As the U.S. Navy works to identify the cause of the collision involving the USS John S. McCain and an oil tanker, Admiral John Richardson tweeted that the Navy will conduct a wide investigation, including a review into the possibility of "cyber intrusion or sabotage,” although he says there is no direct evidence at this point.
Ron DeSantis, a Navy officer, Florida Republican congressman, and member of the House Oversight and Foreign Affairs Committee, used the same phrase during a Fox News interview Tuesday, saying “are there any type of outside intrusions? A cyber-intrusion? We don’t have the facts on that yet, but clearly there has got to be some explanation because this is very rare to see mishap after mishap.”
He was referring to the fact another ship from the same fleet, the USS Fitzgerald, was also involved in an at-sea collision with a commercial vessel in June. Each incident resulted in the deaths of a number of sailors.
Dana Goward, president of the non-profit Resilient Navigation and Timing Foundation, wrote an article about a GPS spoofing attack that he says took place in June in the Black Sea and affected 20 ships.
According to the U.S. Maritime Administration, “A maritime incident has been reported in the Black Sea in the vicinity of position 44-15.7N, 037-32.9E on June 22, 2017 at 0710 GMT. This incident has not been confirmed. The nature of the incident is reported as GPS interference.”
GPS jamming is blocking a signal, whereas GPS spoofing creates a fake signal. Jamming is much easier to detect since the signal simply fails.
Goward’s article said a shipmaster was reporting that his GPS was showing he was 25 miles away from his actual location – inland, and near a Russian airport.
Fox News has gotten confirmation from the U.S. Coast Guard that a GPS disruption did occur. Coast Guard Spokesperson Lt. Amy Midgett told Fox News, "The Coast Guard Navigation Center (NAVCEN) routinely shares reports of GPS disruptions with other U.S. government agencies. The Navigation Center shared such a report from the Black Sea region with the Maritime Administration and the Maritime Administration issued a Safety Alert for the region.”
According to New Scientist, “Over the past year, GPS spoofing has been causing chaos for the receivers on phone apps in central Moscow, (causing them) to misbehave. The scale of the problem did not become apparent until people began trying to play Pokemon Go. The fake signal, which seems to center on the Kremlin, relocates anyone nearby to Vnukovo Airport, 32 km (20 miles) away. This is probably for defensive reasons; many NATO guided bombs, missiles and drones rely on GPS navigation, and successful spoofing would make it impossible for them to hit their targets.”
New Scientist also reports on Todd Humphreys of the University of Texas at Austin, who “has been warning of the coming danger of GPS spoofing for many years. In 2013, he showed how a superyacht with state-of-the-art navigation could be lured off-course by GPS spoofing.”
Humphreys told the publication, “The receiver’s behavior in the Black Sea incident was much like during the controlled attacks my team conducted.”
While what happened with the two U.S. Navy ships remains under investigation, Goward, who is also a retired U.S. Coast Guard captain, told Fox News, “It is a good question to ask. We know that GPS jamming and spoofing can cause confusion on the bridge of a ship and that Russia and others have a history of using jamming against Western forces. In fact, Russians have bragged that their electronic capabilities ‘make aircraft carriers useless.’”
However, Goward added, “it is unlikely” that GPS spoofing was involved in either of the two recent Navy collisions. “Could the McCain's collision be the result of GPS spoofing? It's very unlikely, though theoretically possible.” He said “If this was a cyber-attack as some have speculated, then it was likely primarily against the civilian vessel involved. It would require a very high degree of sophistication and, as part of the accident investigation, would be detected by U.S. military and intelligence agencies.”
In June, when the USS Fitzgerald collided with the ACX Crystal, a retired Australian Naval commander and former U.S. Naval officer Gregory Keeley, suggested to Fox News that there could be something sinister behind the crash, something that he says would have "enormous implications" for the White House: a cyber-attack. That would mean not GPS spoofing, but taking over a ship’s controls. He suggested it could have been the civilian vessel that was taken over.
There were reports suggesting the Crystal may have been on autopilot when it collided with the Fitzgerald.
Keeley, who is also an expert on cyber-security, said that while a collision would be unlikely given the relatively advanced navigation system on the Crystal, that very system would be viewed by hackers as an open door into the ship’s control room. According to Keeley, a takeover of the ship's navigation is "not hard to do if you know how to do it," and the Crystal's erratic trajectory prior to impact confirms something went very wrong.
Keeley said it was easy to imagine this being a state-sponsored hack, given the relatively close proximity of the crash to places like North Korea, Iran and even Russia. There is also the fact that the Fitzgerald, a "guided missile destroyer," has been used for "intelligence gathering operations" in recent years, and was in the area for unknown reasons at a time of heightened tensions between Washington and the Hermit Kingdom.
A spokesperson for the U.S. Navy 7th Fleet, Lt. Paul Newell, echoed the sentiments of other experts. He sent Fox News an e-mail saying “while there is currently nothing that indicates a cyber-attack took place” with respect to either collision, “all potential causes will be investigated."
Newell added that cyber-attacks are one of a spectrum of vulnerabilities that all members of the fleet train to defend against.
Fox News’ Alex Diaz contributed to this report