GPS "spoofers" -- devices that create false GPS signals to fool receivers into thinking that they are at a different location or different time - could be used to defraud financial institutions, according to Todd Humphreys from the University of Texas.
On an innocuous level, GPS spoofing can lead to the confusing of in-car GPS systems so that users think they are in a different location to their actual location. However, a more sinister use could be to interfere with the time-stamping systems used in high frequency trading.
Financial institutions depend on timing that is accurate to the microsecond on a global scale so that stock exchanges in, say, London and New York are perfectly synchronised. One of the main ways of doing this is through GPS, and major financial institutions will have a GPS antenna on their main buildings. "They are always visible because they need a clear view of the sky,"
Humphreys told Wired.co.uk.
He explains that someone who directed a spoofer towards the antenna could cause two different problems which could have a major impact on the largely automated high-frequency trading systems. The first is simply causing confusion by manipulating the times -- a process called "time sabotage" -- on one of the global stock exchanges. This sort of confusion can be very damaging. If the automated trading systems notice something anomalous they will back out of the market; this happened in 2010 during the Flash Crash of 2.45. Secondly, it could used by an unscrupulous individual or an organisation to change the timestamp of a particular market to give them, for example, a 20 millisecond trading advantage. They could exploit that knowledge for financial gain through inter-market arbitrage.
Humphreys and his team are not simply theorising: they have created the world's most powerful GPS spoofer and have tested it on GPS-based timing devices used in mobile phone transmitters.
"So far no credible high profile attack has been recorded but we are seeing evidence of basic spoofing, likely carried out by rogue individuals or small groups," Humphreys explains. "Whilst the leap to more advanced, untraceable spoofing is large, so are the rewards. It's therefore guaranteed that criminals are looking at this. All it takes is one person to put one together and publish it online and we have a major problem."
Humphreys will be presenting his research at the GNSS Vulnerability 2012conference on 22 February. Also to be presented at the event is the first evidence of GPS jammers being used on British roads. GPS jammers put out radio signals at the same frequency as the GPS satellites, overwhelming the devices that are used to plot positioning, including anti-theft tracking devices put into lorries with valuable loads.
Humphreys will be presenting his research at the GNSS Vulnerability 2012conference on 22 February. Also to be presented at the event is the first evidence of GPS jammers being used on British roads. GPS jammers put out radio signals at the same frequency as the GPS satellites, overwhelming the devices that are used to plot positioning, including anti-theft tracking devices put into lorries with valuable loads.
The evidence of illegal jamming in the UK comes from roadside monitoring carried out by the Sentinel project -- led by Chronos Technology -- which looks at whether satellite navigation systems including GPS can be trusted by their users.
Jamming monitors have been placed at around 20 locations in the UK. One location has been monitored over six months and more than 60 individual jamming incidents were recorded in that time. Some of these might be devices used by truck drivers to prevent their boss from knowing they are using their vans out of work hours, or to fool pay-as-you-go insurance policies that use GPS data to affect pricing. Some jammers have also been confiscated by police after they've tracked down hijacked lorries.
"The problem is, the quality control on these things is really bad. Some are just 1-2 watts -- about the same as a mobile device -- but some are as powerful as 100 watts," says Bob Cockshott, Director of Position, Navigation and Timing at the ICT Knowledge Transfer Network and organiser of the GNSS Vulnerability event. "It's only a matter of time before there's an incident in the Thames estuary caused by jammers being used on land."
Cockshott calls for further regulation of jamming devices and urges businesses to make sure that they have back-up navigational systems in place.