Russia spoofed AIS data to fake British warship’s course days before firing at them from a huge distance in Crimea

Russia was back up to its age-old spoofing of GPS tracks earlier this week before a showdown between British destroyer HMS Defender and coastguard ships near occupied Crimea in the Black Sea.

Yesterday Defender briefly sailed through Ukrainian waters, triggering the Russian Navy and coastguard into sending patrol boats and anti-shipping aircraft to buzz the British warship in a fruitless effort to divert her away from occupied Crimea’s waters.

Russia invaded Ukraine in 2014 and has occupied parts of the region, mostly in the Crimean peninsula, ever since. The UK and other NATO allies do not recognise Ukraine as enemy-held territory so Defender was sailing through an ally’s waters – and doing so through a published traffic separation scheme (similar to the TSS in the English Channel), as Defence Secretary Ben Wallace confirmed this afternoon.*

Yet, among yesterday’s drama and tension, Russia had previously spoofed maritime Automatic Identification System (AIS) signals to show Defender and her Dutch flotilla mate HNLMS Evertsen as sailing straight for the Russian naval base in Sevastopol, southwest Crimea. Neither warship was doing that: while Russia was claiming NATO warships were threatening Russia, both vessels were captured on live webcams in another Ukrainian port.

The latest batch of AIS fiddling took place on 17 June, according to naval analyst HI Sutton, writing for the US Naval Institute’s blog: “Despite the AIS track, there is clear evidence that the two warships did not leave Odessa.”

This week’s tensions should remind the world that Russia has no compunction about interfering with widely available tech systems.

[…]

AIS works on an honesty-based system, at its simplest. The all-but-mandatory system (ships below 300 tons are exempt) works through each ship at sea broadcasting its GPS coordinates. Other ships receive those signals and assemble them onto display screens mounted on the vessel’s bridge for crew to monitor, usually as part of an integrated ECDIS system. It’s an insecure system insofar as vulns exist that allow spoofing of AIS data, as first revealed almost a decade ago. Shore stations can also receive and rebroadcast AIS signals, amplifying them – and providing a vector for the unscrupulous to insert their own preferred data.

[…]

AIS spoofing is similar to GPS spoofing in that broadcasting false data can mislead the wider world. Back in 2018, researchers built a GPS-spoofing unit out of a Raspberry Pi, transmitting false location data to confuse a targeted car’s satnav.

This proof-of-concept unit using consumer-grade, readily available equipment merely spells out what nation states such as Russia (and the West, naturally) have been toying with for years. Western GPS spoofing is a fact of life in the Eastern Mediterranean, as frustrated airline pilots and air traffic controllers know all too well, and the effects of AIS spoofing are very similar for those who depend on public datafeeds to keep up with the world around them.

[…]

Source: Russia spoofed AIS data to fake British warship’s course days before Crimea guns showdown • The Register

Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft