Russia responsible for massive satellite system spoofing, study finds

NATO navy sails during drill at Black Sea. [EPA/STR EPA/STR]

Targeted manipulation of global navigation satellite systems (GNSS) by Russia is a threat to aviation and maritime safety and underscores the country’s growing expertise in electronic warfare, a new study has found.

The report by the US Center for Advanced Defense (C4ADS), an NGO conducting data-driven analysis of conflict and security matters, analysed emerging electronic warfare (EW) activities that mimic or “spoof” authentic satellite systems to deliver false positioning information to aircraft and sea vessels in order to set them off course.

Using publicly available data and commercial technologies, C4ADS’s findings stem from a year-long investigation ending in November 2018. Its sources included automatic route logging systems on ships, low-earth satellite signals, route histories taken from users of the Strava exercise app and public reports of vessels, aircraft and vehicles that went off course.

The study found almost 10,000 spoofing incidents across 10 locations that affected 1,311 civilian vessel navigation systems since February 2016. According to the researchers, the disruptions originated from locations in Russia and Russian-controlled areas in Crimea and Syria.

The report suggests that the use of GNSS spoofing capabilities started to increase in mid-2016.

It only details activities that have affected civilian GNSS receivers as civilian systems are more vulnerable to interference activities like GNSS jamming and spoofing than encrypted military GNSS receivers.

Two years ago, the US Maritime Administration issued a GPS interference advisory for vessels in the Black Sea. The warning represented a first of its kind.

In the following years, increased jamming activity has been reported during large scale military exercises including Russia’s Zapad 2017 and NATO’s Trident Juncture 2018.

Norway at odds with Russia over GPS jamming

Norway says it has electronic proof that Russian forces disrupted GPS signals during recent NATO exercises, and has demanded an explanation from its eastern neighbour, the Nordic country’s defense minister said on Monday (18 March).

As EURACTIV reported earlier this year, Norway and Finland announced they had electronic proof that Russian forces disrupted GPS signals before and during NATO’s military exercises last October, which have also affected the navigation of civilian air traffic in the region, and demanded an explanation from its eastern neighbour.

Moscow has denied any involvement, with Russia’s Foreign Minister Sergei Lavrov describing Norway’s allegations as a “fantasy” and asking Oslo to provide facts.

The authors also point towards the correlation of such incidents with political events. One of the examples cited was the Kerch Bridge visit by President Vladimir Putin, built after the Russian annexation of Crimea to link the Crimean Peninsula to mainland Russia.

In addition to the protection of Russian leaders, C4ADS found evidence that GNSS spoofing is used to protect strategic Russian government residences and other highly-sensitive facilities near the Black Sea and in Moscow.

The researchers fear that such attacks could be used more frequently in the future. They believe that Russia now has such systems in use on borders with NATO countries and has also used them in conflicts with Ukraine and in Syria.

Such activity is likely to increase in the tense Black Sea region, where NATO last week announced an increase in its presence, a move viewed as a sign that the West won’t tolerate Russia’s expanding military footprint in the region.

US and NATO step up presence in increasingly tense Black Sea region

To counter the growing Russian threat, there is a need for increased military presence across Europe and beyond, a top NATO commander in Europe told US lawmakers on Tuesday (5 March).

The main targets include the US Global Positioning System (GPS/NAVSTAR), the European Union’s Galileo System, as well as Russian, Chinese, Indian and Japanese systems.

“To date, methods for detecting GNSS spoofing and other interference have been reserved for organisations with the ability to leverage advanced means for signals collection. As a result, the full scope of this activity has rarely been discussed in the public domain,” the researchers stated.

The report warns that “the low-cost commercial availability, and ease of deployment of these technologies will empower not only states but also insurgents, terrorists and criminals in a wide range of destabilising state-sponsored and non-state illicit networks.”

[Edited by Benjamin Fox]

Subscribe to our newsletters