In December 2015, Ukraine suffered sporadic power outages due to cyberattacks against three of their regional power companies. Hackers exploited deficiencies in the companies' network security architecture to disrupt operations and insert malware that would cause issues during restoration efforts. The US National Cybersecurity and Communications Integration Center (NCCIC) assisted with the investigation and recommended improved defensive measures and contingency plans for operations.
Acharya, S. (2016, February 26). Ukraine power outages caused by cyberattacks affected 225,000 customers, says US [Web log post]. Retrieved from article here.
In 2013, the London Stock exchange was periodically affected by a jammed GPS signal. The jamming was not thought to be malicious, but the result of a local driver using an off-the-shelf jammer to elude his employer's tracking (The Economist). But what if a more sophisticated user with bad intentions uses a small software-defined radio plugged into their car cigarette lighter to conduct a complex timing attacking on a stock exchange? In today's world of high-speed stock trades, millions of dollars can quickly be lost if timestamps are corrupted and panic sets in.
What do these two cases have in common? Both involve situations where attackers can exploit holes in an organization's data capabilities to disrupt operations. Cybersecurity is a popular topic in the news today, but Position, Navigation, and Timing (PNT) security does not get the same attention. But like cyberattacks, attacks against GPS or other global navigation satellite system (GNSS) systems can have profound and damaging effects on critical infrastructure, financial institutions, and military capabilities.
In network security, the Confidentially, Integrity, and Availability (CIA) Triad is a model for understanding how a computer network can be exploited, and from that a defense-in-depth strategy created. Like computer networks, systems that rely on PNT data have Integrity and Availability requirements and face increasingly complex spoofing and jamming attacks. Like computer networks, PNT-reliant mission critical systems need a defense-in-depth strategy to defeat a GNSS disruption.
In computer networks, we use a tailored combination of firewalls, routers, VPNs, detection systems, and analysis engines among others to detect, protect from, and mitigate cyberattacks. And now there is an assortment of complementary PNT technologies that provide the same layered defense for GNSS. Anti-jam antennas provide additional signal integrity and availability in jamming and spoofing situations. Encrypted signals such as GPS SAASM, Satelles' Satellite Time and Location (STL) service, and Galileo's publicly regulated navigation provide additional signal integrity. Jamming and spoofing detection algorithms like Broadshield allow the PNT system to fall back on backup technologies such as precision timing oscillators and coupled inertial navigation systems, which maintain a stream of PNT data during the GNSS outage.
Today, GNSS security must be considered alongside cybersecurity when designing critical systems and infrastructure. The increasing reliance on GNSS for the functioning of our markets, utilities, transportation, and militaries make this an absolute requirement to protect against malicious actors across the world stage. The good news is that this is not a new type of problem. Lessons and ideas learned from securing computer networks provide applicable frameworks for securing PNT-consuming systems. There is no need to reinvent the wheel. By adapting the cybersecurity approach and incorporating available technologies, you can ensure your critical systems survive a GNSS attack. Please contact us if you want to learn more about exciting innovative technologies we offer to help protect your critical systems and infrastructure from today's GNSS dangers.
Thank you to Jon Sinden of Orolia, for the article.