GPS JAMMING & SPOOFING: HOW TO PROTECT YOUR TIMING

VIDEO SCRIPT

--- RUNTIME: Approximately 10-12 minutes FORMAT: Technical explainer / presenter-led with graphics TARGET AUDIENCE: Network engineers, telecom operators, financial services, critical infrastructure operators

---

[COLD OPEN — 0:00]

[VISUAL: Montage of synchronized stock exchange clocks, cell towers, power grid substations, all overlaid with a GPS satellite constellation graphic. A digital clock display glitches and freezes.] NARRATOR (V.O.): Every second of every day, thousands of systems across the globe depend on one invisible signal — the timing pulse from GPS satellites. Your phone calls route through it. Your bank transactions timestamp by it. The power grid balances on it.

Now imagine that signal goes dark.

Not because the satellites failed. Because someone deliberately turned it off. [BEAT]

This is the world of GPS jamming and spoofing. And if you're responsible for timing infrastructure, it's no longer a theoretical threat. It's happening right now. [TITLE CARD: GPS JAMMING & SPOOFING: HOW TO PROTECT YOUR TIMING]

---

[ACT 1: THE THREAT LANDSCAPE — 1:00]

[VISUAL: Animated globe showing GPS satellite orbits. Red warning icons appear over major cities — London, New York, Shanghai, Moscow.] NARRATOR (V.O.): Let's start with what we're actually dealing with. GPS timing is everywhere, embedded in systems most people never think about — 4G and 5G networks, power utilities, emergency services, algorithmic trading platforms, and broadcast infrastructure. All of it relies on nanosecond-level accuracy delivered from orbit. [THREAT] But GPS signals are extraordinarily weak. By the time they travel roughly 20,200 kilometers from satellite to receiver, they arrive at your antenna at around 130 decibels below one milliwatt. That's weaker than the background thermal noise of your receiver. Your device finds the signal only because it knows the exact pattern to look for.

And that weakness is your biggest vulnerability. [VISUAL: Split screen showing a jammer device on one side, a GPS antenna on the other. Signal strength bars collapse.]

There are two fundamentally different attacks to understand, and they require very different defenses. The first is jamming. The second is spoofing. Let's break each one down.

---

[ACT 2: JAMMING TYPES — 2:15]

[VISUAL: Animated waveforms — clean GPS signal, then interference washing over it.] NARRATOR (V.O.): Jamming is the blunt instrument. It's the act of overwhelming GPS signals with radio frequency noise so receivers can no longer lock onto satellites. It doesn't require sophistication. It requires power. [THREAT] Type one: Wideband jamming. This floods the entire GPS L1 frequency band — 1575.42 megahertz — with broadband noise. Think of it as someone screaming over a quiet conversation. The signal is still there, but your receiver can't hear it. Wideband jammers can be large, high-power devices, but they're also relatively easy for regulators to detect and locate because they radiate across a broad spectrum. [VISUAL: Frequency spectrum display showing noise floor rising across the L1 band.] [THREAT] Type two: Narrowband jamming. This targets just the GPS carrier frequency or a tight band around it with a focused signal. It's more energy-efficient and harder to spot on a general spectrum sweep, but it's equally effective at denying lock. Think of it as a precisely pitched tone that disrupts one specific note in an orchestra. [VISUAL: Tight spike on a spectrum analyzer centered at 1575.42 MHz.] [THREAT] Type three: Swept jamming. Here, the interference signal sweeps back and forth across the GPS band, disrupting reception periodically. Receivers may intermittently gain and lose lock, creating erratic timing behavior. This is particularly dangerous because your system might appear to be working — until it suddenly isn't. [VISUAL: Animated sweeping signal moving back and forth across the band, receiver lock indicators flickering.] [THREAT] Type four: Pulsed jamming. Short, powerful bursts of interference that create intermittent gaps in GPS availability. These can fool some detection algorithms that look for sustained signal loss, since the receiver may think it's just experiencing brief multipath or atmospheric effects.

And here's the uncomfortable reality — cheap, handheld GPS jammers the size of a cigarette lighter pack are available online for a few dollars. Truckers use them to avoid fleet tracking. Drivers use them to dodge toll systems. A single device in a parked car near your facility can knock out GPS reception for a city block. In 2013, a truck driver's $30 jammer accidentally disrupted the GPS-based timing at Newark Airport's ground-based augmentation system. One device. One person. Widespread impact. [THREAT] Jamming doesn't need to be malicious to be devastating.

---

[ACT 3: SPOOFING — 5:00]

[VISUAL: A fake GPS signal waveform overlapping a real one. A receiver display shows a believable but wrong position and time.] NARRATOR (V.O.): Now let's talk about the far more insidious attack: spoofing.

Spoofing doesn't drown out the GPS signal. It replaces it. A spoofer transmits fake GPS signals that look authentic, tricking the receiver into locking onto a counterfeit source. The receiver believes it's receiving legitimate satellite data. The timing output looks healthy. The alarms stay silent. But the time is wrong. [THREAT] This is what makes spoofing orders of magnitude more dangerous than jamming. Jamming tells you something is broken. Spoofing lies to you and you don't even know it. [VISUAL: Dashboard showing all-green status indicators. A hidden overlay reveals the actual time has been shifted by several microseconds.] [THREAT] Type one: Meaconing. The simplest form — intercepting legitimate GPS signals and rebroadcasting them with a delay. This shifts the receiver's calculated position and time. It requires minimal technical capability and can introduce timing errors that cascade through synchronized networks. [THREAT] Type two: Individual signal spoofing. Here the attacker generates counterfeit GPS satellite signals from scratch using software-defined radios. The spoofer can craft signals with manipulated navigation data — altered time stamps, shifted pseudoranges — steering the target receiver to a specific false time or position. Sophisticated attackers will first jam the real signal to force the receiver to reacquire, then capture it with the fake ones. [VISUAL: Animation showing the sequence — jamming pulse, receiver drops lock, spoofed signal takes over, receiver reacquires with false data.] [THREAT] Type three: Composite spoofing. The most advanced form, where the attacker generates a full constellation of convincing fake satellite signals simultaneously, complete with realistic Doppler shifts and navigation messages. This can fool even receivers with basic signal quality monitoring.

In 2017, over twenty ships in the Black Sea near Novorossiysk reported their GPS receivers showed positions kilometers inland — all vessels reporting the same false location simultaneously. This was mass GPS spoofing at an industrial scale. Researchers at Stanford and Cornell have documented similar attacks against timing receivers in controlled experiments, demonstrating that nanosecond-level timing disruptions are achievable.

---

[ACT 4: DETECTION & DEFENSE — 7:30]

[VISUAL: Shield graphic assembling from multiple layers — GNSS diversity, signal monitoring, holdover oscillators.] NARRATOR (V.O.): So how do you defend against threats you can't see? Layer by layer. [TEXT ON SCREEN: LAYER 1 — MULTI-GNSS] [VISUAL: Animated constellation showing GPS, GLONASS, Galileo, and BeiDou satellites simultaneously.]

First, don't rely on GPS alone. Modern timing receivers can track signals from multiple Global Navigation Satellite Systems — GPS, GLONASS, Galileo, and BeiDou. Each operates on different frequencies with different signal structures. A jammer targeting GPS L1 won't affect Galileo's E1 signal on the same band if it doesn't match the modulation, and it certainly won't affect BeiDou's B1 signal with the same efficiency. [THREAT] Multi-GNSS receivers cross-check timing solutions across constellations. If GPS signals are being spoofed but Galileo and BeiDou agree with each other and disagree with GPS, the receiver can flag the anomaly. This isn't foolproof — a well-resourced attacker could theoretically spoof multiple constellations simultaneously — but it dramatically raises the cost and complexity of a successful attack.

Additionally, receivers that can process multi-frequency signals — L1 and L5 for GPS, E1 and E5a for Galileo — gain another dimension of protection. Dual-frequency ionospheric delay calculations become consistency checks. Fake signals that aren't perfectly modeled across both frequencies will produce detectable inconsistencies. [TEXT ON SCREEN: LAYER 2 — SPOOFING DETECTION] [VISUAL: Receiver architecture diagram with signal quality monitoring module highlighted.]

Modern receivers incorporate several anti-spoofing techniques. Signal power monitoring detects sudden increases in received power — a telltale sign of a nearby spoofer overpowering the real satellite signals, which arrive from 20,000 kilometers away at predictable power levels. [THREAT] Carrier-to-noise ratio analysis flags unnatural uniformity across satellite channels. In real conditions, different satellites at different elevations produce varying signal quality. A spoofer's signals often appear suspiciously clean and uniform.

Receiver autonomous integrity monitoring — RAIM — and its advanced cousin, advanced RAIM, perform statistical consistency checks across the full set of visible satellites. They can identify and exclude individual satellite signals that don't fit the geometric solution, catching partial spoofing attempts.

Time-differential and code-carrier consistency checks examine whether the rate of change in pseudorange measurements matches the carrier phase measurements. Spoofed signals frequently fail this test because maintaining perfect coherence between code and carrier in real-time across multiple fake satellites is extraordinarily difficult. [TEXT ON SCREEN: LAYER 3 — AUTHENTICATION] [VISUAL: OSNMA logo and Galileo signal authentication data structure.]

Galileo now offers the Open Service Navigation Message Authentication — OSNMA — which digitally signs the navigation data embedded in Galileo signals. A receiver verifying OSNMA can confirm that the navigation message genuinely originated from Galileo satellites and hasn't been tampered with. This directly counters data-level spoofing where an attacker modifies time and ephemeris information. [THREAT] GPS is developing similar capabilities through the Navigation Message Authentication concept for the M-code and future civilian signals, but widespread deployment remains years away. Today, OSNMA on Galileo is the most mature satellite-based authentication available.

---

[ACT 5: HOLDOVER PROTECTION — 10:00]

[VISUAL: Oscillator schematic — OCXO, rubidium, cesium — with a timeline showing accuracy degradation over holdover hours.] NARRATOR (V.O.): But what happens when all satellite signals are denied — whether by jamming, solar storms, or even antenna failure? This is where holdover protection becomes your last line of defense.

Holdover is the ability of a timing system to maintain accurate time using its local oscillator when the GPS reference is unavailable. Every timing-grade GNSS receiver contains an oscillator, and the quality of that oscillator determines how long you can survive without satellites. [THREAT] A standard temperature-compensated crystal oscillator — TCXO — might drift several microseconds within minutes. For most telecom and financial applications, that's catastrophic.

An oven-controlled crystal oscillator — OCXO — maintains stability in the tens-of-nanoseconds range for hours. For many applications, this provides adequate holdover protection during typical jamming events or brief outages. [VISUAL: Drift curves plotted on a graph — TCXO dropping off steeply, OCXO holding relatively flat, rubidium nearly flat for days.]

For mission-critical timing, rubidium oscillators deliver holdover measured in days or even weeks with drift rates of parts in ten to the twelfth per day. Cesium beam oscillators and chip-scale atomic clocks push this further still. [THREAT] Modern network timing architectures use cascaded holdover strategies. Primary reference clocks at the network core use GNSS-disciplined rubidium oscillators. Boundary clocks and edge devices use OCXO holdover with periodic resynchronization. If GNSS is jammed at the edge, those devices drift on their local oscillator while continuing to serve timing from their last known good state. The architecture tolerates hours of edge-level denial without cascading timing failures. [VISUAL: Network topology diagram showing cascaded clocks with holdover capability at each tier.]

Software-based holdover algorithms have also advanced significantly. Machine learning models trained on historical oscillator behavior can predict drift characteristics more accurately than traditional linear drift models, extending effective holdover duration by 30 to 50 percent in documented deployments.

---

[CLOSING — 11:30]

[VISUAL: Return to the opening montage, but now the clocks are shielded, the towers have multi-antenna arrays, and a green shield overlay appears.] NARRATOR (V.O.): GPS jamming and spoofing aren't future scenarios. They're daily occurrences documented across shipping lanes, airports, financial centers, and military zones worldwide. The tools are cheap. The impact is enormous. [THREAT] But the defenses are real, and they're available today.

Multi-GNSS diversity spreads your risk across independent constellations. Advanced spoofing detection algorithms catch counterfeit signals before they corrupt your timing. Authentication technologies like Galileo's OSNMA verify signal integrity at the source. And disciplined local oscillators with intelligent holdover algorithms keep your systems running when the sky goes dark.

No single defense is perfect. That's why the answer is layers. [VISUAL: Final graphic — concentric shield rings labeled: Multi-GNSS, Signal Monitoring, Authentication, Holdover.]

Assess your exposure. Understand which of your systems depend on GPS timing. Test your holdover duration. And build the layers before you need them.

Because the question isn't whether GPS jamming or spoofing will affect your operations.

It's whether you'll be ready when it does. [TITLE CARD: GPS JAMMING & SPOOFING: HOW TO PROTECT YOUR TIMING] [SUBTITLE: Assess. Detect. Defend. Holdover.] [END]

--- WORD COUNT: ~1,520

Need precision timing solutions? Get a quote from BRIDZA

← Back to Resources

Recommended Products