US Hardens GPS Satellites After String of Hacking Attacks

April 6, 2020 Updated: April 6, 2020

News Analysis

The U.S. Space Force announced its Global Positioning System (GPS) satellite underwent a major digital hardening to withstand state and non-state jamming and hacking attacks.

The Space Force announced on March 27 the operational deployment of ‘GPS Block III’, a third generation satellite constellation, and anti-jamming ‘Ground Operational Control System’ software upgrade to harden the system against “spoofing” by hackers.

Global Navigation Satellite Systems (GNSS) are now used in everything from cellular communications, transportation, consumer goods, and securities trading to high-end military systems.

But hackers since 2014 have successfully compromised positioning, navigational, and timing (PNT) data by employing electronic warfare (EW) capabilities.

One of the most famous spoofing attacks occurred on May 15, 2018 when President Vladimir Putin inaugurated the 12-mile Kerch Strait Bridge that links Crimea to Russia. As Putin drove across the bridge in a bright-orange truck, Russian EW units tapped into America’s GPS network to spoof the control rooms of 24 vessels anchored nearby. The ships displayed false data about their location and showed they were sitting on Russia’s Anapa Airport runways 40 miles (65 kilometers) away.

The incident alarmed national security circles because the Russians penetrated both the publicly available GPS signals, and the U.S. military’s encrypted Next Generation Operational Control System (OCX). The OCX provides the digital command and control interfaces for all ground, air, and space forces.

The Obama administration launched OCX in 2012 with a budget of $3.7 billion to incorporate MATLAB programming language, M-code, as a standard for all encrypted military communications. But the budget had ballooned to $6.2 billion by 2016.

A major cause of the cost spike was blamed on the decision by the Committee on Foreign Investment in the United States (CFIUS) to sell the IBM x86 Intel-based line to Chinese-owned Lenovo in Aug. 2014. The sale included 34 R&D labs, product development, and seven manufacturing plants. IBM held the prime hardware contract to supply all OCX servers.

In April 2015, it was discovered that the U.S. Office of Personnel Management’s employee files had been hacked since March 2014. The data was exported with the same tools used by China’s People’s Liberation Army (PLA) cyber­espionage Unit 61398 that had already been indicted in absentia for hacking Anthem, Westinghouse, and U.S. Steel.

In July 2018, China EW teams were found spoofing the locations for multiple container ships in Shanghai harbor that are required to broadcast GPS-linked Automatic Identification System locations to avoid collisions. Several nations, including Iran, have used electronic warfare tools to spoof the movement by one ship. But this was the first confirmed spoofing of multiple stationary ships moving to another harbor location and then forming into a circle.

The Drive technology blog suggested the “Chinese government may be using the Port of Shanghai as a testing ground for a new GPS spoofing system that its military or security forces could ultimately employ elsewhere.” Such GPS spoofing attacks could imperil U.S. aircraft and ships operating in the contested waters of the South China Sea.

The GPS 3 is over three times more accurate than the existing GPS technology. Its more powerful signal provides greater reliability and can overcome radio interference that often caused GPS signal degradation. With its 31 satellite constellation, it is also optimized for expanded 5G applications.

With the Lenovo contract running through August 2022, the Trump administration’s Space Force officially ruled on March 26 that the China-made servers are an “unacceptable risk,” and authorized a $378 million emergency expenditure for U.S.-based Hewlett-Packard Enterprises (HPE) to replace the Lenovo hardware.