For Gurvan Le Meur it started out as a regular voyage. In June this year, the captain of the 37,000-tonne Atria tanker directed his ship through the Marmara sea, along the narrow Bosphorus strait, and into the vast Black Sea. It was a straightforward one-and-a-half day journey. But this changed when Le Meur approached the Russian port of Novorossiysk.
Cocaine, tug boats and tip offs: the inside story of the largest drug bust in UK history
As the 184-metre-long tanker was docking in Novorossiysk, Le Meur was on the ship’s bridge overseeing the final approach. Suddenly, the ship’s warning signals started blaring. “As soon as the GPS lost the signal, we had tons of alarms,” he says. “You cannot miss it. Pretty much everything on the bridge started raising alarms.”
Instead of displaying Atria’s actual position, the ship’s systems located it 25 to 30 miles away – at Gelendzhik airport. GPS disruptions aren’t uncommon, Le Meur says, but most of the time when problems happen they’re limited to a few hundred metres.
“In my entire career, it’s my first time I have experienced such a big discrepancy.” To be sure of the failure during the incident in June, the crew restarted both the main GPS and the backup unit, only to find both systems still gave the same incorrect positioning data.
The Atria wasn’t the only ship affected by the problem. The GPS interference was first reported in August, with the US Maritime Administration saying it had not been confirmed. Since then, officials have issued a secondary statement, confirming 20 ships in the Black Sea had been affected.
At the time, Atria’s AIS system showed around 20 to 25 large boats were also marooned at Gelendzhik airport. Worried about the situation, Le Meur radioed the ships. The responses all confirmed the same thing: something, or someone, was meddling with the their GPS
The modern world couldn’t function without GPS. Not only is it an essential technology for mobile phones, it’s also used on airplanes, activity trackers, location-based sensors, and the autonomous cars being developed by the world’s automotive manufacturers.
GPS is made up of three parts: 24 functioning satellites orbiting 12,550 miles above Earth; monitoring stations on the ground; and receivers in individual devices. For a device to connect to the GPS network, it needs to be able to see at least four of the US-government-owned satellites, although in many cases they communicate with up to eight.
Relying on a fairly weak signal to travel thousands of miles to Earth means GPS can be vulnerable to attack. “There are two effects that can prevent GPS from working: the most common one is jamming,” says Lukasz Bonenberg from the University of Nottingham’s Geospatial Institute. Jamming is an “unsophisticated” attack against a system, which affects everyone in an area, and can be conducted using radio frequency transmitters that interfere with the GPS signal.
Jammers are easy and cheap to buy online. There have been instances of delivery drivers buying them to stop their bosses tracking their positions. In 2016, the US government fined a Chinese manufacturer $34.9 million for selling jamming products.
The second way GPS can be fooled is more sophisticated. Spoofing a GPS signal requires false data to be sent to receivers and be stronger than the legitimate satellite signal. By creating a false signal it is possible to fool a system into thinking it’s in a different place. “You basically need to have atomic level clocks,” Bonenberg says. “Spoofing is something that can cost in the area of £1,000-£2,000 per piece. You really need to have somebody who knows what they are doing”.
In recent years, there has been a surge in GPS spoofing. “Spoofing is currently used in Russia. Around the Kremlin, GPS devices typically show the location 20 miles away,” says Nathan Brubaker, head of the cyber-physical intelligence unit at FireEye.
In October 2016, technology firm Yandex claimed that the Kremlin was spoofing GPS signals nearby. Devices in the area, including vehicles from Yandex’s taxi service, were showing their location 25 miles away at the Vnukovo International Airport. “They have some equipment maybe,” Yandex CEO Arkady Volozh said in an interview with WIRED earlier this year. “The taxis [had a] much more material problem because it started to show that you are 30 miles away.”
Back in 2013, academics at The University of Texas at Austin, under the guidance of lead researcher Todd Humphreys, created fake GPS signals to intentionally force a 213-foot yacht to travel off course. Using a spoofer the size of a briefcase, it was possible to broadcast a counterfeit signal to the yacht’s GPS antennas. The team also caused drones to fly in the wrong direction using the same technique.
These GPS spoofing attacks could have potentially devastating consequences. “You could keep individuals out of your territory, or criminal groups could use it to lead a ship into an ambush and steal their cargo,” Brubaker says. “This kind of incident really represents a risk to the physical integrity of ships and the loads they contain”. Outside of this, GPS signals in vehicles, mobile phones and satellites could be disrupted, sending cars off course and wrecking havoc with infrastructure.
What happened to the Atria in the Black Sea isn’t an isolated incident. “We have found other instances of groups of vessels recording that they are at airports which obviously they cannot be,” says Dana Goward, the president of the Resilient Navigation and Timing Foundation, a non-profit which, in part, monitors GPS incidents.
After trawling through AIS data from recent years, evidence of spoofing becomes clear. Goward says GPS data has placed ships at three different airports and there have been other interesting anomalies. “We would find very large oil tankers who could travel at the maximum speed at 15 knots,” says Goward, who was formerly director for Marine Transportation Systems at the US Coast Guard. “Their AIS, which is powered by GPS, would be saying they had sped up to 60 to 65 knots for an hour and then suddenly stopped. They had done that several times.”
“It looks like a sophisticated attack, by somebody who knew what they were doing and were just testing the system,” Bonenberg says. Humphreys told NRK it “strongly” looks like a spoofing incident. Fire Eye’s Brubaker, agreed, saying the activity looked intentional. Goward is also confident that GPS were purposely disrupted. “What this case shows us is there are entities out there that are willing and eager to disrupt satellite navigation systems for whatever reason and they can do it over a fairly large area and in a sophisticated way,” he says. “They’re not just broadcasting a stronger signal and denying service this is worse they’re providing hazardously misleading information.”
For Le Meur, the spoofing has become a fact of life. “It looks like the Russians define an area where they don’t want the GPS to apply,” he says. “That is my guess.” Onboard the Atria at the time of the attack things were relatively calm. Le Meur says it’s possible for his ship to survive without GPS and he never 100 per cent relies on the system, “We’re trained for that,” he explains. Instead, when the ship’s systems went offline he relied on radar and dead reckoning.
But spoofing poses a significant danger to ships that do rely on such systems. Le Meur explains that some ships can operate almost completely on autopilot, using AIS to keep them on-course. That means any ship receiving a spoofed signal is effectively sailing in the dark. Since the incident in June, Le Meur has returned to the area a handful of times. Each time he goes back, it’s the same GPS disruption story: “We even turned the GPS off for arrival so it avoided the big alarm situation. We were used to it.”