- Researchers warn of the risks of GPS spoofing and find the lack of mitigation tools worrying.
- The spoofing costs little to conduct and doesn’t require sophisticated tools or specialized knowledge.
- Right now, we can only avoid it via expensive GPS firewalls or changing our smartphone settings.
According to a Kaspersky report, GPS spoofing is an increasingly common problem that nowadays costs as little as a few hundred dollars to conduct, and can put your safety and well-being at risk. We all use smartphones that feature GPS modules, or even standalone car-infotainment systems that come with their own GPS, or boats that use professional GPS navigation units, or maybe even drones that find their way to the designated location via GPS. The point I’m making here is that GPS is already everywhere, and spoofing it with fake signals is something that has the potential to affect various aspects of our daily lives.
Kaspersky researchers don’t know who is doing it yet, but the practical benefits for crooks range from hijacking drones to causing trouble and thus financial losses on shipping companies that use GPS for navigation. There are numerous possible applications for GPS spoofing, and the fact that it’s so easy to deceive a receiver by broadcasting fake signals makes it a go-to choice for those who want to cause confusion. As our GPS devices are solely working as receivers, there’s no validation going on in the communication between the satellites and the endpoint. Our phones know where they are by calculating their position based on the predetermined satellite position at the time of the signal transmission.
Now, putting a radio transmitter that broadcasts spoofed GPS signals that are stronger than what comes from the low-orbit sats will fool all GPS receivers in the area, as they will calculate their position in relation to fake data. By carefully manipulating this data we can trick the device into calculating its location wherever we want it to be. The GPS spoofing equipment costs about $300, and the required GPS-signal simulation software is generally free, so the whole process can be carried out by anyone. Already, hackers have hijacked yachts, military drones, and autonomously-driven vehicles.
While there are several solutions in consideration right now, none is easily applicable or entirely effective. That said, the only thing that we can do at this time to protect ourselves is to put our phones on ‘Battery Saving’ location mode, which uses only the Wi-Fi, Bluetooth, and mobile network antennas to figure out the location of the device. It may not be as accurate as the GPS mode, but it’s far more secure, and it saves battery juice as well. Next time you’re getting funny position indications on your GPS, change your mode to battery saving and move on in the right direction.
Have you ever fallen victim of GPS spoofing, or noticed something weird going on with the GPS signals in your area? Share your experience in the comments section below, and also on our socials, on Facebook and Twitter.