UT research team developed software to hack into GPS-enabled devices

Max Bridges

A team of researchers at UT’s Radionavigation Laboratory recently hacked into the GPS system of a non-encrypted drone, allowing them to take full control of the vehicle.

Assistant engineering professor Todd Humphreys, and a team of UT researchers spent about four years developing software in UT’s Radionavigation Lab, which focuses on research in GPS and radio technology. The software enabled them to use spoofing, a technique which can be used to hack into GPS-enabled devices such as drones, which are pilotless airplanes primarily used for military and surveillance purposes. Humphreys said he and the team began this project to show GPS hacking is possible and what can be done with it.

“Now that people know it can feasibly be done, it should encourage developers to implement anti-spoofing technology into future GPS-enabled devices, which are not currently secure,” Humphreys said. “As for the drones, we want to help the Federal Aviation Administration devise rules on how to regulate drones operating in U.S. commercial airspace.”

In a June demonstration for the U.S. Department of Homeland Security at the White Sands Missile Range in New Mexico, the team spoofed a supplied miniature helicopter drone into thinking that it was higher than it was and should be, causing it to drop in altitude. This is the first known demonstration to show spoofing a drone is feasible and possible, all for about $1,000. Before the official demonstration, Humphreys and his team used the Darrell K Royal-Texas Memorial Stadium to conduct a trial of the spoofing hardware using the team’s own drone, according to the Cockrell School of Engineering.

U.S. aviation officials hope to open U.S. airspace to civilian drones by 2015, which would allow for thousands of commercial and civilian drones to fly in conjunction with manned aircraft in the next five to ten years, according to the Federal Aviation Administration.

Humphreys worked with a budget of approximately $100,000, all of which came from UT. About $80,000 went to buying the test drone and renting a pilot, $18,000 to salaries and the remaining $2,000 to off the shelf equipment for the hacking hardware. He said he and his team are currently working on several other projects in the Radionavigation Lab such as developing opportunistic navigation, which can improve and speed the travel of GPS data by using local technologies like cell phone towers.

In addition to hacking drones, the spoofing device can also be used to manipulate iPhone and Android GPS devices.

Daniel Shepard, an aerospace engineering graduate student, said “On the iPhone video it looks like you’re tracking someone in a bike going down 24th Street, stopping at a stop sign, and then making a turn. In reality, the phone was sitting on a desk in our lab the whole time.”

Shepard said with more essential technology implementing and relying on GPS, it is important for the U.S. to find out how to prevent GPS technology from being tampered with.

“A lot of people don’t yet realize that soon even our power grids will be tied to GPS technology,” Shepard said. “Even the stock market uses GPS to keep track of time. If the GPS data was tampered with it could cause a lot of trouble. What we’re doing is trying to figure what exactly can be done, and then how it can be prevented.”