GPS Circle Spoofing and Electronic Attacks

Various events in the recent past have pointed towards GPS disruptions as the cause of the accident. Iran is the first nation to publicly announce it had the ability to spoof GPS signals and appears to have used it to great advantage.

February 1, 2021 By Lt. General P.C. Katoch (Retd) Photo(s): By Wikipedia, German Navy, DRDO
The Author is Former Director General of Information Systems and A Special Forces Veteran, Indian Army


RQ-170 art impression

In December 2011, Iran captured a state-of-the-art American Lockheed Martin RQ-170 ‘Sentinal’ drone, which was publicly displayed. The capture helped Iran copy and produce its indigenous drone within one year. Iran said the RQ-170 drone operating across the border in Afghanistan was electronically commandeered by Iran’s cyber warfare unit and made to land at an Iranian airfield by sending false signals to the drone’s GPS receiver in order to capture it. US government officials were of the view that this kind of spoofing was not possible. However, several months later Professor Todd Humphreys of Texas University demonstrated how this could be done by spoofing a drone and landing it in the university’s football stadium. Following this, US officials admitted spoofing is possible, but denied this happened to the RQ-170 flown by the CIA which was captured by Iran. But the US denial was possibly a face saver because no other explanation of how the drone was captured could be provided.

USS Donald Cook (DDG 75) operating in the Baltic Sea Agni Ballistic Missile

In 2015, a Russian Sukhoi flying close to American aircraft Carrier USS Theodore in the Baltic Sea killed the propulsion system of the US ship electronically. USS Donald Cook was similarly struck electronically by a Russian Sukhoi in 2014 in the same area. Russia claims Russian Electronic Warfare (REW) troops can: detect and neutralise any target from a ship’s system and a radar to a satellite; immobilise entire US Navy through an ‘electronic bomb’; and, create electronic jamming domes over their bases that make them invisible on radar screens. There are also indications that North Korean missiles fired going haywire is because of US cyber interference. The in-flight failure of India’s Agni-2 MRBM on May 4, 2017 during user-testing, as well as the second failure of the ‘Nirbhay’ cruise missile on December 21. 2016 could have been caused because of similar Chinese action.

2nd Successful launch of Agni 5

In 2016, Iran captured two US Navy boats that had strayed into Iran’s territorial waters. Since there was no reason for the US Navy boats to have veered so far off their course and the Iranian Navy was waiting for them, there was speculation that the US Navy boats were electronically lured into Iranian waters. This possibility was denied by the US officials but again no alternate reason for the incident could be offered. GPS spoofing is considered easiest to detect at sea. Transmissions from automatic identification system (AIS) of vessels include location data and are detected by satellite. The data is then aggregated and used by various companies for a number of applications. Viewing ship location reports over time has revealed thousands of ship receivers spoofed to airports in Russia, and hundreds spoofed into circles (presumably around the spoofing device) in China. Iran incidentally was the first nation to publicly announce it had the ability to spoof GPS signals and appears to have used it to great advantage.

It may be recalled that in 2017, a Sukhoi fighter aircraft Su-30MKI of the Indian Air Force (IAF) crashed near the Line of Actual Control (LAC). According to international analysts the fighter aircraft, certified fit for flying the mission, may have crashed as result of ‘cyber-interference with the onboard computers’ in the cockpit. Given the range and complexity of cyber interference, the source of the attack could have been from thousands of kms away but most likely next door from China. It may also be recalled that in the same year an Indian drone had crashed in China Occupied Tibet near Doklam in Bhutan, which most likely was spoofed by the Chinese. China‘s cyber warfare programme is highly advanced and so are her programmes in space and the electromagnetic fields.

In 2019, after Iran shot down a US surveillance drone and US was ready to launch retaliatory strikes in Iran, US action was called off at the last minute because of the likelihood that the drone was in Iranian airspace at the time it was shot down. At about the same time British intelligence was warning merchant vessels in the area that Iran was attempting to use GPS spoofing to lure them into Iranian waters as a pretext for seizing the ships.

News reports of last year indicated that in March 2020, the US government received an unusual inquiry about GPS disruptions from a user in Iran reporting what appeared to be ‘circle spoofing’; some GPS devices received fake signal and show fake location as valid. After 10 minutes a device showed moving around a big circle in Tehran by 35 km/h speed. The GPS module time is correct but the location is not. The media report said internet research showed that the spoofing was taking place at or near the staff college of Iranian Army. The report also said that such a phenomenon had only been observed previously in China. Notably, the report said that since Iranian forces have recently received equipment from China and are experimenting with it, they could also be using it to deter GPS guided drones and disrupt other surveillance systems in the vicinity of sensitive government facilities.

From the above, the significance of GPS spoofing, circle spoofing and electronic attacks is more than evident in new age warfare both in offensive and defensive operations especially with drone swarms appearing in the battlefield. Our policy makers and Armed Forces need to maximise their use through strategies that will both surprise and defeat the enemy.