the vehicle and/or it’s contents.

One of the least known uses of GPS is that the banking industry uses GPS signals to timestamp financial transactions. In the world of global finance, most transactions are conducted over the Internet at high-speed and extremely high numbers of transactions daily. A critical part of each transaction is the timestamp. As you might expect, the timestamp is proof of when the money was sent, received, withdrawn…a very important piece of data. I suspect cybercriminals could spoof the timestamp to their own gain.

Security expert Roger Johnston, a systems engineer at the Argonne National Laboratory in Chicago, says spoofing GPS signals is the greater danger, explaining that GPS receivers are low-power devices that latch on to any strong signal. In tests, he has set up a GPS spoofing signal, operated out of a passenger car, that sends erroneous GPS information to nearby receivers. “You don’t have to know anything about electronics or GPS to set these up; they are very user-friendly,” says Johnston.

Johnston says spoofing could be used for serious crimes — transmitting information to a delivery truck that routes it into a dark alley where criminals are waiting, changing the timestamps on financial transactions, delaying emergency vehicles from finding their routes. There have been no reported cases of GPS spoofing to commit a criminal act, but Johnston warns that government and business should work to deter the attacks.

Typically, he says, the security industry is reactionary: “We wait until there is a catastrophic exploit until we do anything about it.” With about $15 worth of parts, today’s GPS devices could be retrofitted to detect GPS spoofing and notify the user that an attack is underway, Johnston says, “but because almost nobody is interested in GPS spoofing, this is not a project we have pursued.”

In the end, as Phil Lieberman, founder of enterprise security vendor Lieberman Software explains, there isn’t a lot individuals can do to prevent GPS jamming or spoofing. If someone transmits competing signals as you drive in a car or use a handheld, the receiver will fail or be fooled — but keep in mind that your GPS device will begin working properly again as soon as you move out of range of the jamming or spoofing device. However, it is worth noting that GPS jamming is illegal in the U.S. and violates FCC regulations. If you suspect jamming or see someone using a GPS jammer, report it to the police.

It’s vitally important to remember that the “connected vehicle” of the near future is based on a very powerful computer that can and will be hacked. Be aware, be cautious, be paranoid, be vigilant to any abnormality in the operation of your vehicle and all “applications” in use. If something starts operating differently, even temporarily, get your guard up and tell someone, including the police. We’re talking about your safety and the lives of those with you in the vehicle.

Remember, be very careful…it’s dangerous out there.

Please comment on this subject; we all learn from each other when our views and opinions are shared.

Don’t miss an article. If you enter your email address in the Email Subscriptions box on the right column of this page, I’ll send you an email when a new article is posted. I don’t share your email address with anyone…no one; I hate spam too. Please share my site with your friends and family. Thanks.

Home computing is a blast…keep it safe, productive and enjoyable.

Best regards,

Paul

paulshomecomputing(at)yahoo.com

Ref: Computerworld article Six rising threats from cybercriminals

Advertisements

6 Comments

Filed under Internet, security

6 responses to “Upcoming Cyber Security Threats Part 6: GPS Jamming and Spoofing

  1. Pingback: Quick Tip + Friday Fun + Miscellaneous « Tech – for Everyone

  2. Paul,

    Your blogging family is very glad to see you back in the mix…

    Rick

  3. Hi Paul,

    Great to see you back! Been looking forward to part 5.

    Best,

    Bill

What do you think?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s