Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Six rising threats from cybercriminals

John Brandon | May 19, 2011
Watch out for these cyberattacks that can turn smartphones into texting botnets, shut off electricity, jam GPS signals and more.

Lieberman says this kind of jamming is usually more of an annoyance than a major security threat. A nefarious hacker could, for instance, set up a jammer in an intersection and temporarily disable the GPS in passing vehicles. These attacks are relatively rare, says Lieberman: "It is usually just sociopaths doing this kind of thing."

Lieberman doesn't give much credence to fears about jammers disrupting airplanes or air traffic control systems, because those networks use a completely different GPS signal from the one we use in cars and handheld devices. Jamming could, however, be a potentially dangerous issue when it comes to financial records, he says, because GPS devices are used in the banking industry to add a timestamp to financial transactions. Although completely blocking transactions would be difficult, Lieberman said, an industrious hacker could theoretically disrupt transactions and cause headaches for banks.

Security expert Roger Johnston, a systems engineer at the Argonne National Laboratory in Chicago, says spoofing GPS signals is the greater danger, explaining that GPS receivers are low-power devices that latch on to any strong signal. In tests, he has set up a GPS spoofing signal, operated out of a passenger car, that sends erroneous GPS information to nearby receivers. "You don't have to know anything about electronics or GPS to set these up; they are very user-friendly," says Johnston.

car with GPS spoofing system
The Argonne National Lab set up a spoofing system that fed inaccurate data to GPS receivers -- such as those found in ambulances or delivery trucks -- from the trunk of a car.

Johnston says spoofing could be used for serious crimes -- transmitting information to a delivery truck that routes it into a dark alley where criminals are waiting, changing the timestamps on financial transactions, delaying emergency vehicles from finding their routes. There have been no reported cases of GPS spoofing to commit a criminal act, but Johnston warns that government and business should work to deter the attacks.

Typically, he says, the security industry is reactionary: "We wait until there is a catastrophic exploit until we do anything about it." With about $15 worth of parts, today's GPS devices could be retrofitted to detect GPS spoofing and notify the user that an attack is underway, Johnston says, "but because almost nobody is interested in GPS spoofing, this is not a project we have pursued."

In the end, as Lieberman explains, there isn't a lot individuals can do to prevent GPS jamming or spoofing. If someone transmits competing signals as you drive in a car or use a handheld, the receiver will fail or be fooled -- but keep in mind that your GPS device will begin working properly again as soon as you move out of range of the jamming or spoofing device. However, it is worth noting that GPS jamming is illegal in the U.S. and violates FCC regulations. If you suspect jamming or see someone using a GPS jammer, report it to the police.

 

Previous Page  1  2  3  4  5  6  7  8  9  10  Next Page 

Sign up for Computerworld eNewsletters.