by G. Jack Urso
Note: The following is a selection from a
report prepared for an assignment for a defense industry consultancy company in
2021.
As modern
commercial and defense infrastructure grows more depended on radar and Global
Positioning Systems (GPS), threats posed by cyber warfare, jamming, and
spoofing attacks can cost more than lost revenue, it can also cost lives. Some
of these threats are the results of bad actors while others are the result of
electronic and mechanical interference generated by user platforms. Being able
to deal with these threats means a greater investment in Resilient Positioning,
Navigation and Timing (PNT) solutions and secure radar and GPS.
As defined by
Cisco Systems, a leading global IT company, “Spoofing is a type of
cybercriminal activity where someone or something forges the sender's
information and pretends to be a legitimate source, business, colleague, or
other trusted contact for the purpose of gaining access to personal
information, acquiring money, spreading malware, or stealing data.”
While the
layperson’s concerns with spoofing have to do with access to the business or
personal computers and finances, with our near-dependence on GPS in
transportation, cyber warfare and spoofing attacks can leading to serious
disruptions in air and sea shipping and the exports/imports industry. In
defense, these attacks can create havoc in command and control, navigation, and
targeting. Efforts have been increasing among the various international powers to
both take advantage of and defend against this kind of cyber warfare.
The
Impact of Spoofing
The ease at
which global shipping can be affected by cyber attacks in demonstrated through
several notable events:
A worldwide
cyber attack in June 2017 hit hundreds of thousands of computers and affected
shipping worldwide.
According to an
August 24, 2017, Business Insider
report, in late June, 2017, “GPS signals for about 20 ships in the eastern
Black Sea were manipulated, with navigation equipment on the ships, though
seeming to be functioning correctly, saying the ships were located 20 miles
inland. An attack on thousands of computers later that month also disrupted shipping
around the world.”
In August 2017,
shipping line and vessel operator, A.P. Moller-Maersk, reported losses of
US$300 million after a massive cyber attack affected hundreds of thousands of
computers internationally. As a result, the company fell back on manual cargo
tracking, reported McClatchy, Aug. 21, 2017.
In July 2019,
GPS navigation devices aboard the American container ship MV Manukai while
approaching the port of Shanghai, reported a vessel approaching the Manukai;
however, the vessel soon vanished off the AIS display. Several minutes
afterwards, the AIS display began showing conflicting data with the other
vessel docked, then in the channel and moving, then back at the dock, then
disappearing. The captain of the Manukai visually confirmed the other vessel
was in dock during the entire incident.
While the
Manukai approached its assigned dock the vessel’s two GPS units and AIS
transponder failed, as well as the GPS-reliant emergency distress system.
According to a Nov. 15, 2020, Technology Review report, the Manukai and
thousands of other Shanghai vessels in 2019 were affected by deliberate radar
spoofing attacks.
Response
Pursuant to
these attacks and others like it, on February 12, 2020, the administration of
U.S. President Donald Trump issued an Executive Order on “Strengthening
National Resilience through Responsible Use of Positioning, Navigation, and
Timing Services.” As mandated by the order, by February 2021, the secretary of
commerce, working with “sector-specific agencies” and commercial industries,
were required to create Positioning, Navigation and Timing (PNT) response
strategies.
In response to
the 2020 U.S. executive order, the Department of Homeland Security (DHS) issued
Space Policy Directive-7 (SPD-7), January 15, 2021: “The increasing reliance on
GPS for military, civil and commercial applications makes the system
vulnerable. GPS users must plan for potential signal loss and take reasonable
steps to verify or authenticate the integrity of the received GPS data and
ranging signal, especially in applications where even small degradations can
result in loss of life.”
Consequently, on
February 26, 2021, the Department of Homeland Security (DHS) Science and
Technology Directorate (S&T) released the Positioning, Navigation, and
Timing (PNT) Integrity Library and Epsilon Algorithm Suite designed to defend
GPS systems from spoofing attacks against the Global Navigation Satellite
System (GNSS). These new resources promote further innovation in PNT system
design and more resilient critical infrastructure.
According to the
European Union, in 2011, an estimated 6-7 percent of Europe’s GDP, or EUR800
billion (approx. US$907.6 billion), depends on GNSS. By 2019, the amount stood
at approximately EUR$1.280 trillion (approx. US$1,075, trillion).
Sources:
● ● ●
No comments:
Post a Comment