GPS Lessons from Before 9/11 Still Endanger the U.S.

Trifonov_Evgeniy/istockphoto.com

Featured eBooks
Customer Experience
Read Now

Identity in Government

Read Now

Health Tech

Read Now
Insights & Reports
Mission-Critical Systems Under Attack: Defending Against GenAI-Bots
Presented By Carahsoft
Download Now
Get Print Security Right in 5 Steps
Presented By Carahsoft
Download Now
By Dana A. Goward,
President, Resilient Navigation and Timing Foundation

By Dana A. Goward

|

“Public policy must ensure, primarily, that safety is maintained even in the event of loss of GPS,” officials wrote in the 2001 Volpe Report.

Secretary of Transportation Norman Mineta hefted the report in his hand. Three years in the making, it described America’s over-reliance on the Global Positioning System and what should be done about it. 

This was important. He wanted to read and understand it better before it was made available to the public. So, although the report was dated Aug. 29, 2001, it wasn’t released until Sept. 10.

The next day the world changed. And the report’s calls for immediate and specific actions across government to protect GPS and its users were put on the back burner. 

The 2001 Volpe Study’s Warning About GPS 

“Critical infrastructure” first emerged as a federal term of art in 1996 when President Bill Clinton established a commission to figure out what it was and how to protect it. As part of its findings the commission noted transportation’s increasing reliance on GPS, especially in aviation, and recommended a closer look. 

The result was a 113-page document by DOT’s John A. Volpe National Transportation Systems Center published in 2001. 

Considering today’s lack of protection for frequencies, vulnerable receivers and the absence of widely available alternatives to GPS, one might be tempted to think these problems were neither known nor envisioned 20 years ago.

A quick glance at the Volpe report shows just the opposite. 

Its assessment of system vulnerabilities, threats and potential severe consequences could have been written today. 

Problems with accidental interference and deliberate jamming were well-known and documented. Spoofing and “hazardously misleading information” were listed as likely to be a problem. And while a direct attack on the GPS Operational Control Segment and/or satellites was seen as less likely, total system loss for one reason or another was contemplated.

Almost all the report’s recommendations also apply today nearly as much as they did 20 years ago.

It’s very first recommendation began: “Public policy must ensure, primarily, that safety is maintained even in the event of loss of GPS.”

The report went on to discuss the need for things like risk assessment, protecting frequencies through regulation and interference detection, improving signals, toughening receivers, and the need for backup systems. 

About the last it said: “Backups for positioning and precision timing are necessary for all GPS applications involving the potential for life-threatening situations or major economic or environmental impacts.”

Through the Lens of 9/11

After the attacks of 9/11, the government’s response to the Volpe report was understandably delayed.  

When it did come in 2004, officials viewed the report as much through a lens of national security as much as the original focus of fostering transportation safety and protecting the economy. 

This was reflected in December 2004’s National Security President Directive- (NSPD) 39 which assigned a wide variety of GPS-related duties to various federal departments and agencies. These included:

  • Good spectrum management to protect GPS frequencies. 
  • Detection, location, attribution of interference, along enforcement actions to deter future events.
  • Development of a GPS alternative by the Defense Department to be used for national security., and
  • Acquisition of GPS backup capabilities to support “…critical transportation, homeland security, and other critical civil and commercial infrastructure …” by the Transportation Department.

With the unclassified portion at only 13 pages and signed by the president, NSPD- 39 was, for a government document, a concise set of orders to protect the nation. 

It came at a time when the pain of an attack on the homeland was still palpable. And when the twin humiliations of failed intelligence, and failure to take simple anti-hijacking precautions like hardening cockpit doors were still keenly felt.

One would have expected prompt and decisive action to put the president’s orders into effect.

20 Years of Inaction and Regression

Yet 20 years after the first comprehensive official warnings about GPS vulnerability, America has still failed to act. 

In fact, rather than moving forward, in some areas we have regressed.

Instead of being careful to protect GPS frequencies., the Federal Communications Commission (FCC) has licensed operations that many say will interfere with GPS signals. 

And rather than improving its ability to detect violations and act against jammers and spoofers, the FCC has reduced staff and equipment. 

GPS alternative projects within the Department of Defense are still in the science- project stage. The Government Accountability Office reports those efforts don’t have the support of senior leadership and often die often the die on the vine. 

And despite nearly a dozen studies, a law requiring establishment of a national alternative for GPS timing, and public promises by two administrations to create a backup system, nothing has been done. Worse, a national alternative system used by some telecom and other industries was terminated in 2010 against the recommendation of nearly every engineer and technologist in government.

Structured to Fail

The reasons for inaction and backward movement on these issues over the decades are many and varied.

Responsibility for positioning, navigation, and timing, or (PNT,) issues is divided between a variety of departments. Authority to make real changes was reserved for officials at the Executive Office of the President who typically have neither the expertise nor time to deal with such issues.

GPS services have been generally reliable with no major incident to highlight vulnerabilities. In the absence of a media- worthy event, busy bureaucrats and political leaders have not had to focus on the threat.

And when it comes to alternatives, advocacy within government and by defense contractors for GPS-related programs has been vigorous. As is the case with any major project, efforts that might seem to compete with it or reduce its priority have faced major uphill challenges.

So, rather than being propelled forward as critical to our nation’s well-being, these issues have languished and America’s capabilities have atrophied.

Dangers Increasing

All while China, Russia, Iran, and others have added satellite PNT capability and/or upgraded terrestrial systems that can work with GPS and stand in for it when it is not available.

They have gained huge tactical and strategic advantages over America by using the last two decades to actually do the things we have only talked about. 

Some analysts have opined that GPS is the highest priority target for those who would do America harm, from lone wolf hackers to hostile nations. 

And many think it is time to “get the bullseye off GPS” with complementary and backup systems and restore America’s place in the world as PNT leader.

Failing to do so will leave the cockpit doors open to nearly everyone, and the nation vulnerable to another devastating attack.

Dana A. Goward is president of the Resilient Navigation and Timing Foundation.

NEXT STORY: We Cannot Afford to Wait to Bolster Maritime Cybersecurity