Israeli start-up aims to detect and stop GPS attacks and spoofing

news

by CJI Expert

October 2, 2018

With the growing amount of aircraft navigation relying on GPC coordinates, fears are mounting that a coordinated attack could alter the navigation data sent to an aircraft, which could come with catastrophic consequences.

We have already seen many attacks in aviation, with Manila Airport in the Philippines reporting over 50 cases of GPS interference in 2017, which caused many airliners using the airport to abort their landings and go around for another approach, this time using back-up equipment.

As well as the ability to hack, or spoof the GPS, there is also a growing concern that an aircraft or the systems on it can be hacked.

It has already been done.

In 2017 the US Department of Homeland Security admitted that it had successfully hacked into the systems of Boeing 757.

In 2008 a Spanair McDonell-Douglas MD-82 crashed just after take-off from Madrid. The official cause of the accident was the improper selection of flap and slat configuration, the Spanish press later alleged that the central control system was riddled with Malware, which restricted the aircraft’s normal operation.

Ironically, it was an incident involving an aircraft that speeded up the introduction of GPS in the US.

In September 1983 Russia shot down a Korean Air flight that had originated in New York. Originally the Russian’s believed that they had shot down a US spy plane.

The incident helped then-president Ronald Reagan speed up the introduction of GPS, not only for aviation, but for everything else as well. The US had already launched several GPS satellites, but the downing of the Korean Air flight had convinced Reagan to expand the project and make it accessible to everybody for free.

Although GPS navigation had been widespread in aviation, its use had been normally limited to general aviation, especially when used as the main navigational aid.

In recent years GPS has come more to the forefront as a main navigational aid. Projects, including the pan European EGNOS (European Geostationary Navigation Overlay Service) are becoming more popular, especially given the importance of busier skies and the need to have constant tracking of aircraft.

But with the increase in use, comes increased risk of signals being intercepted and altered.

Regulus, an Israeli start-up, first became aware of GPS signals being hacked and altered through an unusual route.

Yontan Zur, co-founder and CEO explains that he first became aware of this issue in trucking. Zur says that he was hearing more and more stories about spoofing attacks on trucks, especially in Latin America. With trucks locked down so that even the drivers cannot open them, a GPS spoofing attack not only diverts the truck to a different location, but also tricks the truck’s systems into thinking that it is at its final destination so that it can be opened up.

After hearing these stories and reading about a GPS spoofing attack in the Indian Ocean in which at least 20 ships had their navigational data changed to show them on dry land at an airport, Zur began building a team to tackle the problem head on.

Zur had served in the Israeli Air Force, before beginning a new career in consultancy. His co-founder, Yoav Zangvil, has been with ELBIT, the Israel-based defence company, where he was involved with heavy drones.

Although the company began with looking at drones, the transition into commercial systems came about naturally.

What the Regulus team wanted to build, was a system that detected a GPS hacking or spoofing attempt, and that gave alerts once one was detected. There were systems already available, although Zur says that these were fairly cumbersome and were based on older technologies.

“Most companies today are relying on technologies from the 1980s,” says Zur. “Most of them deal with beamforming, which usually requires heavier equipment and very expensive antennas, and they aren’t very capable against the new forms of spoofing attacks.”

Zur says that Regulus have designed and built a system that not only identifies attacks, alerts that they are happening and allows the continuation of safe flight without the attacks being successful.

Although nothing is commercial as of now, the system is being tested by pilots around the world.

There are two versions that are being worked on at the moment. The first is a hardware component, which Zur says is much smaller than anything currently available, comparing it to the size of two matchboxes. It also utilises ‘off-the-shelf’ antennas to keep the costs down, although it is more designed for trucks.

The second version has more-sophisticated software, which will come in the form of a chip or board, which plugs directly into the main GPS navigation receivers. Zur says that the software and algorithms look directly at the signals that the system is receiving and can quickly decide if the signal is true or false.

Zur says that the systems rely on being able to tell if a signal is real or not because in any form of attack the real signal is still present. To test this, the team built a sophisticated attack capability, which is restricted to use in the company’s labs.

Testing of the systems is ongoing, with the aim being able to make the system commercially available soon. To get there, the system must be as close to being able to detect 100% of attacks as possible.

Zur says that Regulus is not quite at that stage yet, but hopes to be there soon. “We are not at 100%, but we are much better than anything else available.”

Core topicsBusiness/Industry Flying

TopicsBusiness Aviation News GPS Hacking

OrganisationsRegulus

PeopleYontan Zur

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	session	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_BQWJMNF2YV	2 years	This cookie is installed by Google Analytics.
_gat_gtag_UA_18185455_1	1 minute	Set by Google to distinguish users.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
_s	30 minutes	This cookie is associated with Shopify's analytics suite.
_shopify_s	30 minutes	This cookie is associated with Shopify's analytics suite.
_shopify_y	2 years	This cookie is associated with Shopify's analytics suite.
_y	2 years	This cookie is associated with Shopify's analytics suite.