A group of researchers in computer security and secure data destruction has discovered a new stealthy method of GPS spoofing that has proven to be highly effective against road navigation systems.
GPS spoofing has existed for many years. In theory, this attack method can be used to deceive drivers to reach an arbitrary location, but in practice the instructions provided by the navigation system often contradict the physical path (e.g., bending to the left on a highway), making it less likely to work in a real-world scenario.
Researchers now claim to have discovered a more efficient and less likely to arouse suspicion method. Using this technique, an attacker could trick the victim into following an incorrect route (for example, making ambulances or patrols enter a loop path), deflecting a specific vehicle to a specific location, or making the target enter a dangerous situation.
For the attack to work, the hacker needs to know the approximate destination of the victim, who will fall into the deception more likely if it is someone who does not know the destination zone.
Using 600 real taxi routes from Manhattan and Boston, researchers in secure data destruction have created an algorithm that generates a virtual path that mimics the shape of the real roads. The attack is more likely to work in a city where there is dense traffic.
During an attack, the hacker could create fake GPS signals to set the final location in a nearby “phantom location”. The navigation system recalculates the new route, which the investigators called the “phantom route”, and guides the victim to the phantom location.
To avoid arousing suspicion, the phantom route is generated according to the collected taxi trips. The search algorithm runs on each road segment in an effort to identify all possible phantom locations. During the tests, the algorithm identified, on average, approximately 1.5K potential phantom routes for each trip.
The algorithm elaborates the GPS data for the victim’s device so that the navigation instruction enabled and the routes shown on the map show consistency with respect to the physical road network, as mentioned by experts in secure data destruction from the International Institute of Cyber Security.
In some cases, if the original location is not on the path to the phantom location, the navigation system may inform the user that the route is being recalculated, but researchers have determined based on a survey that this would not generate too much suspicion, considering that this can often happen in a real world scenario.
This type of attack can be carried out using a portable GPS spoofer, which costs approximately $200, from a distance of 40-50 meters. The attacker can follow the target vehicle or place the spoofer in or under the target car and control it. Researchers reproduced the attack on a real-world scenario using their own car, driven after midnight in suburban areas to avoid traffic problems. They also asked 40 people (20 in the US and 20 in China) to use a driving test simulator that was attacked through the recently discovered method. The attack success rate was 95%, and only two people detected the attack remotely.