In June, in international waters some 30 miles off the coast of Italy, the White Rose of Drachs began to drift starboard.
Inexorably, the $80 million, 65-meter luxury super-yacht yielded its GPS-determined course until it was under complete control by hijackers.
No alarms went off.
As far as the ship’s GPS equipment was concerned, the signals it was getting were authentic, and once a location discrepancy was reported by the ship’s navigation system, a course correction was initiated by the crew.
But those signals were not authentic, and the ship was not on course.
The signals were in fact being sent from the White Rose’s upper deck by University of Texas/Cockrell School of Engineering graduate students Jahshan Bhatti and Ken Pesyna.
A team from the school had been invited aboard while the White Rose sailed from Monaco to Rhodes, Greece, on the Mediterranean Sea.
Using a blue box about the size of a briefcase, the duo spoofed the ship’s GPS signals, sending counterfeit signals that slowly, subtly overpowered the authentic GPS signals until the ship ultimately came under their control.
If this sounds familiar, it’s because students from this engineering school did the same thing to a drone last year.
In May 2012, the engineering students tried out their $1,000 spoofer, which they had cobbled together in response to a dare from the US Department of Homeland Security (DHS).
Under the direction of Assistant Professor Todd Humphreys, who is now working for the Department of Aerospace Engineering and Engineering Mechanics, the students last spring managed to hack and hijack a drone with what Humphreys at the time said was the most advanced spoofing device ever.
Both the drone and yacht hijackings were designed to shed light on the perils of navigation attacks, serving as evidence that spoofing is a serious threat to marine vessels and other forms of transportation.
