CyberWire Daily - Navigating the GPS threat landscape, with Brandon Karpf. [T-Minus: Space-Cyber Briefing]
Episode Date: June 21, 2026Traditionally, GPS jamming attacks have been confined to the ground; however, new data shows that these attacks could be moving to target signals before they even reach the ground. In this week’s e...pisode, host Maria Varmazis sits down with Dave Bittner and Brandon Karpf to discuss recent research that suggests the attack landscape for GPS attacks is expanding. If this research is accurate, these attacks represent a significant evolution for how defenders think about this critical technology. Key sources: Something is jamming GPS over Europe. Here's what we found. Chasing Lightning: Detecting, Characterizing, and Identifying a Powerful Space-Based GNSS Interference Source. EKS 5. Like what you heard? Be sure to subscribe to our free Signals and Space Briefing, our Sunday newsletter covering the intersection of cybersecurity and space. Subscribe at: https://thecyberwire.com/newsletters/signals-and-space Is there a topic or person you’d like to hear on our show? You can send your questions and feedback to space@n2k.com. You can also fill our our audience survey: https://www.surveymonkey.com/r/NJYCN2P T-Minus: Space-Cyber Briefing is a production of N2K CyberWire. N2K is your nexus for discovery and connection for people, technology, and ideas shaping the future of secure innovation. Learn how at n2k.com. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyberwire Network, powered by N2K.
AI is making fishing attacks faster, more convincing, and harder for people to spot,
and traditional security awareness and fishing training weren't designed for this level of attack.
Hawkshunt helps security teams prepare employees for the attacks they face every day,
with personalized fishing training that adapts to each employee and reduces risky behavior over time.
For IT and security leaders looking to strengthen their human layer of defense, without adding more manual work, visit hoxhunt.com slash cyberwire to learn more.
That's hoxhunt.com slash cyberwire.
Just to give you a sense of the power, the GPS signal that your phone is collecting is about the same power as a car headlight seen from 12,000 miles away.
That's the power.
Right? So, I mean, it's very low power by the time it reaches your phone or any, you know, GPS receiver on the ground.
Welcome. I'm Maria Vermazes, and you are listening to T-minus space cyber briefing.
In this show, we examine the evolution of cybersecurity in the global and orbital infrastructure that powers, protects, and connects our lives.
Hello, friends. It is always a treat to have a conversation with my N2K colleague and host
of the Cyberwire Daily, Dave Bittner,
and friend of the show, Brandon Karpf,
who is the leader of international public-private partnerships at NTT.
The three of us recently got together to discuss something
space cyber-related that Dave had found and shared with us.
I'll let Dave start us off on our conversation.
Here he is.
So there was a recently published video over on YouTube
from the folks at Veritasium,
very, very popular YouTube.
Is it fair to call it a science channel?
I would call it science and kind of new media.
Yeah, I'm a fan.
So this particular episode of their show
has to do with GPS jamming.
And specifically that something is jamming the GPS system over Europe.
Maria, do you want to try to fill in some of the gaps here
what this is about?
Yeah, so I will just get right in front of it
and say, I made an assumption
that this video was about someone doing something
dastardly on the ground and jamming GPS signals
from a ground station, and literally the first two minutes
of this video says, no, that is not what this is about.
So for anyone else is going, oh, that's old news.
We've talked about that a bunch.
This is not that.
This is a bit of a physics who done it,
which is kind of, they take us on a nice little journey here.
Somebody's doing something dastardly in the L-Ban,
which is what all GNSS satellites are working in, right?
And it's over a huge swath of not just Europe,
but even parts outside of Europe.
They figure out pretty early on with just some basic geometry
that if you're going to be jamming signals over that big a part of the world,
it's not going to be something on the ground.
It's got to be something in space that's doing this.
And then they walk us through how the researchers figured out
what satellite or satellites they think might be doing some naughty things.
things in space. Did I summarize that well? I think you nailed it. I mean, it was this professor and his
research student at UT Austin. But then there was a part of the story where they brought together
folks in the position, navigation and timing community around the world in Europe and Germany and
others. I mean, a really kind of a collaborative effort to get the data that they needed to
pretty narrowly pinpoint the perpetrator of this. And I think it's worth saying that when we say
GPS jamming, this is more of
every now and then, an occasional anomaly
type of jamming. This wasn't somebody
shutting down GPS for long periods of time,
although any disruption to GPS is potentially dangerous.
This is a kind of thing that was happening a few seconds
at a time spread out over weeks and months and years,
which was part of the puzzle. Who's doing this and why?
Yeah, it was 75 specific events over the course of between 2019 and 2026 and measured over Europe, Greenland, and Canada, more or less simultaneously, at least simultaneously within, you know, human perception, obviously not machine perception.
Yeah. And they were flooding, they were just flooding the frequency. What exactly was this, I don't know if we want to call it an attack, but what exactly was it doing?
Yeah, so from the perspective of kind of a malicious attack or a radio frequency attack,
you know, and I know that on the various podcasts, we've talked about jamming and spoofing in the past,
jamming being just kind of noise where, you know, if someone's talking, a jammer is just talking over that person, right?
Whereas spoofing, right, if someone's talking, then someone is actually mimicking the way they speak
and making you believe that it's the person talking, right? That's jamming versus spoofing.
And this just seemed to be just a very quick, subtle interference.
So the same frequency band, a little bit louder than the true signal.
And so it was kind of a spoof, right?
Kind of a jam, a little bit in between, but not enough to really affect any of these systems.
And that was part of the mystery.
It's like what is going on here?
Why is this happening every few weeks, every few months, kind of randomly on Wednesdays and Thursdays, by the way, during business hours?
Yeah, just for fun. No.
Right. Exactly.
I mean, one kind of jumps to a conclusion pretty quickly that someone's kicking the tires on some bigger plans.
I mean, that would be my assumption of something like this.
You don't test something out like this just to see if you can do it and then leave that there.
Right, right. Not to mention having to have the infrastructure to, I don't know, launch a satellite to be able to do this.
That's easy, peasy.
Right. Yeah. Yeah.
So, spoiler alert, if any of our listeners don't want us to jump to the end here,
now would be a great time to pause.
Go watch the Veritasium video, which we will include a link to in the show notes, and come
back for our thoughts and discussion about what happened.
So let's skip to the end here.
Maria, what are the most plausible theories that folks have as to what could be going on here?
My understanding is that the thinking is this is from Russia's early
missile warning system that they're kicking the tires on some transmitters that have the ability
to flood the zone.
Well, something that caught my attention was the notion that they would be using the frequencies
very close to GPS because their adversaries would be less likely to take those signals down
or to interfere on their own.
So if you have communications that you want to be, you, you know, you'd, you know,
You don't want to have them interrupted.
If you park them right next to a critical service like GPS,
perhaps it's less likely that you will be interrupted.
I think this would be a good time for Brandon to explain how that works,
because I think people who have maybe a very digital mindset might not understand.
Yeah, and I think you both capture the two working theories right on,
one of them being this is an offensive capability that Russia has attached to their early warning
satellites in a specific orbit called the Mulnaya orbit, which is a highly elliptical orbit
that has a long dwell time over the northern hemisphere. And definitely could be an offensive
capability, but also could have been, or could be, as Dave was talking about, an actual
communication signal where there's content inside this signal and that they're just testing,
making sure that these satellites can still communicate on this signal that is very close to,
but not exactly on top of the GPS frequency.
And so both are totally viable.
A key aspect of any sort of radio frequency communication
is that your communication is never over just a single frequency.
It's actually typically a band of frequencies,
especially if you want to put a good amount of information into that signal.
You do need to have a little bit of a band.
That's created by however you multiplex the signal,
creates that frequency bandwidth that your communication.
getting over. And so if Russia has put their kind of this critical wartime reserve communication
frequency right next to GPS, well, every time they test it, a little bit of that signal is going
to leak over into the GPS band, and you'll measure some interference. So both are totally,
you know, viable theories. I don't think that there's enough data out there right now to say
which one is true. There's an extraordinary amount of data going around in the radio frequency
spectrum, you cannot conceivably collect all frequencies all the time. And so finding the data there
to see if they're communicating maybe in a band that's just slightly above GPS. That data is not
readily available yet. But I think both are viable and both kind of point out some critical
vulnerabilities or concerns with the GPS band that we rely on. Yeah, I mean, does it take a ton of power
to do what they're doing? I mean, from the Molina orbit, I mean, I imagine it's not that
It's just not that heavy a lift.
Not at all.
I mean, just to give you a sense of the power in a GPS signal,
the GPS signal that your phone is collecting is about the same power as a car
headlights seen from 12,000 miles away.
That's the power.
Right?
So, I mean, it's very low power by the time it reaches your phone or any, you know,
GPS receiver on the ground, right?
And so it, there's, I mean, there's probably.
a lot of power coming out of the satellite itself, but then again, I mean, it doesn't have to
overcome a lot. Yeah, I want to say, and this is off the top of my head, so I reserve the right
to be wrong, but I want to say it's about 50 watts of radio power coming out of any of those
GPS satellites, which while directional and focused and all that kind of stuff is not, you know,
imagine a 50 watt light bulb that is tens of thousands of miles in space. And that's, and that
power is distributed over a good part of the globe. That's how you get your 12,000 mile away
car headlight. And a lot of the conversation around kind of GPS jamming and spoofing.
And by the way, spoofing is far more, is a much more dangerous, right, attack, right? Because it
manipulates the signal. It makes you think that you or, you know, your device is somewhere
that it's not. But most of these have talked about kind of the asymmetry of the $30 jammer, right?
can very easily make one of these things at home on the ground. What's notable about this is that
this has clearly been extended into the space architecture. And so this is really one of the
first times we have clear evidence that there is a jammer or a spoofing capability, something that
could be used to interfere in space. And so that's a concern. And along with how dependent we are
on this critical infrastructure of position, navigation, and timing signals.
A car had light from 12,000 miles away.
That's around 19,000 kilometers for the civilized world.
And that level of power provides the foundational tech of our modern life.
Chew on that for a moment while we take a quick break.
When we return, we're diving into the super-useful and super-congested and contested part of the electromagnetic spectrum
that runs from 1 to 2 gigahertz.
It is called the L-Band.
Stay with us.
Most environments trust far more than they should, and attackers know it.
Threat Locker solves that by enforcing default deny at the point of execution.
With Threat Locker Allow listing, you stop unknown executables cold.
With ring fencing, you control how trusted applications behave,
and with Threat Locker DAC, defense against configurations,
you get real assurance that your environment is free of misconfigurations
and clear visibility into whether you meet compliance standards.
Threat Locker is the simplest way to enforce zero-trust principles without the operational pain.
It's powerful protection that gives CISO's real visibility, real control, and real peace of mind.
Threat Locker make zero-trust attainable, even for small security teams.
See why thousands of organizations choose Threat Locker to minimize alert fatigue,
stop ransomware at the source, and regain control over their environments.
Schedule your demo at Threatlocker.com slash N2K.
today.
When it comes to mobile application security, good enough is a risk.
A recent survey shows that 72% of organizations reported at least one mobile application
security incident last year, and 92% of responders reported threat levels have increased in
the past two years.
Guard Square delivers the highest level of security for your mobile apps without compromising
performance, time to market, or, you know.
user experience. Discover how Guard Square provides industry-leading security for your Android and iOS
apps at www.gardesquare.com. I feel like we should also talk a little bit about the L-band in general,
about just how much is going on in the L-band. And Dave, I'm looking at you, especially as a ham.
Like, this feels like also something you can speak to. I mean, so much goes on in the L-band,
and this is something I really didn't appreciate until I started learning about this a few years ago.
Is there a more important piece of the spectrum out there than the L vans of modern life?
I don't know. Maybe there is, but that seems pretty damn important.
Yeah, I mean, it's a good point.
Obviously, as one of the folks in the video point out, one of the experts that they spoke with,
GPS touches just about everything these days.
Almost all of our consumer electronics are somehow tied into GPS.
It's how our devices tell time.
Right? Because GPS is reliant on extraordinarily accurate time, it's a great time source.
So your phone uses it for its time source. And people, their appliances that use it as their time source.
You know, your car. A lot of critical infrastructure uses it. Yeah.
Right. Yeah. Your car has GPS. So it uses it as a time source and obviously a location source and all those things.
But yeah, there are a lot of things in this band. And what is it?
Is this, it's, what is it like 1.2 gigahertz, something like that?
Yeah, it's like one to two basically.
Yeah, something like that.
Yeah.
All of the GNSS systems, sorry for being redundant, GNSS, this, GNSS, this is, all of the various navigation systems.
All of them seem to be on the L-Band, so that's kind of super important, right?
And they are there because that's a band that is not as susceptible to various times.
of natural interference, weather conditions, ionospheric conditions, things like that,
because it's a high enough frequency that the infrastructure can be small, right?
It can be more microprocessors and really small antennas, but it's not so high that it's
interfered with by water droplets in the atmosphere and things like that.
So it's actually a very resilient frequency band, which is why so many critical applications
use that frequency band.
But therein lies the issue where we don't really have resiliency in the architectures.
We don't really have resiliency in how we get timing signals.
And I mean, there are technologies that are in the lab now that are starting to be developed
and some of them are starting to be deployed like actually applying digital signatures
to GPS signals, right?
That are starting to be applied.
There's some quantum technologies that might resolve some of these issues.
But this architecture needs more focus
because it's, as Maria and Dave, you both pointed out,
everything relies on this, right?
Everything.
Every computing system relies on this.
I'd just like to point out that this is the reason
why my entire family for Christmas this year
got hardbound paper printed out copies of a Road Atlas.
Yep.
Not a bad idea.
Honestly, yeah.
They all looked at me like I was crazy.
And I probably am, but I said there is a
For other reasons, though, Dave.
There's a non-zero chance at some point in your life GPS is going to be interfered with, and you will thank me then.
Dave, Dave, I too have paper maps, roadmaps of all of my state and all of the surrounding states here at home.
Right.
I keep them in my car and I've got one at home for the same reason.
Yeah, it's not a bad idea.
I do have to wonder, Brandon, when we're talking about interfering with global national,
navigation satellite systems, see what I did there.
So if we're thinking that if the theory is that Russia has figured out that a $30 jammer can
also go in a satellite now, does this become a war of attrition where everyone's going to be
doing this and now basically this all becomes useless because we're all blasting the foghorn
on each other from space?
Yeah, it could.
And certainly in a conflict scenario.
But keep in mind, right, if you are reliant on the signals in L band and you want to use
them for your own systems and pretty much every, you know, Western military system,
relies on it. Very few of our offensive capabilities can function without some sort of timing or
position signal. You know, you wouldn't want to obviously jam that, right? Because then you're,
mitigating or you're affecting your own systems.
It's an own goal. Yeah. Yeah, area of operations. So the question is, can you build systems
that don't rely on it? And are you building systems? You know, you think about the war in Ukraine,
the cat and mouse game, and we're now to the point, actually beyond that they've been doing this for a
now, but to the point of having hardwired drones, right, fiber optic lines that actually connect
an operator to their drone flying kilometers, right?
Kilometers and kilometers for operations because of the radio frequency jamming.
So there are potentially other solutions here, but a lot of research and investment is going
into other types of timing signals, right?
There's such a thing as quantum position verification of using quantum key distribution technologies
to verify that you are, where you say you are, and when you're communicating.
So in that way, you can start doing not space-based GNSS, but actually ground-based GNSS.
What?
Yeah.
We're going back to terrestrial?
Wait a second.
Right.
And back to, there was an old technology called Low Ran, which is more in a lower frequency
band, a high frequency or in VHF frequency.
That's kind of an over-the-horizon band that was used as timing signals.
I mentioned the application of digital signatures to,
and so actually applying cryptography to the GPS signals
allows you to verify that the signal you're receiving
is actually verified true,
and therefore that takes out the spoofing attack, right?
Doesn't resolve the jamming attack,
but is kind of an anti-spoofing technology.
And so there's a number of these research areas
that are still very kind of lab early days.
But I think this story highlights the need for more focus
and thinking about GPS as critical national infrastructure
that is not resilient today,
that there is no resilience in that architecture
and we're really behind the curve.
Yeah, and while you were mentioning all these technologies,
I was thinking about PNT going into low Earth orbit,
and I'm wondering, would that still have the same vulnerability of,
hey, we mess with the L-band, even Leo PNT is not going to work?
Yeah, I would say so.
I mean, the one benefit in Leo is you're so much closer.
You're not at 12,000 miles.
You're at 300 miles, right?
And so your signal strength is much higher,
which means that you have a lower signal to a noise ratio,
which means that the true signal,
to jam that, you need a much more powerful transmitter
to jam that, to overcome the power of the true transmitter.
Because the U.S. GPS system is not the only game in town.
No.
Does that automatically provide some redundancy?
I mean, this video points out that even the phones we carry in our pockets
aren't strictly relying on the U.S. system to figure out where they are.
That's right.
They'll listen to the other systems as well.
Yep.
Right?
Yeah, there's a Russian system, a Chinese system, a European system, an American system.
I'm not sure if there are more.
There might be an Indian system or something planned.
Yeah, there's some sort of like partial systems that other countries are getting.
Yeah, India has one too.
Yep.
Yeah.
And actually what this video points out is that this wasn't just interoperative.
with the U.S. GPS frequency range.
It was also interfering with the Chinese frequency range,
which is slightly different than the U.S. range, right?
And so, you know, there's, there is some redundancy across these various architectures,
and they pointed out that our devices today do measure more than just the U.S. GPS constellation.
So there's resiliency in that redundancy.
But, you know, I think anything that is space-based that is relying on L-Band,
that's relying on these extremely low-power signals
that are unencrypted and unverified
is vulnerable to the attacks that we're seeing.
Yeah, encryption.
Kind of important.
Very important.
11.
I guess another question that this video brings to mind for me
is this is a case of
the Russians sort of showing their cards a little bit
and they got noticed.
But we're having this conversation
of saying, oh, this is a problem,
this is a vulnerability,
we need to take a closer look at this.
Wouldn't it be fair to assume
that everybody's already thought about this?
And, you know, if the Russians have a system to do this,
we have a system to do this.
No.
I mean, let's not be naive
that there isn't global recognition
of the importance of this system
that all of the,
have been tabletopped out to what happens if and how do we counter them?
Well, I bring this up often when I'm having conversation.
You know, a lot of my work is around critical infrastructure resilience, right?
That is what I'm working on in the Pacific region.
And I have these conversations with folks who say, you know, they expect, oh, if we go to war with China,
China's going to cut out all communications and they're going to cut all undersea cables
and the mobile networks in the Philippines and Guam and Taiwan and Okinaw are all going to go dark.
And, you know, what I bring up is the historic example in recent history of, you know, even in Ukraine, the mobile networks didn't go down.
Why? Because the Russians needed them to communicate too, right? And so to your point of, yeah, we have a number of interconnected systems. There's no secret about how reliant we all are on these systems, not just us, but other nations as well. And these other nations need these systems to function also. I think from a defensive perspective, though, the real question is, you know, the real question.
is, you know, or the real observation, right, is that GPS is the most important utility that
nobody really treats as critical infrastructure, at least publicly. And it's the one that, in my
mind, is most susceptible to spoofing, because there is no resiliency in that architecture itself.
We don't have something to fall back on, right? If communication networks go down and the
undersea cables get cut, we have some fallback options, right? If the, the, you know, the,
the water treatment plants go down,
there are some fallback options.
We don't really have a fallback option
for position navigation and timing.
And so there's a lot of risk inherent
in accepting that position,
even though everyone knows, right?
What's vulnerable?
Yeah.
Also, yeah, I agree.
And I think about my children,
their generation,
who are, you know, GPS is like water to them.
It's just, it's there.
It's always been there.
and they don't think twice about it.
For those of us who are old enough to have been around when this became a thing,
and it was suddenly this magical thing that, oh my gosh, we know exactly where we are.
I remember our former colleague John Petrick, who used to be the editor at the Cyberwire,
he was telling me one day that I think it was the war in the Persian Gulf
was the first time in history that a military actually knew where it was precisely.
Yes. Right.
So my point being that I think if GPS were unavailable,
and as we've talked about, how many things that it is involved with,
just the psychological effect that could have on a nation, on an adversary,
where suddenly all of these things that we just are used to,
if they're not able to resolve your location,
that would make people edgy, I think.
I mean, so much other stuff would go down.
When you start poking at that hornets nest a little bit,
I think not knowing where we are on the road
would be like the last thing we'd be worried about
if GPS really went down
because there would be a lot of other stuff hitting the fan.
And, you know, I used to point this out in the Navy all the time,
which is any network that relies on cryptography
needs the GPS signal for timing reasons.
that all you need to do on your local computers
mess with your timing signal, right?
And you can do this, right?
You can turn off the clock, right?
Not your computer clock, the actual timing clock,
and see what happens.
You can't communicate.
You cannot get on the internet without a timing signal.
And so to your point, Dave, right?
We used to live without it.
We could live without it again, right?
We could adapt, but we have a lot of systems
that rely on this.
And we also don't quite know.
Just like, same conversation with
the post-quantum cryptography and the transition to quantum secure cryptography,
where we don't quite know all of the things that rely on cryptography.
We also don't quite know, we don't have a good inventory of all the things that really rely
on this position navigation and timing signal.
And so, you know, it's easy to say, hey, I don't really need my Google Maps on my phone
to work.
I can figure out how to get to the grocery store down the street.
but then the stoplights probably wouldn't be working, right?
And the power grid goes down.
There's a lot of other things there.
Yeah, yeah, it'd be real bad.
Real, real bad.
Yeah, I think we would not notice the maps
because there'd be other things like, oh, now there's no power
and there's no water.
Yeah.
A whole bunch of stuff.
Now, I think there's goodness here too
because, as I mentioned earlier,
there are technologies already in testing
in lab environments,
some rolling out into real world that resolve some of this, right? And a lot of them have to do with
quantum technologies, which are legitimate and being tested and proven. And it's not that it's
helping us with GPS security. It's that it is helping us not need GPS anymore, these new
technologies that are being developed, these fundamental technologies where quantum navigation and
quantum clocks will work even when the signal, the GPS signal is being jammed or spoofed. So there's
there is a silver lining here.
Hmm.
So we went out to space
to make these systems more resilient,
and now we're messing with those too much,
so we're going to go back to Earth.
Wow.
Okay.
I'm going to rely on dead reckoning
and my sextant to...
They teach you that in the Naval Academy, Brandon?
They do.
They do teach celestial navigation.
And the story I'll tell is
the most accurate I could ever get
with celestial navigation is
oh, I'm somewhere in the North Atlantic.
Bravo.
Okay.
You were in the South Atlantic at the time,
but you were never really a good student.
That's another story for another time, Dave.
All right.
Well, I want to point all of our listeners to this video
that we've been talking about.
Again, this is from the folks over at Veritasium,
one of the most popular YouTube channels there is,
and with good reason.
It's called Something is jamming GPS over Europe.
Here's what we found.
It is a video worth your time.
Like I said, we'll have a link in the show notes.
And that's T-minus Space Cyber Briefing,
brought to you by N2K CyberWire.
If you like what you heard today,
you will also enjoy our newsletter, signals and space.
Every week on Sundays, you'll get research and notes
pulled together by our producer Ethan Koch and me,
along with this week's top space cyber news stories.
And you can subscribe by visiting
the cyberwire.com slash newsletters.
We'd love to know what you think of our podcast.
Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly
changing cybersecurity landscape.
If you like our show, please share a rating and review in your podcast app.
Please also fill out the survey in the show notes or send us an email.
Space at n2k.com is how you can get in touch.
We're proud that N2K Cyberwire is part of the daily routine of the most influential
leaders and operators in the public.
and private sector, from the Fortune 500 to many of the world's preeminent intelligence
and law enforcement agencies. N2K helps cybersecurity professionals grow, learn, and stay informed.
As an ex is for discovery and connection, we bring you the people, the technology, and the
ideas shaping the future of secure innovation. Learn how at N2K.com.
Thank you for listening to T-minus. I am your host, Maria Vermazas. The show is produced by
Ethan Cook and Liz Stokes. We are mixed by Elliot Peltzman and Trey Hester with original music by
Elliot Peltzman. Our executive producer is Jennifer Ibin with Content Strategy by Mayon Plout.
Peter Kilby is our publisher. See you next week.