A loss of GPS coverage in Norway and an outage in cellular and emergency cellular services in Latvia, both are part of a growing and worrying trend of reported electronic warfare, as well as cyber attacks, in and around NATO member states in Europe. The incidents both occurred during the largest Russian military exercises in years, suggesting that the Kremlin may have used these drills to more actively demonstrate its expanding hybrid warfighting techniques, all of which offer ways to harass the alliance and other countries with relatively little risk of setting off an actual conflict.
On Aug. 30, 2017, Latvia experienced a major cellular network outage in the western portion of the country, which sits along the Baltic Sea. Another incident, where the country’s 112 emergency telephone hotline, equivalent to America’s 911, was out for approximately 16 hours, occurred on Sept. 13, 2017. In between, on Sept. 7, 2017, commercial aircraft flying over Norway’s East Finnmark district reported a complete loss of GPS signal over a prolonged period.
“Our authorities are analyzing a pattern of communications disruption that appears to have originated during the Zapad exercise,” Latvian Foreign Minister Edgars Rinkevics said in October 2017, adding that the country’s intelligence services were investigating the apparent electronic attacks, according to The Washington Post. “This was a demonstration of muscle. This was not defensive but offensive.”
The Russian military holds the Zapad military maneuvers together with Belarusian forces every four years. Though the Kremlin insists the overarching scenario across the Western Military District is always defensive in nature, NATO sees the drills, the name of which translates literally as “West,” as a show of force along the land and sea boundaries with both the alliance and its non-member European partners, namely Sweden and Finland.
Moscow said the 2017 iteration involved approximately 13,000 troops from Russia and Belarus. The Russian military conducted a number of other exercises elsewhere in the country during and after, including another major annual exercise involving the country’s Strategic Missile Forces.
Still, Rinkevics suggested that Latvia might have actually been an inadvertent victim of a Russian electronic barrage pointed at Sweden’s Öland Island, which sits opposite Latvia across the Baltic Sea. Similarly, the Norwegian Intelligence Service, a military intelligence arm also known as the Forsvarets Etterretningstjeneste or E-tjenesten, did not believe that the GPS jamming was directed at the country specifically, according to the country’s state-run NKR radio service. East Finnmark is situated along the border with both Finland and Russia.
That even state intelligence services have had difficulty in determining the source of the jamming and whether or not it was deliberate, highlights how effective these tactics can be even during an uneasy peace. With electronic and cyber assaults, Russia has found an effective way to disrupt the military and government activities of its regional opponents while maintaining a surprising amount of plausible deniability.
Regardless, that the Russian military’s electronic warfare, cyber attacks, and other hybrid capabilities might have been part of Zapad 2017, which officially ran from Sept. 14 to 20, is hardly a surprise. For years now, the Kremlin has been focusing on expanding its ability to conduct these types of operations, in no small part as a means offsetting its limited ability to field expensive advanced weapon systems. Russia’s forces have a wide array of ground and aerial electronic warfare systems mounted on variety of wheeled and tracked vehicles, aircraft, and unmanned aircraft.
“Because of maneuver warfare’s reliance on communication, Russia has invested heavily in electronic warfare systems which are capable of shutting down communications and signals across a broad spectrum,” the U.S. Army’s Asymmetric Warfare Group warned in a handbook it published in December 2016. “The Russians layer these systems to shut down FM, SATCOM [satellite communication], cellular, GPS, and other signals.”
And whether it was deliberately targeted toward them or not, what the Latvians and the Norwegians reported is well in line with these core Russian military capabilities. Russia’s electronic warfare troops could easily have established positions along the country’s western borders, nominally for mock attacks within their own territory, but knowing full well that the range of the systems meant they would have an observable real world impact.
Though there are well established reports of Russian troops using electronic warfare and cyber attacks in Ukraine and Syria, the Kremlin would be understandably eager to gather information about how its systems perform against countries, especially NATO members, with more technologically advanced communications and navigation networks. Zapad 2017 would have provided an ideal opportunity for such tests.
There is evidence that Russian military and intelligence services have already been probing NATO members’ responses to these capabilities. Earlier in October 2017, American and other alliance troops in the Baltic States – Estonia, Latvia, and Lithuania – and Poland revealed they had been the victims of a variety of cyber attacks against their cell phones and social media accounts. Hackers combed through personal details, deleted contacts, uploaded songs, and remotely triggered software. After the breaches some service members reportedly had interactions with apparent Russian agents who knew a worrying amount of information about them and their families.
This mirrors reports from Ukraine, where Russian-backed separatists have apparently begun to use data gathered from cyber attacks to threaten individual Ukrainian troops, their significant others, and their children. “Tactics such as this can have a tremendously negative psychological impact on young soldiers that are out of direct contact with their loved ones,” the Asymmetric Warfare Group noted in their December 2016 handbook.
The potential for these types of attacks to significant disrupt both military and other activities is obvious. Knocking out cell phones during a crisis would slow the ability of a country’s authorities to disseminate important information to its citizens. Preventing people from calling for help, especially if coupled with attacks on critical infrastructure or even a natural disaster, could be devastating.
The U.S. Army’s Asymmetric Warfare Group, which has the task of researching emerging threats and ways to defeat them, says similar attacks on military communications infrastructure could easily cripple a mission. The same goes for GPS, which American forces rely on not only for getting from point A to point B, but also for directing precision guided munitions.
GPS disruption isn’t limited to jamming, either. There are increasing reports that the Russians have been expanding their ability to spoof the system’s signals, point receivers at the wrong locations. In June 2017, we reported on the U.S. Maritime Administration’s report about such incidents in the Black Sea in which ships’ navigation equipment was showing their location miles inland. Other reports of location errors had earlier cropped up in Moscow among players of the popular cell phone game Pokemon Go, which relies on a mobile device’s GPS-enabled location services.
“The U.S. reliance on robust communication infrastructure and GPS navigation means that a sudden interruption of this capability, even for a short duration, can be disastrous to an operation,” the Asymmetric Warfare Group’s December 2016 manual explained. “Even combat and fire support would prove to be a problem due to the possibility of fratricide, especially if close to Russian front line positions.”
After the Black Sea reports appeared, The War Zone’s own Tyler Rogoway explained in detail how spoofing could be even more dangerous than just knocking out the signal, writing:
Advanced guidance and navigation systems, like those found on aircraft and in most GPS-guided weapons, use inertial navigation with embedded GPS. System software loaded onto the INS/GPS guidance system uses algorithms to detect discrepancies among various steams of information. This way the system can place less priority on one stream of information, say from a malfunctioning ring-laser gyro or GPS receiver, than others. Or it can discount that steam entirely if it starts straying far from the consensus of the others. This way a navigation system that suddenly loses a component due to failure or has one of its data streams deviate for other reasons won’t simply stop working.
For instance, if the GPS telemetry suddenly leaps miles away, the navigation system may “vote out” the GPS information entirely. The system will be less accurate overall because of it, but it will still function. As an example, take a Joint Direct Attack Munition, the most common guided bomb used by the USAF, which uses GPS and INS navigation. If the system suddenly loses GPS connectivity during its attack sequence, INS will take over, but the bomb will be substantially less accurate than it would have been with both GPS and INS working together as a team.
But spoofing isn’t as simple as telling a GPS receiver it is somewhere totally different than where it really is. By broadcasting false GPS data that slowly changes over time, navigational systems with GPS and INS may not “throw out” the GPS data so soon, or at all for that matter. Over time this could result in vehicles going far off course or even running into shores, mountains or even other vehicles without warning. Some say this is how the Iranians brought down the RQ-170 Sentinel drone in a relatively intact state in late November 2011, although this remains highly debatable.
Even if the spoofing doesn’t have any immediate effects, the knowledge that it is or could be occurring could easily lead to a loss of confidence in those systems, as well. Commanders may be more hesitate to employ a GPS-directed bomb or rocket, especially near friendly forces, if there is any concern that it could fall on the wrong target due to jamming or another form of electronic warfare. This in turn could greatly limit the fire support options available to American forces or their allies.
It’s one of the reasons why the U.S. military as a whole is becoming increasingly interested in guided weapons that still work in “GPS-denied” environments, as well as re-emphasizing basic map-and-compass land navigation skills. In June 2016, the U.S. Navy conducted an apparent test of what a major GPS outage might look like for American forces.
There is even an indication that the American forces are beginning to be increasingly interested in developing their own so-called “navigation warfare” capabilities, which is defined, in part, as “degrading, disrupting, or deceptively manipulating PNT [positioning, navigation, and timing] transmissions,” according to one official U.S. Central Command regulation we obtained via the Freedom of Information Act. Just on Oct. 13, 2017, the U.S. Navy announced it would pay Northrop Grumman nearly $8.9 million to devise and install an unspecified navigation warfare system onto some of the service’s E-2D Hawkeye airborne early warning and control aircraft.
We don’t know when that equipment will be ready or whether the service plans to make the modifications across the Hawkeye. Navigation warfare also encompasses methods to defend against jamming or spoofing, so it is possible this equipment will protect the radar planes rather than offer a means for attack opponents. Either way, its another indication of the growing importance of the issue.
It is increasingly obvious that the Russian systems. and the threat they pose, are out there now, though. They also offer the Kremlin a relatively low risk means to probe or otherwise harass its opponents without touching off an actual conflict, as is the case with cyber attacks, since it can be difficult for authorities to isolate the source of the jamming or spoofing and the actual intent.
As with cyber breaches, it seems likely that reports of these types of electronic disruptions in NATO countries and the alliance’s non-member partners in Europe, will increasingly become the norm, whether or not the attacks are deliberate or not.
Contact the author: joe@thedrive.com