In June 2017, a coordinated GPS spoofing attack disrupted the Automatic Identification System (AIS) of at least 20 commercial ships near the Novorossiysk Commercial Sea Port, falsely relocating their positions to Gelendzhik Airport, 32 km inland. The attack was widely attributed to Russian electronic warfare testing, likely part of broader cyber-electronic operations to obfuscate high-profile movements (e.g., Putin’s travel routes) and protect sensitive military or governmental zones.The incident posed severe risks to maritime navigation safety, potentially causing collisions, groundings, or operational chaos in a critical shipping corridor. While no direct physical damage or data breaches were reported, the attack demonstrated vulnerabilities in global satellite navigation systems, which are foundational to transportation, logistics, and defense infrastructure. The deliberate manipulation of GPS signals an act of state-sponsored cyber-electronic warfare highlighted the potential for escalatory cyber-physical threats, including disruptions to supply chains, economic stability, and geopolitical tensions. The attack’s scale and precision suggested advanced capabilities in signal jamming/spoofing, raising concerns about future targeting of civilian infrastructure, military operations, or even aviation systems in contested regions.
Source: https://www.wired.co.uk/article/black-sea-ship-hacking-russia
TPRM report: https://www.rankiteo.com/company/novorossiysk-commercial-sea-port-pjsc-nmtp-
"id": "nov857092125",
"linkid": "novorossiysk-commercial-sea-port-pjsc-nmtp-",
"type": "Cyber Attack",
"date": "6/2017",
"severity": "100",
"impact": "8",
"explanation": "Attack that could bring to a war"{'affected_entities': [{'industry': 'Transportation/Logistics',
'location': 'Novorossiysk, Russia (Black Sea region)',
'name': 'Novorossiysk Commercial Sea Port',
'type': 'Maritime port'},
{'industry': 'Maritime',
'location': 'Black Sea near Novorossiysk',
'name': 'At least 20 ships (unnamed)',
'type': 'Commercial and possibly military vessels'}],
'attack_vector': 'Satellite signal manipulation (GPS spoofing)',
'date_detected': '2017-06',
'date_publicly_disclosed': '2017-06',
'description': 'In June 2017, at least 20 ships in the Black Sea near '
'Novorossiysk Commercial Sea Port reported that their '
'Automatic Identification System (AIS) incorrectly displayed '
'their position as Gelendzhik Airport, about 32 kilometres '
'inland. The incident was speculated to be caused by Russian '
'testing of satellite navigation spoofing technology as part '
'of its electronic warfare capabilities, potentially to '
'protect President Putin and obfuscate his movements, as well '
'as to safeguard secretive Russian areas.',
'impact': {'operational_impact': ['misrouted ships',
'navigation confusion',
'potential safety risks for maritime '
'traffic'],
'systems_affected': ['Automatic Identification System (AIS)',
'GPS navigation systems']},
'initial_access_broker': {'entry_point': 'GPS signal transmission '
'interference',
'high_value_targets': ['maritime navigation systems',
'potential protection of '
"Putin's movements"]},
'investigation_status': 'Speculative; attributed to Russian electronic '
'warfare testing based on circumstantial evidence and '
'expert analysis.',
'lessons_learned': 'Highlighted vulnerabilities in GPS-dependent systems to '
'spoofing attacks, emphasizing the need for backup '
'navigation methods and signal authentication in critical '
'infrastructure.',
'motivation': ['geopolitical', 'military testing', 'operational security'],
'post_incident_analysis': {'corrective_actions': ['Adoption of multi-layered '
'navigation systems (e.g., '
'inertial + celestial + '
'GPS).',
'International cooperation '
'to detect and mitigate GPS '
'spoofing.',
'Development of '
'spoofing-resistant GPS '
'technologies.'],
'root_causes': ['Inherent vulnerability of '
'unencrypted GPS signals to '
'spoofing.',
'Lack of alternative navigation '
'systems in affected vessels.',
'Geopolitical tensions enabling '
'state-sponsored electronic '
'warfare testing.']},
'recommendations': ['Implement GPS signal authentication protocols (e.g., '
'encrypted military-grade signals).',
'Develop redundant navigation systems independent of GPS '
'for maritime vessels.',
'Enhance monitoring for anomalous GPS behavior in '
'high-risk geopolitical regions.',
'Conduct regular electronic warfare drills for maritime '
'and aviation sectors.'],
'references': [{'source': 'C4ADS (Center for Advanced Defense Studies)',
'url': 'https://c4ads.org/reports/'},
{'source': "BBC News - 'Black Sea GPS spoofing' mystery solved",
'url': 'https://www.bbc.com/news/technology-40412353'},
{'source': 'The Drive - Russia Appears To Be Spoofing GPS '
'Signals In The Black Sea',
'url': 'https://www.thedrive.com/the-war-zone/12558/russia-appears-to-be-spoofing-gps-signals-in-the-black-sea'}],
'threat_actor': {'affiliation': 'Russian electronic warfare units',
'motivation': ['protection of high-value individuals (e.g., '
'Putin)',
'obfuscation of movements',
'securing restricted areas',
'testing electronic warfare capabilities'],
'name': 'Alleged Russian state actors'},
'title': 'Black Sea GPS Spoofing Incident (2017)',
'type': ['GPS spoofing', 'electronic warfare', 'navigation disruption'],
'vulnerability_exploited': 'Lack of encryption or authentication in GPS '
'signals'}