Safety Detective’s Aviva Zacks caught up with Roi Mit, CMO of Regulus, and found out how his company is protecting drivers from dangerous GPS spoofing.
Safety Detective: How was the idea for Regulus born?
Roi Mit: It was during a project that co-founders Yonatan Zur and Yoav Zangvil worked on together in the defense industry. This project is related to autonomous systems and when you design autonomous systems, you always have to take cybersecurity into consideration. One of the most common aspects of both attacking and defending against different systems, especially autonomous ones, is attacking the sensors because the sensors are the eyes and ears of every machine. In the military, this is called electronic warfare and you have both defense and offense research around it. They worked on a project where they had to develop different protection methods for autonomous systems and the defense industry, and they realized this field is well addressed in the military industry but extremely lacking in the civilian market. The civilian market has been quick to adapt autonomous technologies in multiple industries from ships to airplanes and even vehicles and drones but all of them are completely unprotected.
They anticipated that similar threats that military systems face today can be potential threats that the civilian systems will face in the near future. So, that’s how the idea to create a sensor cybersecurity company came to be, with the main focus to be protecting satellite navigation (GPS) systems commonly used in civilian systems.
SD: Can you explain what spoofing is?
RM: Every single system today that navigates is utilizing satellite navigation, also known as GPS. This space-based signal is utilized globally to find a location or plan a route. Spoofing is sending out a fake satellite signal that looks identical to the real one coming from space but with stronger power and then your target locks on to the attacker instead of locking on to the satellites from space. And then the attacker has full control over the target’s location and additional information such as altitude, speed, and even time. Once an attacker has control over all of this input then he has control over the entire system which is called spoofing the system.
SD: How does Regulus protect its customers from spoofing? Can you explain that a little deeper?
RM: The essence behind spoofing is sending fake satellite signals. Usually, you transmit signals that are identical to the ones coming from space with a stronger power. The way a GPS receiver works is quite simple. It always locks on to the strongest satellites to give you an accurate location and time. If a hacker transmits fake satellite signals that are stronger, the receiver will simply lock on to him. It’s a very simple method of gaining the trust of the system and then they can slowly start transitioning the location, time and speed and the altitude of their targets.
Regulus created smart algorithm software that you install directly on the GPS receiver and that software enables the receiver to become smart enough to differentiate between the real signal coming from space and the fake signal coming from earth or any attacker. It has to do with very specific properties that the signal that comes from space has that cannot be replicated here on earth. Using those characteristics, the Regulus algorithm can differentiate between a real signal and a fake signal.
SD: What are some industries that use Regulus’ technology and why specifically them?
RM: The company started off as drone cybersecurity. If you spoof a drone and take control of the GPS system, as I mentioned, you can also determine the altitude and that gives you the ability to either crash or hijack a drone. There have been several instances in the past few years where military drones were hijacked using the GPS spoofing or civilian drones crashing because of spoofing. And that’s why we decided to start with that industry. The drone industry is still mostly recreational, and its scale is too small to invest in cybersecurity solutions. The commercial drone usage is growing much slower than anticipated. The company decided to explore other industries that utilize GPS and discovered that GPS is at the core of multiple technologies across the globe. For example, we found out there is a GPS receiver on every cellular antenna. Even though they are stationary, they still gain accurate time from those GPS satellites because each satellite has its own atomic clocks.
For example, when you fly to another country and you regain a connection. You will get the accurate time from those satellites, from those cellular antennas. If someone is spoofing a cellular antenna, it can change the time of that antenna and that can result in the crash of the entire network because there is a mismatch between that antennas, time and everyone else antennas. Another industry that has gained a lot of interest in cybersecurity, specifically for GPS, is automotive. Every single car produced in 2019 that we know of already has a GPS embedded inside of it. It’s the law in the European Union, for example, it requires every car to be equipped with a GPS receiver because when a car has an accident, it automatically transmits the location to the nearby law enforcement to reach the location of the incident faster.
However, it has opened a completely new attack vector against all of those cars and other automotive companies are now looking to fortify their GPS receivers against spoofing. In July, we had published very important research that went viral. It’s about an experiment we did on the Tesla Model 3 in which we spoofed the GPS system and in doing so, we managed to make the car accelerate, decelerate, turn off in the highway and even turn into the opposing lane into oncoming traffic. By taking control of the car’s location, it provided us with a very frightening yet important sneak peek into the future in which every car is utilizing a GPS for more than just navigation.
SD: What do you feel is the number one threat in cybersecurity today?
RM: I would say the current threat and we can already see that is the connected threat. Right now, the connection to the internet which is another attack vector is the current rising threat and there’s a lot of companies trying to address and solve that issue. I anticipated that just like it took almost 10 years to evolve to a level where internet-based attacks are occurring every hour. This will be a similar situation we face GPS or sensor attacks because those are new attack vectors that currently completely unsecured. It’s only a matter of time until perpetrators will find them and abuse them.