$80 million yacht hijacked by students spoofing GPS signals

But those signals were not authentic, and the ship was not on course. The signals were in fact being sent from the White Rose’s upper deck by University of Texas/Cockrell School of Engineering graduate students Jahshan Bhatti and Ken Pesyna. A team from the school had been invited aboard while the White Rose sailed from Monaco to Rhodes, Greece, on the Mediterranean Sea. Using a blue box about the size of a briefcase, the duo spoofed the ship’s GPS signals, sending counterfeit signals that slowly, subtly overpowered the authentic GPS signals until the ship ultimately came under their control.

If this sounds familiar, it’s because students from this engineering school did the same thing to a drone last year. In May 2012, the engineering students tried out their $1,000 spoofer, which they had cobbled together in response to a dare from the US Department of Homeland Security (DHS). Under the direction of Assistant Professor Todd Humphreys, who is now working for the Department of Aerospace Engineering and Engineering Mechanics, the students last spring managed to hack and hijack a drone with what Humphreys at the time said was the most advanced spoofing device ever.

SPOOFING GPS 2

Both the drone and yacht hijackings were designed to shed light on the perils of navigation attacks, serving as evidence that spoofing is a serious threat to marine vessels and other forms of transportation. In plain English, that means that hackers can send drones smashing, say, into our skulls.

After the students had gained control of the ship’s navigation system, the team planned to coerce the ship onto a new course with subtle maneuvers that positioned the yacht a few degrees off its original course. When the ship’s navigation system detected the location discrepancy, the crew corrected the course – at least, they thought they did. In reality, their course corrections were setting the ship slightly off its course line. Watch a video about the attack here.

You can read the original article, here.