What is GPS spoofing? And how you can defend against it

GPS spoofing definition

GPS spoofing is an attack in which a radio transmitter located near the target is used to interfere with a legitimate GPS signals. The attacker can transmit no data at all or could transmit inaccurate coordinates.

The U.S.-operated Global Positioning System (GPS) is just one of the world’s global navigation satellite systems (GNSSs). Others include Russia’s GLONASS, China’s BeiDou Navigation Satellite System, and the European Union’s Galileo.

GNSS is also used for accurate timing, and attackers can interfere with that function. For example, in March, at the Geneva Motor Show in Switzerland, an attack from an unknown source affected the GPS systems of Audi, Peugeot, Renault, Rolls-Royce, Volkswagen, Daimler-Benz and BMW cars. Instead of showing the accurate location, the cars were reporting that they were in Buckingham, England, in the year 2036.

GPS spoofing is also used to refer to smartphone apps that can affect a phone’s location data, as well as to cyberattacks against networked systems that rely on GPS data.

Types of GPS spoofing

It used to be that GNSS spoofing was primarily the domain of state-sponsored actors. According to C4ADS, signal generators capable of spoofing a GPS signal used to cost thousands of dollars and required expert operators.

These kinds of attacks are still common, with Russia, for example, reportedly frequently interfering with location data near politically sensitive targets such as Syria or Crimea or in the vicinity of Russian President Vladimir Putin. Today, GNSS spoofing can be accomplished with cheap, commercially available and portable software-defined radios running open source software and costing under $300.

Read full article at CSO magazine.