Researchers “remote control” an $80 million yacht – and even aircraft could be vulnerable

A hi-tech GPS spoofing attack took “remote control” of a 213-foot, $80 million superyacht – steering it off course, without anyone touching the steering wheel. 

The ship’s systems gave no sign that anything was amiss. All that was required was a suitcase-sized device in the yacht’s rigging.

Researchers led by Todd Humphreys of Cockrell University were able to “steer” a yacht off course by broadcasting fake GPS traffic from the upper deck – successfully fooling the ship’s systems so that anyone at the controls would have seen it travelling a straight line.  The vessel’s wake, meanwhile showed it was steering in a curve.

The researchers were invited on board a yacht, the White Rose of Drachs, travelling from Monaco to Rhodes, Greece – about 30 miles off the coast of Italy, and in international waters. The researchers’ device – a blue box – broadcast its own civil GPS traffic until it overwhelmed the “real” GPS signals received by the ship. If GPS systems are blocked or jammed, onboard systems will register.

SOURCE: welivesecurity.com

Information Security Buzz