Security experts from Spirent Communications have warned of the increased likelihood of disruptions this year to a wide variety of civil and military applications relying on global navigation satellite systems (GNSS) - GPS, GLONASS, Galileo, and BeiDou. The prediction of greater risk from hacking and location spoofing attacks by criminal, state-sponsored, and other adversaries is part of Spirent’s annual security forecast for 2017. The forecast also highlights the continued risk of distributed denial of service (DDoS) attacks on Internet of things (IoT) devices and industries, including health care and automotive, that Spirent believes are the prime targets for security threats in the near future.
Last year, Spirent’s predictions for 2016 led off with a prescient warning about the increased risk of cyber espionage, which has since been borne out, most notably by news reports of suspected activities by the Russian government to influence the 2016 U.S. presidential election. Also as predicted, in 2016 threats from ransomware, malicious insiders, and compromised IoT devices increased, as did attacks on industrial control systems. For example, FBI sources reported on CNN that losses attributed to ransomware in the U.S. were set to exceed $1 billion by the end of 2016. That number is expected to grow in 2017.
In addition to an increased likelihood of GNSS interference, Spirent’s annual security forecast for 2017 predicts an expansion of risks from:
- More frequent DDoS attacks against IoT devices, as evidenced in the last quarter of 2016, when multiple major DDoS attacks surfaced worldwide. The most disruptive attack employed Mirai malware covertly installed on a large number of IoT devices. A number of high-profile websites such as Netflix, AirBnB, Twitter, GitHub, and others were rendered inaccessible. Spirent believes that perpetrators will continue to innovate and find new methods for improving and broadening these type of attacks.
- Threats to IoT security, which are increasing as everything that is connected becomes a potential attack vector, including embedded devices, mobile devices, consumer electronics, connected medical devices, industrial control systems, smart home devices, and more.
- Threats to medical applications, networks, and devices in the health care industry, both the back-office systems on which these facilities run and the medical instruments that provide care to patients. A ransomware infection or data breach could adversely affect patient health and privacy.
- Threats to connected vehicles by malicious attackers, as a greater number of attack vectors are inadvertently created that enable remotely gaining control of critical operational components of the vehicle, including engine, steering, and braking functions in addition to other vehicle systems that communicate through the relatively insecure CAN bus infrastructure.
According to an article in Defense One, Timothy Bennett, a science-and-technology program manager at the Department of Homeland Security, has already reported the use of GPS spoofing and jamming equipment by Mexican drug cartels along the border to interfere with the U.S. Customs and Border Protection agency’s use of drones to patrol the area. Unlike the larger drones designed to military specifications, the smaller drones used for this purpose are more vulnerable to these kinds of attacks.
Spirent’s global network of GPS interference detectors has recorded more than 15,000 interference events since it was deployed in 2015, including a surprisingly high number of unintentional events caused by various forms of interference in the GPS L1 frequency band. A significant number of these unintentional events, which often correlate with transmissions from nearby RF transmitters and telecom equipment, have the potential to interfere with GPS signal reception.