GPS and Wall Street
Sep 11th, 2008 by sherri
For those of you who didn’t catch the full significance of Jon Warner’s GPS Spoofing demonstration, consider that GPS timing information is crucial for the financial industry:
“Banking institutions and Foreign Exchange networks rely heavily on precision timing so a stock order placed on one side of the globe can be received almost instantly in New Yorks, Wall Street, at the same market price, without losing any valuable data along the way. Timing, synchronisation and security are paramount when dealing with digital monetary transactions, where great losses could be sustained if any data is lost, or 2 points do not synchronise simultaneously.” – Wikipedia, “GPS Timing”
For less than $1,000 of off-the-shelf equipment which fits in the trunk of a car, anyone can forge GPS timestamps. If you’re within a half mile or so of a GPS receiver that is used by the financial industry, you could cause major meltdowns that would be difficult, if not impossible, to trace. How many GPS receivers exist within a half mile of Wall Street? Good question.
Get an antenna that’s primarily sensitive upwards, and put it on the roof of your office building – chances are, it’s up there anyway so you’re not suffering from multi-path or extremely obstructed views.
For critical applications, don’t just use the GPS as the clock – build a GPS-disciplined frequency standard and use that to drive the clock. A high-quality OXCO/TXCO, rubidium or cesium standard can freewheel for quite a long time before the loss of GPS degrades its accuracy worse than what NTP over Ethernet does.
The previous article doesn’t say what kind of receivers were used – some are much more tolerant of bad signals than others. receivers designed for timing applications often have T-RAIM (Timing Receiver Autonomous Integrity Monitoring) to attempt to eliminate bad signals.
Of course, if your attacker is presenting a wonderfully consistent set of lies… you’ve got a whole ‘nother problem. It would be nice if Wall Street used gps clocks and frequency standards. It’s a never-ending source of amusement to me how many large enterprises use public ntp servers… machines with no SLA or quality guarantees.
I think I mentioned before, NIST has some new tiny clocks that are pretty good: http://tf.nist.gov/ofm/smallclock/index.htm
Easier to integrate on trader desktops/pdas/cellphones than a big ol’ cessium clock.
Many physics and astronomical observatories require high precession traceable timing for correlation and triangulation; there are a variety of GPS receiver time server products with varying degrees of redundancy; i’m pretty sure the worst an outside attacker could do would be to slowly introduce offsets on the order of a millisecond over a few hours/days, which isn’t a very dramatic attack. You could “slow down” one trading center vs. others, but that would require more sophisticated localized RF equipment.
This vulnerability is well understood and most Symmetricom cryptographic time stampers include precision clocks to counter spoofing attacks. This is one of the few success areas for GPS counter spoofing. Meanwhile, the GPS Wing and Homeland Security are pretty much asleep at the wheel regarding the need to authenticate GNSS signals for civil applications.