The entire global financial system depends on GPS, and it’s shockingly vulnerable to attack

Look up.
Look up.
Image: Reuters/David Gray
We may earn a commission from links on this page.

There is an enormous, invisible clock that keeps ultra-precise time, can be checked from anywhere on earth, and is free for everyone to use. This technological gift to humanity was built by the US government. It is called the Global Positioning System (GPS), it lives in space, and you use it every time you check the map on your phone.

What you may not know is that you rely on it far more often than that. Cell towers use it to route your phone calls, ATMs and cash registers use it for your transactions, electrical grids use it to send power to your house, and stock exchanges use it to regulate the trades that go into your stock portfolio or investment fund. And it is far more vulnerable to attack and disruption than most people know or are willing to admit.

“When we talk about economic infrastructure, I don’t think the general public realizes the extent to which the Global Positioning System’s timing signal is critical for these ATM transactions and every other point-of-sale transaction conducted in the United States and throughout most of the world,” Michael Griffin, a former NASA administrator, told US space policymakers in early October. “To what extent do we believe that we have defended ourselves if an adversary can bring our economic system near collapse?”


Time, as it turns out, is money, in a very literal sense. Since digital money moves faster than humans can think, banks and regulators alike rely on time stamps to monitor transactions, catch fraud, and make sure the right people get paid. When you pull cash from an ATM or swipe your card at the coffee shop, the machine needs to determine the precise time that the transaction occurs to, for example, prevent it from being over-drawn.

Putting a little clock in the credit-card machines wouldn’t work, because over time, even the most precise clocks start to differ from one another. That doesn’t matter when you’re meeting me for lunch at noon, but if you’re timing transactions down to the microsecond standard now used in many electronic networks, tiny differences can screw up your whole operation.

What makes the Global Positioning System so crucial, then, isn’t in fact the “positioning” part; it’s the ability to make machines all over the planet agree on exactly what time it is.

Developed and launched by the US military in the 1980s, GPS became fully operational in 1993. Today it consists of 31 satellites. Each satellite contains an atomic clock, which is synced regularly with high-precision timing devices at the US Naval Observatory. Phones, ATMs and other devices can pick up the timing signals from three or four satellites, and use the knowledge of exactly when each signal was sent to triangulate their position on earth.

Besides providing the military with better way-finding, the ubiquitous timing signal became a public good used by numerous private industries. “Why wouldn’t you use it?” Dana Goward, the president of the Resilient Navigation and Timing Foundation, says. “It’s really, really good, you don’t have to pay a license fee, and it’s global.”

While the US GPS constellation is the preeminent source of this data, other nations have launched similar constellations: Russia’s GLONASS, China’s BeiDou and Europe’s Galileo, along with smaller regional services, offer a similar signal under the rubric of “GNSS”—Global Navigation Satellite System.

Time’s uses

It’s hard to find important digital infrastructure that doesn’t rely on GNSS. Because radio spectrum for mobile communications is limited, cellular phones and towers can’t just broadcast directly to each other; there’d be a data pile-up. Instead, these networks use the space efficiently by precisely timing bursts of communication back and forth, introducing intervals too short for people to notice. Even wired networks need to agree on precise timing to operate at full capacity.

The New York Stock Exchange relies on a set of GNSS antennae on the roof of its New Jersey server farm to time financial transactions, including those performed automatically by computers. Investors have spent millions improving their algorithms and communications systems to execute trades a few microseconds faster than their competitors, but all that would be for nought if they couldn’t agree on precisely what time each trade happened.

Even the modern electrical grid relies on ultra-precise synchronization to deliver power to high-demand areas at just the right time to prevent a blackouts without causing a dangerous power surge. And all that is before we get into the more obvious uses of GNSS technology to guide transportation of all kinds, from cars and delivery trucks to airplanes and container ships.

The driver dilemma

Some of the earliest clues to the vulnerability of GNSS came from rebellion against The Man. As drivers began using GNSS to plot their routes through traffic, their employers realized they had an easy way to keep an eye on workers and company cars—ensuring, for instance, that they weren’t taking a nap in a parking lot when they should be putting packages on doorsteps. Employees did not exactly like entering this panopticon, and the tech savvy among them discovered something interesting: It’s relatively easy to jam a GNSS signal.

The GPS satellites orbit more than 12,000 miles (19,000 km) above the earth, and rely on their own solar panels for power. This makes them, Goward says, the equivalent of “a 40-watt light bulb that was turned on in New York and viewed from California.” They are actually less powerful than the space background radiation known as the “cosmic hum.” Though it is illegal, it takes only a little tech savvy to build a device that broadcasts powerfully enough on the GNSS frequency to drown it out, and almost none to purchase an (illegal) jammer online for a few hundred dollars.

In 2008, Newark International Airport in the US began using GPS to help its air traffic controllers guide jets. Almost immediately, they noticed interference from passing vehicles on the nearby Interstate 95, a major highway. In 2012, following interference complaints, an FCC investigator discovered a contractor with a GPS jammer was working on airport property. The contractor was fined $32,000. That same year, the London Stock Exchange noticed that it was losing access to timing data for about 10 minutes a day, likely because of a driver using a jammer.

These accidental interferences didn’t cause disaster because the home-built jammers have limited range. But there are more pernicious outcomes. In the UK, criminals have been found stealing luxury cars and using jammers to disrupt tracking systems.

And for more sophisticated entities, it’s possible to go beyond GNSS jamming to GNSS spoofing—not blocking the signal, but manipulating it to create different results. This is something that governments, particularly Russia’s and North Korea’s, do in warfare. In 2011, Iran captured a US drone that strayed into its airspace from Afghanistan, saying it used spoofing to lure the unmanned aircraft across the border. While the US government denied this, independent experts say it is quite possible.

Criminals could also take advantage of spoofing. The US Department of Homeland Security has reported drug cartels doing it to divert surveillance drones along the US-Mexican border. And Todd Humphreys, an engineering professor at the University of Texas, believes that spoofing GPS signals (pdf) used by stock exchanges could create opportunities for ill-gotten gains and disruptions like the 2010 “flash crash.”

“It could be happening subtly in financial markets even as we speak,” Goward told me. “The idea behind spoofing is to not let people know they’re doing it.”

You’ll note that none of the threats to GNSS we’ve mentioned are actually up in space with the satellites themselves. This isn’t because the satellites are entirely safe. They are vulnerable to space debris and to space weather—a large solar flare could be disastrous not just for GNSS but for much of earth’s electrical infrastructure. Warding off these threats is a largely a matter of mitigation, planning and keeping your fingers crossed.

The US military also frets about Chinese and Russian anti-satellite weapons, but it has the ability to spot these threats and strike back against them. “Kinetic attacks against the GPS constellation would be extremely bad, but are very unlikely,” Brian Weeden, a space expert at the Secure World Foundation, says. “It’s far easier to jam or interfere with the signals than it is to physically destroy the satellites.” If it gets to where major powers are shooting each other’s satellites out of the sky, we will all have bigger problems than dropped calls and broken ATMs.

Solving the problem

A year ago the Resilient Navigation and Timing Foundation published an analysis of the biggest threats to GPS (pdf), ranking them by vulnerability, potential damage, and the intent and capacity to carry them out. The top three threats were on-going “accidental” jamming like the truck at Newark airport and the potential use of powerful jamming devices by either a rival military or terrorist groups.

Intentional or unintentional jamming could cause millions, even billions of dollars in damage; it could also lead to the loss of life.

“The first thing that happens when GPS is disrupted, every mode of transportation slows down, becomes more dangerous,” Goward tells me. “Then the clocks in the different networks in the affected area begin to desynchronize. Because they are all such a different quality, it’s impossible to say which networks are going to degrade where and in what order, but we know after some period of time, cell phone networks will start to fall apart, IT, financial—stock exchanges will have to shut down because they can’t reconcile the trades, ATMs won’t work because the banks can’t verify the money is there, eventually even the electrical grid. Lord knows how quickly this will unfold.”

To prepare for such threats, experts urge laws that would require toughening up critical infrastructure so it would be able to maintain its own high-quality timing for at least thirty days if GNSS vanishes.

But the more important idea is simply to create a terrestrial back-up: Let’s build another invisible clock, down here on earth. There’s even a model to build it on: Loran, or Long range navigation, a network of radio towers broadcasting a low-frequency signal that can be used for navigation and synchronization. Created in World War II, variations of the system were critical for navigation until the advent of GNSS, by which time the infrastructure was outmoded and largely abandoned.

In 2004, president George W. Bush ordered the creation of a GPS back-up. Updating Loran to something called eLoran was the answer found. As well as offering a similar service to GPS, eLoran’s signal is much stronger and located at the other end of the radio spectrum, which would make jamming both systems at once more difficult. But budget cuts prompted the Obama administration to cancel the eLoran upgrade in 2008.

Putting it in place now could cost as much as $500 million. It’s a lot of money, but it’s a little less than the $547 million total cost of one of the latest generation of GPS satellites. (The current constellation includes many that are well past their theoretical expiry dates.)

It’s also possible US taxpayers wouldn’t have to foot the bill. Goward argues that if the government simply told the private sector it would pay an annual fee for an eLoran signal, private companies would build the system and reap that fee plus the revenues from add-on services. There are already companies that sell high-precision timing services, which would be a natural fit for the job.

One obstacle to action is simply ignorance. “This is a hidden utility, because nothing really bad has happened. People either don’t know, or know about it and haven’t taken any action,” Goward says. “We need to get over the normal human, ‘well, it’s not a problem now so I’m not going to deal with it,’ and be a little bit proactive, before a solar flare or terrorist jamming or a system error comes along.”

The other obstacle is that the companies that depend most on this technology are reluctant to advertise their Achilles’ heel by lobbying for a more resilient system. Goward, whose job is drumming up industry support for these changes, says “the response almost universally has been, we’re not really interested in disclosing vulnerabilities of our products and services.”

That means we may not see a solution to these vital timing needs until the day that invisible, super-accurate clock in the sky stops ticking, and every important piece of technology you use starts slowing, then stuttering, then juddering to a halt.