Home > CAPEC List > CAPEC-628: Carry-Off GPS Attack (Version 2.11)  

CAPEC-628: Carry-Off GPS Attack

 
Carry-Off GPS Attack
Definition in a New Window Definition in a New Window
Attack Pattern ID: 628
Abstraction: Detailed
Status: Draft
Completeness: Stub
Presentation Filter:
+ Summary

A common form of a GPS spoofing attack, commonly termed a carry-off attack begins with an adversary broadcasting signals synchronized with the genuine signals observed by the target receiver. The power of the counterfeit signals is then gradually increased and drawn away from the genuine signals. Over time, the adversary can carry the target away from their intended destination and toward a location chosen by the adversary.

+ Attack Prerequisites
  • The target must be relying on valid GPS signal to perform critical operations.

+ Typical Severity

High

+ Typical Likelihood of Exploit

Likelihood: Low

Spoofing GPS signals and having a target receiver use them is not a trival task.

+ Examples-Instances

Description

A "proof-of-concept" attack was successfully performed in June, 2013, when the luxury yacht "White Rose" was misdirected with spoofed GPS signals from Monaco to the island of Rhodes by a group of aerospace engineering students from the Cockrell School of Engineering at the University of Texas in Austin. The students were aboard the yacht, allowing their spoofing equipment to gradually overpower the signal strengths of the actual GPS constellation satellites, altering the course of the yacht.

+ Attacker Skills or Knowledge Required

Skill or Knowledge Level: High

+ Attack Motivation-Consequences
ScopeTechnical ImpactNote
Other
+ Technical Context
Architectural Paradigms
Mobile
+ References
[R.628.1] [REF-106] "Wikipedia". GPS Spooking. The Wikimedia Foundation, Inc. <https://en.wikipedia.org/wiki/Spoofing_attack#GPS_Spoofing>.
+ Content History
Submissions
SubmitterOrganizationDateSource
CAPEC Content TeamThe MITRE Corporation2015-11-09Internal_CAPEC_Team
Modifications
ModifierOrganizationDateCommentsSource
CAPEC Content TeamThe MITRE Corporation2017-05-01Updated Attack_Prerequisites, Description Summary, Related_Attack_Patterns, Typical_Likelihood_of_Exploit, Typical_SeverityInternal

More information is available — Please select a different filter.
Page Last Updated or Reviewed: July 31, 2017