Could GPS Spoofing Cause Another Flash Crash?

GPS..Global Positioning System.  The term has become part of our everyday lives.  There are GPS devices everywhere – in your car, in airplanes, at the stock exchanges and even in your iPhone.  But did you ever wonder how secure these GPS devices are?  Can they be jammed or even worse counterfeited or “spoofed”?  What could happen if a GPS device was spoofed?

Well, in an absolutely riveting testimony  before a House Subcommittee on Homeland Security, Todd Humphreys of the University of Texas at Austin lets us know exactly what can go wrong with a civil GPS signal:

The problem is that the same transparency and predictability that have made civil GPS signals so wildly popular all across the globe give rise to a dangerous vulnerability. Transparency and predictability make the civil GPS signals easy to imitate to counterfeit. The fact is that civil GPS signals are like Monopoly money: they have a detailed structure but no built-in protection against forgery.”

To prove his point, Todd and a group of researchers successfully commandeered  a civil unmanned aerial vehicle (UAV) at the White Sands Missile Range with the use of a GPS spoofing device that they developed.  They proved that civil GPS is “inherently insecure and shouldn’t be trusted blindly”.

Why are we at Themis Trading talking about the hacking of a GPS receiver on a UAV?  Because GPS devices are also embedded in our financial system and a GPS spoofing scenario could cause a market disaster similar to the flash crash.  Here is what Todd Humphreys said in his testimony before the House Subcommittee on Homeland Security:

But there is one input port that the network firewalls leave entirely unprotected. An unassuming set of antennas on the roof of these data centers carry unsecured civil GPS signals directly into the core of the matching engine network. Slaved to a once-per-second synchronization pulse from a GPS- disciplined clock, the individual servers in the network apply time stamps to the trades they execute. A decade ago, a tenth of a second was an acceptable time stamp resolution. High frequency traders now demand nanoseconds.”

Now, thankfully, this is not news to the major stock exchanges.  Todd talks about how he met with senior executives from some exchanges and feels that they have taken precautions against GPS spoofing.  But there is a group of financial professionals that he feels have not taken any precautions against GPS spoofing and remain vulnerable to an attack:

High frequency traders whose servers are co-located with the matching engines at major exchanges may be more vulnerable to GPS spoofing. In the NYSE and some other exchanges, these co-located customers are offered either a timing feed from the exchanges system time or a direct feed from GPS antennas on the roof. Many co-located customers, distrustful of the exchanges system time, opt for the direct GPS feed.”

The high-frequency traders who own the servers do not like inexplicable market behavior, and unlike old-fashioned traders who are obligated to stay in the market no matter its behavior, high-frequency traders can pull the plug at any moment. In the aftermath of the May 6, 2010 flash crash, it was revealed that automatic data integrity checks in trading algorithms were configured to trigger on unusual latency in the exchanges data feeds. In other words, if transaction time stamps do not look right, algorithmic traders flee the marketplace.”

A spoofing attack that aggressively manipulated the timing in a large number of co-located servers could therefore cause a partial market vacuum, what traders call a loss of liquidity, with the result being increased price volatility and damage to market confidence.”

We wonder if our regulators are aware of this potential vulnerability in our market structure.  While we hear so much about the supposed benefits of high frequency trading (they tell us that they shrink spreads and add liquidity), we don’t often hear about the systemic risks that HFT has placed on our market.  While HFT continues to extract its ultra short term rents from the market, it also continues to layer more and more risk on the market.  You can bet that if a GPS spoofing event were to corrupt data, HFT’s would run for the exit doors quickly.  And guess who would be left holding the bag again?