Fact Check

Did Russia Hack the GPS System of the USS John McCain to Cause a Collision?

While it's true that Russia is developing the ability to hack GPS systems, experts doubt that GPS hacking caused the USS John McCain to crash.

Published Aug. 22, 2017

 (Shutterstock)
Image Via Shutterstock
Claim:
Russia used "GPS spoofing" to cause the USS John McCain to collide with a merchant vessel.

On 21 August 2017, the guided-missile destroyer USS John S. McCain collided with a large merchant vessel near the heavily trafficked Strait of Malacca, leaving five U.S. sailors injured and ten missing. The incident was the fourth collision of a U.S. vessel in a year, with the most recent -- that of the USS Fitzgerald -- occurring just two months before, on 17 June. These recurring incidents have led some to speculate about a connection, as suggested in a 21 August piece on the military news web site RealClearDefense:

While accidents and mistakes do happen, the number of collisions in the past year is extremely rare, and it is now within the realm of possibility that these accidents were not accidents. Both China and Russia have tested their cyber-warfare capabilities at sea with success.

The fear, according to these arguments, is that a person or government has used a hacking technique known as "GPS spoofing" to encourage maritime collisions. Unlike GPS jamming, which merely blocks access to the satellites a receiver uses to locate itself, GPS spoofing can covertly alter a GPS receiver to report that it is somewhere other than its actual location.

University of Texas professor Todd Humphreys, an expert in GPS hacking, demonstrated this in 2013 when he successfully overtook a yacht in the Mediterranean by injecting its navigation systems with false GPS signals via an overhead drone:

By feeding counterfeit radio signals to the yacht, the UT team was able to drive the ship far off course, steer it left and right, potentially take it into treacherous waters, even put it on a collision course with another ship. All the time, the ship’s GPS system reported the vessel was calmly moving in a straight line, along its intended course. No alarms, no indication that anything was amiss.

The idea this technology would be used to disrupt maritime operations is not an absurd contention. In fact, there is sketchy evidence suggesting a GPS spoofing test in June 2017 in the Black Sea, which some have attributed to Russian interference. On 22 June, the United States Maritime Administration issued an unconfirmed warning that ships in the Black Sea off the coast of Russia were misreporting their GPS-derived locations:

A maritime incident has been reported in the Black Sea in the vicinity of position 44-15.7N, 037-32.9E on June 22, 2017 at 0710 GMT. This incident has not been confirmed. The nature of the incident is reported as GPS interference. Exercise caution when transiting this area. Further updates may follow. This alert will automatically expire on July 4, 2017.

Dana Goward, President of the Resilient Navigation and Timing Foundation, an NGO “that helps protect critical infrastructure by promoting resilient navigation and timing worldwide” wrote an editorial that detailed the backstory to this alert. First a ship reported to the Coast Guard that its GPS signal was intermittently not working or giving an inaccurate location. Later, the same ship told the Coast Guard:

I confirm all ships in the area (more than 20 ships) have the same problem. I personally contacted three of them via VHF, they confirmed the same. Sometimes, position is correct, sometimes is not.

That Russia, specifically, would be interested in testing such technology is, also not an unreasonable assertion. Russia has, at the very least, invested heavily in electronic warfare technology that “jams” GPS signals in such a way as to render them useless. A 2016 intelligence summary by the U.S. Army’s Foreign Military Studies Office noted that Russia had integrated a massive network of GPS jammers into their civilian cell phone network, which could be switched on to impede smart missiles or other threats that rely on GPS navigation.

A 2014 report by the same office said that Russian media has been trying — at the very least — to convince the world it is capable of disabling American maritime navigation systems. After a much publicized 2014 confrontation in the Black Sea between the US Navy destroyer the Donald Cook and a Russian SU-24 fighter plane that made a number of provocative and close approaches, Kremlin-backed media claimed that it had successfully achieved this goal (and terrified the Americans to boot):

In place of bombs or missiles, the SU-24s approaching Donald Cook carried a container with a Khibina radio-electronic warfare system. After approaching the ship, the Khibina systems turned off [the destroyer’s] smart radar, combat control links, and data transfer systems – in a word, the entire Aegis, like we turn off a television with the push of a button on a remote. Afterwards, the fighter-bombers conducted a simulated missile attack on the blind and deaf destroyer [...]. Donald Cook never approached Russian waters again. Nor did NATO ships that relieved it in the Black Sea.

The United States military denies this account of the event, but does allow that Russia has been at the forefront of developing electronic warfare:

Russia does indeed possess a growing [electronic warfare] capability, and the political and military leadership understand the importance of technical advances in this type of warfare. Their growing ability to blind or disrupt digital communications might help level the playing field when fighting against a superior conventional foe, but to continue to publicize a story which is patently false illustrates an equally robust ability within the realm of information operations.

Outside of reports that the USS McCain’s steering system failed prior to the collision, however, there is no evidence that an external actor caused these recent Naval collisions through electronic manipulation of GPS systems. Academics and analysts familiar with GPS hacking techniques argue that electronic warfare is not the most likely explanation for their occurrence. Goward told us that “it’s a good question to ask” but that it would be much more challenging to do this kind of thing to a military vessel rather than a commercial or private one:

US adversaries have the ability to easily jam and spoof GPS. At a minimum this would cause some initial confusion on the bridge of a ship before the crew figured out what was going on. During that time they would be more vulnerable to collisions and other mishaps. At its worst, GPS spoofing can misdirect a vessel and cause it to sail into danger.

Spoofing a US Navy vessel should be quite difficult because of the expensive and sophisticated equipment they carry, and the large number of people on watch at all times. Commercial vessels often have fairly unsophisticated electronics and only one person on watch. It would be much easier to spoof a commercial vessel and direct it into a Navy ship.

Humphreys echoed this point, telling us via email that while hacking military navigation systems is possible, it is much more challenging because they use an encrypted radio frequency for their geolocation, which is separate from the civilian system:

It's possible that spoofing was involved in the USS McCain collision. But I still think that crew negligence is the most likely explanation. Military vessels use the encrypted GPS signals, which are harder to spoof (though not impossible).

Humphreys suggested that, rather than hacking, the collision might be attributable to the US Navy’s policy to operate in the South China Sea without an automatic identification system (AIS) beacon, which automatically transmits information between ships and to other monitoring organizations. The Navy doesn't use such a system in the South China sea for security reasons, Humphreys told us. “They train as they fight, and broadcasting one’s position during wartime is unwise,” he said.

Unfortunately, almost any conclusion drawn at this point about the cause of the USS McCain incident or any of the other recent Naval accidents is speculative. The Daily Beast reported on concerns from military experts that these accidents were evidence that the Navy was overstretched:

The accidents are symptoms of an overworked fleet with tired and under-trained sailors and poorly maintained equipment, experts said.

Automatic “sequestration” budget cuts have sliced billions of dollars from Navy accounts in recent years, while at the same time the fleet has gotten busier bombing Islamic State and the Taliban and deterring North Korea and China.

“The force is fraying,” Bryan McGrath, a naval consultant with the Maryland-based Ferry Bridge Group, told The Daily Beast.

In the wake of the USS McCain collision, the chief of Naval Operations “ordered a worldwide operational pause as fleet commanders assess practices.”

Sources

Ferdinando, Lisa.   "Navy Operations Chief 'Devastated' Over McCain Collision."     DoD News.   21 August 2017.

Faizyar, Omaid.   "Did China Hack the Seventh Fleet?"     RealClearDefense.   21 August 2017.

Bhatti, Jashan, and Humphreys, Todd E.   "Hostile Control of Ships via False GPS Signals: Demonstration and Detection."     Navigation.   March 2017.

Roberts, John.   "GPS Flaw Could Let Terrorists Hijack Ships, Planes."     Fox News.   26 July 2013.

Hambling, David.   "Ships Fooled in GPS Spoofing Attack Suggest Russian Cyberweapon"     New Scientist.   10 August 2017.

Goward, Dana.   "Mass GPS Spoofing Attack in Black Sea?"     The Maritime Executive.   11 July 2017.

OE Watch.   "Volume 6 Issue 10"     October 2016.

OE Watch.   "Russian EW or IW?"     December 2014.

Reuters.   "Russian Jets Passes Near U.S. Ship in Black Sea 'Provocative'"     14 April 2014.

McKirdy, Euan, et al.   "'Some Remains' of Missing 10 Sailors Found After Collision, Admiral Says."     CNN.   22 August 2017.

Axe, David.   "Why the U.S. Navy Keeps Crashing All of a Sudden."     Daily Beast.   21 August 2017.

Alex Kasprak is an investigative journalist and science writer reporting on scientific misinformation, online fraud, and financial crime.