Maritime Computer Emergency Response Team ADMIRAL dataset ADMIRAL dataset

Publicly disclosed information for this event

Index Number:
Title:
2012_006
A wide area is covered with GPS jamming impacting numerous vessels.
Day Month Year Country Activity Incident Type
28 April 2012 Korea, Republic of Defence GPS/AIS jamming/spoofing

Summary

As well as other countries, South Korea heavily relies on GPS navigation for various sectors including aviation, maritime, and road transport. The country has previously faced similar electronic disruptions in the years 2010 and 2011.

According to sources, from late April to early May, large coordinated cyber disturbances, which are believed to originate from North Korea, emitted electronic jamming signals affecting GPS navigations. These disruptions influenced passenger aircraft, ships, and car navigation systems. Signals were pinpointed coming from the direction of Kaesong, a location approximately 10 kilometers from the inter-Korean border and about 50 kilometers from key areas such as Seoul. Historical data suggests that past jamming incidents coincided with U.S.-South Korea joint military exercises and lasted for a duration of up to 10 days.

While no immediate accidents, casualties, or fatalities were reported despite jammed navigation signals affecting 337 commercial flights and 122 ships, amongst which a ferry with 287 souls on board and an oil tanker.

Victim

South Korea

Claimed/Reported Threat Actor

North Korea

Origin

Political

Main impact

Availability

References

Recommendations to Defence to reduce GPS/AIS jamming/spoofing risks:

  • Implement verification mechanisms for GPS and AIS data.
  • Use multiple sources of location (other GNSS constellation, physical checks) to cross-verify GPS/AIS information.
  • Regularly monitor for signal interference and anomalies in navigation systems.
  • Use Controlled Radiation Pattern Antennas.
  • Educate personnel about the risks and signs of GPS/AIS spoofing attacks.
  • Work with your CSIRT organization to know the geographical zones at risk.
Previous Next
Disclaimer: the data are provided as is. France Cyber Maritime and the M-CERT take no responsibility for the soundness, quality, precision, nor the eventual attribution made by the referenced URLs. We give a lot of respect and support to the victims of attacks.
Files generated on Thursday, 10th October 2024.
ADMIRAL is licensed under the Creative Commons CC-BY-NC license. Copyright © France Cyber Maritime 2024.