By Chris Lo
GPS spoofing – or GNSS spoofing more accurately – is a much-discussed cyber-threat to ship navigation systems. With the potential for paralysed shipping lanes, collisions and even untraceable piracy incidents, what is the current state of play between the shipping industry’s cyber-defences and the malicious actors who aim to cause chaos through GPS spoofing?
The shipping industry has been aware of the threat of GPS spoofing for years, but one incident in 2017 pushed the issue higher up the global news agenda. In June of that year, at least 20 vessels in the Black Sea, in the vicinity of Novorossiysk Commercial Sea Port, reported that their automatic identification system (AIS) traces erroneously showed their position as Gelendzhik Airport, around 32km inland.
The large number of vessels involved and the fact that all of the ships’ tracking systems placed them in the same nonsensical location, led to informed speculation – still unconfirmed officially – that the incident could be attributed to Russian testing of satellite navigation spoofing technology as part of its electronic warfare arsenal. . . . “Since then, there have been persistent concerns that the shipping industry may be vulnerable to GPS spoofing, raising the risk of keeping ships at sea longer than necessary to clear the confusion, as occurred in the Black Sea, or even dangerous scenarios such as ship collisions, either with other ships or with land. . . .
So what exactly is GPS spoofing, what threat does it pose to shipping, and what action should the industry be taking to reduce the risk?