By Julian Pawlak and Deniz Kocak

Piracy, armed robbery, and kidnapping continue to pose significant threats to global shipping and maritime security.¹ While the terms are frequently used synonymously, differentiation is crucial. According to the United Nations Convention on Law of the Sea (UNCLOS), piracy is defined as “any illegal acts of violence or detention, or any act of depredation, committed for private ends […] (i) on the high seas, against another ship or aircraft, or against persons or property on board such ship or aircraft [or] (ii) in a place outside the jurisdiction of any state.” Armed robbery against ships encompasses “any illegal act of violence or detention or any act of depredation, or threat thereof, other than an act of piracy, committed for private ends and directed against a ship or against persons or property on board such a ship, within a state’s internal waters, archipelagic waters and territorial sea”.²

In recent decades, piracy incidents, especially off the Horn of Africa, reached high levels, impairing regional shipping and trade from the early 2000s onward. Despite initial containment by joint international efforts, maritime security issues have increasingly drawn attention to the Gulf of Guinea. The International Maritime Bureau (IMB) Piracy Reporting Centre noted an increase from 162 incidents in 2019 to 195 in 2020, with the majority occurring in the Gulf of Guinea. In 2020 alone, 135 crew members were kidnapped in 22 separate incidents, with 95% of these kidnappings happening in the Gulf. Notably, reported incidents have declined within the following years, only to increase again in 2023 in the Gulf of Guinea. As overall numbers are constant (115 incidents in 2022, 120 incidents in 2023, 116 incidents in 2024), piracy and armed robbery remain relevant maritime security issues on a global scale. The numbers for the Gulf of Guinea developed from the high of 81 in 2020 towards 35 in 2021, 19 in 2022, 22 in 2023 and 18 incidents reported in 2024, marking a stark decrease within five years. In the past, however, international shipping companies and security analysts have raised alarms over the increasing number of incidents. These concerns led to significant actions, such as the deployment of a Royal Danish Navy frigate to the region in November 2021. However, relying solely on “piracy counting” and the “politics of numbers” to assess maritime security remain misleading. Given its multifaceted nature, addressing maritime security requires more comprehensive measures, including capacity building, training, and advising local security forces.³ These efforts involve both local and external stakeholders and are complemented by a coordinated, though voluntary, EU-Gulf of Guinea strategy and action plan. With a growing emphasis on local ownership in security policies, it raises the question of whether actors such as the European Union can or should play a long-term, sustainable role in the region.

IMB Director Michael Howlett recently highlighted concerns about the Gulf of Guinea, noting an uptick in maritime security incidents. Howlett emphasized the importance of regional ownership in safeguarding shipping and trade to counter criminal activities. Rather than simply combating piracy to stabilize Sea Lines of Communication (SLOCs) without a comprehensive plan, European nations and the European Union could assist littoral states in developing sustainable strategies to curb piracy and armed robbery in the Gulf of Guinea. The maritime sector, inherently suited for international cooperation, could benefit significantly from a broad Maritime Security Sector Reform that leverages local ownership and the existing Yaoundé architecture.

Maritime Security and Maritime Security Sector Reform

Security Sector Reform (SSR) has become increasingly important in international development assistance, policy-making, and academic circles since the late 1990s. SSR involves creating a security governance framework that adheres to democratic norms, legitimate civilian oversight, and transparent, accountable practices. A critical element of SSR is establishing a civilian oversight function over key national security institutions. Because SSR extends beyond mere technical assistance to encompass control over the use of force, a core aspect of national sovereignty, it is fundamentally political.⁴

Maritime Security Sector Reform (MSSR) aims to enhance the governance capabilities of coastal states. This initiative requires a whole-of-government approach, especially focusing on ministries handling security, economic, financial, and judicial matters due to their interrelated duties.⁵ Key actions include developing or updating codes and protocols related to maritime security and law to equip enforcement agencies effectively. Additionally, creating knowledge resources for bureaucratic staff, establishing legitimate civilian oversight, and ensuring accountability and transparency are essential to achieving effective governance and institutional performance.

In addition to strengthening institutions, traditional capacity-building measures such as providing equipment and professional training are crucial to enable security forces to respond effectively and protect maritime interests.⁶ However, focusing solely on enhancing security capabilities does not constitute a comprehensive MSSR or SSR, as it does not fully strengthen governmental capacities across all governance areas, but rather falls under traditional security assistance. This holistic model necessitates including a broad range of state and non-state actors to foster ongoing interdisciplinary and cross-departmental dialogue. Successful cooperation relies on consensus and ensures that agreed-upon rules are consistently enforced.⁷

Reforms in a country’s maritime security sector can be initiated by external organizations like the United Nations or ECOWAS, but the actual implementation and sustainability of these reforms depend on local actors. Consequently, Security Sector Reform should primarily be a local endeavor. Therefore, MSSR is not a checklist exercise but must be precisely tailored to fit the specific local and regional conditions, accurately reflecting realities on the ground.⁸ This principle of local ownership finds successful application in the Western Indian Ocean, where Alexandre demonstrates how the region evolved from externally-driven responses to African-led frameworks through the Regional Maritime Security Architecture (RMSA), illustrating how regional actors can reclaim agency in maritime governance.

MSSR as a Comprehensive Approach

Initially, piracy incidents off the Horn of Africa were mitigated through significant naval interventions, including active anti-piracy operations and the deployment of armed private security contractors aboard civilian ships. Key operations such as NATO’s Operation Ocean Shield (2009-2016), the European Union Naval Force (EU NAVFOR) Somalia (since 2008), and the multinational Combined Task Force 151 (since 2009) played crucial roles. According to Dirk Siebels, these efforts were largely successful due to “unprecedented cooperation between naval forces and the shipping industry, as well as self-protection measures of merchant vessels, including the use of privately contracted armed security personnel.” This collaboration effectively reduced piracy and kept major shipping lanes open. However, these successes were mainly addressing the symptoms of deeper issues in Somalia, then considered a failed state. The ongoing issue of illegal, unreported, and unregulated (IUU) fishing by trawlers off the Somali coast has exacerbated unemployment and corruption, complicating efforts to end piracy, according to Percy and Shortland.⁹

Overall, fragile states and poor governance typically encourage piracy, smuggling, and IUU fishing. Areas with weak or no governmental control often become safe havens and operational bases for organized crime and piracy. Thus, addressing blue crime, piracy, and maritime insecurity effectively requires tackling the underlying problems of weak statehood in coastal states.

The conditions in the Horn of Africa and the Gulf of Guinea also differ significantly. The SLOCs crossing the Gulf of Guinea, while considered less critical on a global scale than those off the Horn of Africa, still play a vital role in local and African-European trade and should not be overlooked. Furthermore, while Somalia has transitioned from a failing to a failed state, and now to a fragile state, the Gulf of Guinea features several stable countries, though some face domestic security and stability issues. Comprehensive Maritime Security Sector Reform (MSSR) is a beneficial approach to address not just piracy but also further maritime insecurities like smuggling, marine pollution, and primarily IUU- fishing. This approach involves incorporating the needs and issues of littoral countries to address the broader spectrum of security challenges.¹⁰

In African waters, as Bueger accurately advises, “many nations need support in providing maritime security, while not undermining their sovereignty and regional integration processes.” Initiatives within the MSSR framework in the Gulf of Guinea must hence be seamlessly integrated with existing local efforts, such as the Nigerian Deep Blue project and Ghana’s National Integrated Maritime Strategy. These initiatives should extend beyond basic security assistance to include cooperation with regional economic communities, avoiding duplication of efforts or the creation of isolated structures. They should also promote international collaboration in the region and with external partners, leveraging frameworks like the African Union Security Sector Policy Framework, the Yaoundé Code of Conduct, and the Gulf of Guinea Declaration on Suppression of Piracy. In the words of Vice Admiral Ignacio Villanueva Serrano, Operation Commander, EU NAVFOR Atalanta, on the role of non-African states in regional maritime security: “Effective maritime security hinges on collaboration between non-African and African stakeholders, harmonizing external expertise with regional ownership.” These measures aim to minimize complications and disputes from cooperation efforts. The European Union’s Coordinated Maritime Presence in the Gulf of Guinea serves as a foundation for enhancing maritime security cooperation under the Yaoundé architecture.

What future course to follow?

Maritime security threats extend beyond territorial waters and national borders. Thus, intensified regional cooperation is essential for addressing insecurities in the Gulf of Guinea and surrounding areas. External actors like the European Union and its national naval units could lend their expertise in coordinating efforts, and offer training and capacity-building in maritime security and anti-piracy measures. However, such measures alone are insufficient to address the range of maritime insecurities, including piracy, armed robbery, IUU fishing, smuggling, and marine pollution. A comprehensive approach is necessary for sustained success. MSSR can significantly contribute to the gradual and enduring establishment of good governance in maritime affairs, ideally fostering the development of a robust security framework tailored to ocean governance.

A major challenge in securing the Gulf of Guinea lies not just in suppressing piracy and armed robbery but also in facilitating political negotiations and establishing firm cooperation among key African stakeholders. These include the littoral states, the Economic Community of West African States (ECOWAS), the Economic Community of Central African States (ECCAS), and the European Union, which plays a supportive role in implementing sustained political reforms. The EU should seek close collaboration with local actors, stakeholders, and experts to effectively address these issues. As the region often adopts “emergency measures or policies […] to respond to the threat to the interests of external actors,” such as piracy,¹¹ external interventions should instead bolster regional leadership and local ownership. Such support could be organized through coordinated MSSR efforts and continued naval initiatives like the EU’s Coordinated Maritime Presence, aiming to foster a more stable maritime environment. The importance of this shift toward regional ownership is underscored by successful examples elsewhere in African maritime spaces. Alexandre highlights how the Western Indian Ocean transformed from fragmented responses to comprehensive African-led frameworks, demonstrating how coastal states can move from “passive observers” to active stakeholders who shape maritime governance through “soft power” approaches.

Yet, it remains to be seen whether European naval capabilities can sustain another continuous deployment in non-European waters. Maritime Security Sector Reform might thus serve as a practical solution for enhancing maritime safety, implemented in collaboration with local actors and supported by experienced external stakeholders. Furthermore, considering the “collapse of Western influence in West Africa,” the approach should balance local “African ownership” with ongoing concerns for maritime security and maintaining long-term partnerships in the region. Since “maritime security remains a global responsibility,” the EU regards maintaining stability in the Gulf of Guinea as essential for its security interests.

Julian Pawlak and Deniz Kocak are researchers at the University of the Federal Armed Forces Hamburg and its adjunct interdisciplinary Research Network for Maritime Security (iFMS). This article is part of a collaborative initiative on rethinking maritime security in the face of global strategic change.

References

1. Jacobsen, Katja Lindskov (2022): The Politics of Piracy Numbers: The Gulf of Guinea Case, in: Ruxandra-Laura, Bosilca/ Ferreira, Susana/Ryan, Barry J. (eds.): Routledge Handbook of Maritime Security, Routledge: London, 127-138.

2. IMO Resolution A.1025 (26) “Code of Practice for the Investigation of Crimes of Piracy and Armed Robbery against Ships”.

3. Christian Bueger and colleagues define maritime security as an “umbrella term” covering four main areas: national security, the marine environment, economic development, and human security. These areas are closely interconnected and impact one another significantly. This broad and holistic perspective on security emphasizes “freedom from fear” and “freedom from want,” paving the way for a comprehensive approach to security that leads to Security Sector Reform (SSR). See Bueger, Christian/Edmunds, Timothy/Ryan, Barry J. (2019): Maritime security: The uncharted politics of the global sea, in: International Affairs 95, no. 5, pp. 971-978; Bueger, Christian/Edmunds, Timothy (2017): Beyond Seablindness: A new Agenda for Maritime Security Studies, in International Affairs 93, no. 6, pp. 1293-1311; Hough, Peter (2013): Understanding Global Security, Routledge: London. pp. 9f.

4. Schroeder, Ursula C./Chappuis, Fairlie/Kocak, Deniz (2014): Security Sector Reform and the Emergence of Hybrid Security Governance, in International Peacekeeping 21, no.2, pp. 214-230.

5. Sandoz, John F. (2012): Maritime Security Sector Reform, USIP Special Report 306. Washington, D.C.

6. ibid.

7. Schroeder, Ursula C./Chappuis, Fairlie/Kocak, Deniz (2014): Security Sector Reform and the Emergence of Hybrid Security Governance, in International Peacekeeping 21, no.2, pp. 214-230; Albrecht, Peter/Stepputat, Finn/Andersen, Louise (2010): Security sector reform, the European way, in: Sedra, Mark (ed.), The future of security sector reform, Centre for International Governance (CIGI): Waterloo, pp. 74-87.

8. Donais, Timothy (2008): Understanding Local Ownership in Security Sector Reform, in: Donais, Timothy (ed.), Local Ownership and Security Sector Reform, Lit: Münster, pp. 3-17; Nathan, Laurie (2008): The challenge of local ownership of SSR: From donor rhetoric to practice, in: Donais, Timothy (ed.), Local Ownership and Security Sector Reform, Lit: Münster, pp. 19-36.

9. Percy, Sarah/Shortland, Anja (2013): Contemporary Maritime Piracy: Five Obstacles to Ending Somali Piracy, Global Policy, 4: 65-72.

10. Siebels, Dirk (2018): Ships, guns, and laws. Threats to shipping in the Gulf of Guinea and potential countermeasures, Risk Intelligence Presentation, May 2018.

11. Iheduru, Okechukwu (2023): Hybrid Maritime Security Governance and Limited Statehood in the Gulf of Guinea: A Nigerian Case Study, in: Journal of Military and Strategic Studies, Vol 22, 3, p. 148.

By Jessie Caldwell

The proliferation of spoofing techniques has diminished the value of Automatic Identification System (AIS) in the context of maritime law enforcement. The open nature of the system prevents higher levels of data security and verification, meaning spoofed and falsified information will remain difficult to prevent without changing the very foundation of AIS. Given the need for accurate data when dealing with problems like sanctions violations or illegal fishing, using AIS data only muddies the waters and makes successful enforcement more difficult. 

AIS uses very high frequency (VHF) transmissions to automatically transmit and receive vessel information.^1,2 It was designed as a safety tool to complement radio, visual, and radar navigation for collision avoidance, and the UN Safety of Life at Sea (SOLAS) Convention mandates all ships over 300 tons on international voyages and all passenger ships to maintain a functional AIS, broadcasting at all times. 

As AIS usage has increased, so have its applications. Sites like MarineTraffic and AISHub receive data from privately or publicly owned receivers and display it in real time, creating a public resource for maritime domain awareness. This data is used for cargo tracking, environmental research, search and rescue operations, sanctions enforcement, and illegal fishing investigations.^3,4 AIS has additionally become an integral element of electronic chart and display information systems (ECDIS).⁵

What is Spoofing? 

The primary threat to AIS data is spoofing. Spoofing is a cybersecurity term, describing efforts by an actor to falsely represent themselves through illegitimate data. All types of data sent by the AIS, identified by C4ADS as dynamic, identifying, and voyage information, can be spoofed.⁶ 

These threats are caused by weaknesses in the way the system generates, verifies, and transmits data. Both radio and software-based transmissions are vulnerable, but the distinction is rapidly becoming irrelevant due to software-defined radio. Traditional radio spoofing involves actors manipulating their systems to hide their identity or location while onboard. Trend Micro reported that after “purchasing a 700-euro piece of AIS equipment and connecting it to a computer in the vicinity of a port, the researchers could intercept signals from nearby craft and send out modified versions to make it appear to other AIS users that a vessel was somewhere it was not.”⁷ The cost of generating these signals is constantly decreasing. With the advent of software-defined radio, or radio that uses software instead of hardware, personal computers can be modified with a thirty-dollar piece of equipment and begin broadcasting.⁸

Software based spoofing is more versatile than radio-based. Global Fishing Watch describes the difference between software and radio frequency spoofing, “in past (radio frequency) cases, we observed vessels on the water that were broadcasting positions that corresponded to an area other than the true location of the vessel. In these new (software) examples, however, AIS tracks were present where vessels appear not to have been actually broadcasting AIS at all.”⁹ Many of the software-based spoofing exploits are caught because spoofers make identifiable mistakes. A telltale sign of software created ships are those detected outside the range of any terrestrial data receivers that could reasonably pick up their transmissions.

Bjorn Bergman, a data analyst with Global Fishing Watch, has another way of identifying digital intrusions. WIRED reported “the fake tracks were all shown as coming from shore-based AIS receivers, with none collected by satellites. Given that real AIS signals from civilian ships near the supposed warship tracks were received by satellites overhead, Bergman believes this shows the fake AIS messages were not generated by actual malicious transmissions.”⁴ The pattern in fake transmissions Bergman has identified is not public and has not been tested by outside sources, but he argues the problem is widespread:

“we don’t know how the false positions get combined with real data from terrestrial AIS antennas, though we can hypothesize that they could be produced by an AIS simulator program…While we initially thought the false data might be entering the data feed from a single terrestrial AIS station, it appears that false AIS positions were reported at a number of different terrestrial stations.”

Because of the lack of verification, it is not immediately clear where or which data is poisoning AIS feeds. This problem will only continue to develop as spoofers become more skilled in masking their activities and creating more realistic falsified data.

Illegal Fishing 

The back-and-forth between law enforcement and malicious actors is best demonstrated in illegal, unregulated and unreported fishing. Continuous enforcement at-sea presence is impractical given the sheer size of EEZ’s or restricted fishing zones, so AIS at first appears as an easy solution to tag broadcasting vessels that stray into unauthorized areas and appear to engage in fishing. However, as AIS monitoring became widespread, criminal behavior changed. To stay under the radar, vessels began to “go dark” by turning off their AIS before engaging in illegal activity. Numerous studies show fishing vessels allegedly engaging in this trick in the waters around the Galapagos.¹¹ Therefore, a vessel with a nonfunctional or intermittently broadcasting AIS transmitter, potentially indicates that it is engaging in illegal fishing, warranting further investigation. To obfuscate this, spoofing is the logical alternative. Instead of “going dark”, vessels change their digital identity.

A vessel’s AIS signature has become a increasingly relevant to law enforcement case package development, helping to identify vessels engaged in illicit activities, and tracking them through time and space. A vessel’s digital identity is primarily made up of the information transmitted by AIS. Some elements are self-reported and can be purposefully entered incorrectly to disguise illicit activity. The most important piece of identifying information is the Maritime Mobile Service Identity (MMSI) number, a unique nine-digit number assigned to a vessel. It is supposed to remain unchanged save for during reflagging.⁶ There are security measures built into the hardware to prevent tampering and digital identity fraud. In some cases, the MMSI can only be changed after entering a passcode. These passcodes, while ostensibly only known by manufacturers and authorized technicians, can be found online, allowing sailors to reprogram and change their MMSI independently.

Vessel owners can also purchase multiple AIS transponders and use them to generate new ship identities with a “clean” MMSI number to confuse authorities. C4ADS refers to these two processes as MMSI tampering, occurring “when a vessel transmits the MMSI number of another vessel or an entirely fraudulent one in order to obfuscate its identity and activities. In effect, MMSI tampering creates new digital identities that severely impair the ability of maritime authorities and other vessels to identify a vessel and monitor its movements.”⁶ As such, spoofers can now generate an entirely false vessel history or steal a clean vessel’s data. 

Sanctions Enforcement 

North Korea is well known for spoofing the identities of their vessels to make it more difficult to timely identify which ships are violating sanctions.¹⁰ The 2019 case of the Tae Yang, a North Korean-flagged vessel, demonstrates this. The ship began broadcasting its location with the MMSI number of another vessel, the Mongolian-flagged Krysper Singa, while visiting North Korea. The real Krysper Singa was around Singapore. By stealing the Krysper Singa’s digital identity the Tae Yang made it appear that the other vessel was violating sanctions and kept its own MMSI number clean. This appeared on commercial databases as a “teleporting” ship since both vessels were broadcasting the same number the ship would appear first around Singapore, then suddenly seem to teleport to North Korean waters, then back. Royal United Services Institute (RUSI) as part of its Project Sandstone series discovered that commercial AIS tracking systems automatically clean and correct data, instead of highlighting anomalies. In this case they “inadvertently and incorrectly (linked) the real Krysper Singa to sanctions violations committed by the Tae Yang.”⁹ A careful review of satellite imagery was required to correctly identify the Tae Yang as the ship engaging in ship-to-ship transfers (STS) to violate sanctions. Another North Korean vessel, the KUM RUNG 5, cycled “through around 30 different identifiers, including names, Maritime Mobile Service Identity (MMSI) numbers, callsigns, and even IMO numbers, which are meant to be unique to just one vessel throughout its lifetime. This includes the use of at least four names in 2020 alone. Because the identifiers are programmed onboard the vessel, confirming the authenticity of the broadcast is not possible without other means of verification.”¹² The Tae Yang didn’t hide the presence of a vessel at their location, but by switching their identification, made it more difficult to determine the real culprit. 

This problem extends beyond the vessel actively engaging in identity theft . Innocent third parties like the Krysper Singa are affected. Even if mariners correctly program their MMSI and other information, malicious actors can intercept and change the data from a terrestrial receiver as it is transmitted to online maritime tracking sites. 

Many tracking providers use the same data sources so a faked ship will appear on multiple maritime traffic sites.⁴ The malicious actor can therefore be on the other side of the globe from the targeted vessel, widening their reach, and achieve results similar to VHF spoofing. Hackers can intercept data packets and change a ship’s identity by changing their MMSI number, name, IMO number, and altering coordinates or headings. They can even “move” a vessel to an entirely new location. 

For example, at a 2013 hacking conference, two researchers moved a real vessel, the Eleanor Gordon, that was at the time located in the Mississippi River, to appear on a lake in Dallas.¹³ The false positions or identities generated by this type of threat are less likely to threaten vessels directly, as they rely on their onboard AIS and other methods of navigation, but they directly impact the other uses of AIS. Maritime law enforcement cannot rely on the publicly available aggregate data where these fake digital signals appear. Sanctions monitoring, fisheries enforcement, marine traffic analysis, and environmental research all rely on this data and spoofing leaves is meaningfully compromised.

Conclusion 

Under the present framework and technologies, it is extremely challenging to eliminate AIS spoofing. The system itself was not designed to pass along verified data – it was meant to be open and easy to transmit employ as a safety tool. It lacks inherent virus or malware protection, encryption, or data verification tools.¹⁴ Encryption is a potential method,¹⁵ however, as Ken Munro writes on Pen Test Partners blog,

“if nearby vessels don’t have the ability to decrypt the data, the safety benefit of AIS is lost…Finally, even if all transceivers featured and used encryption, a rogue user could simply purchase a legitimate transceiver from which to transmit tampered data.”³

Part of AIS as currently designed is that all ships can access it for safety. Attempts to limit bad actors from transmitting run the risk of preventing legitimate vessels from using AIS.

If spoofing is impossible to stop, the best option in the short term is to continue to improve detection capabilities. Machine learning and other big data tools have begun automating detecting certain patterns in AIS data that suggest activities like fishing or STS transfers and identifying vessels from vessel registry databases.⁷ Global Fishing Watch has developed an algorithm for identifying ghost ships and other researchers are developing similar programs to catch “teleporting” or identity switching vessels.¹¹ This would limit the benefits to spoofing for illicit actors, as they would no longer be able to conceal and confuse their identity as successfully.

In the long term another system could be developed to directly address the deficiencies of AIS. Navigators can use other methods to augment AIS and prevent collisions while at sea. On shore, AIS was not designed for law enforcement. There is no way of verifying data to a high enough standard while keeping the system true to its roots as a safety tool. In the balancing act of openness and security, AIS was designed to be as open and easy to access as possible. Trying to force it to be more secure lessens its applicability as a universal safety tool. 

Jessie Caldwell is a recent graduate of the George Washington University’s Elliott School of International Affairs. She holds a Masters in International Affairs, focusing on transnational security issues.

These views are expressed in a personal capacity and do not necessarily reflect the official view of any government agency.

References

1. NAVCEN. “AIS FREQUENTLY ASKED QUESTIONS.” AIS Frequently Asked Questions, U.S. Coast Guard, 17 Feb. 2022, https://www.navcen.uscg.gov/?pageName=AISFAQ. 2

2. NAVCEN. “HOW AIS WORKS.” How Ais Works, U.S. Coast Guard, 8 Sept. 2016, https://www.navcen.uscg.gov/?pageName=AISworks.

3. Munro, Ken. “Hacking AIS.” Pen Test Partners RSS, 18 Sept. 2018, https://www.pentestpartners.com/security-blog/hacking-ais/.

4. Harris, Mark. “Phantom Warships Are Courting Chaos in Conflict Zones.” Wired, Conde Nast, 29 July 2021, https://www.wired.com/story/fake-warships-ais-signals-russia-crimea/. 

5. Fisk, Samantha. “Gloves off as Criminals Move from AIS Spoofing to AIS Hacking -.” Fathom World – Shipping and Maritime Industry News, 16 Sept. 2019, https://fathom.world/gloves-off-as-criminals-move-from-ais-spoofing-to-ais-hacking/.

6. Boling, Andrew, et al. “Unmasked: Vessel Identity Laundering and North Korea’s Maritime Sanctions Evasion.” C4ADS, 2021, https://c4ads.org/unmasked. 

7. Simonite, Tom. “Ship Tracking Hack Makes Tankers Vanish from View.” MIT Technology Review, 18 October 2013, https://www.technologyreview.com/2013/10/18/82918/ship-tracking-hack-makes-tankers-vanish-from-view/. 

8. Balduzzi, Marco. “AIS Exposed Understanding Vulnerabilities & Attacks 2.0.” Blackhat.com, Black Hat Asia, 2014, https://www.blackhat.com/docs/asia-14/materials/Balduzzi/Asia-14-Balduzzi-AIS-Exposed-Understanding-Vulnerabilities-And-Attacks.pdf. 

9. “Guidance to Address Illicit Shipping and Sanctions Evasion Practices.” U.S. Department of the Treasury, 14 May 2020, https://home.treasury.gov/policy-issues/financial-sanctions/sanctions-programs-and-country-information/north-korea-sanctions. 

10. Trainer, Cameron, and Izewicz, Paulina. “Unauthorized Flags: A Threat to the Global Maritime Regime.” Center for International Maritime Security, 20 July, 2020, https://cimsec.org/unauthorized-flags-a-threat-to-the-global-maritime-regime/. 

11. “Fisheries intelligence report reveals vessel behaviors associated with spoofing activity.” Global Fishing Watch, Global Fishing Watch, 17 October 2023, https://globalfishingwatch.org/press-release/fisheries-intelligence-report-reveals-vessel-behaviors-associated-with-spoofing-activity/ 

12. Storm, Darlene. “Hack in the Box: Researchers Attack Ship Tracking Systems for Fun and Profit.” Computerworld, Computerworld, 21 Oct. 2013, https://www.computerworld.com/article/2475227/hack-in-the-box–researchers-attack-ship-tracking-systems-for-fun-and-profit.html. 

13. Bergman, Bjorn. “Systematic Data Analysis Reveals False Vessel Tracks.” Global Fishing Watch, Global Fishing Watch, 29 July 2021, https://globalfishingwatch.org/data/analysis-reveals-false-vessel-tracks/. 

14. Bateman, Tom. “Fake Ships, Real Conflict: How Misinformation Came to the High Seas.” Euronews, 28 June 2021, https://www.euronews.com/next/2021/06/28/hms-defender-ais-spoofing-is-opening-up-a-new-front-in-the-war-on-reality. 

15. Katsilieris, Fotios, et al. “Detection of Malicious AIS Position Spoofing by Exploiting Radar Information.” IEEE Xplore, 12 July 2013, https://ieeexplore.ieee.org/document/6641132.

Featured Image: A containership steaming during sunset. (Photo via Wikimedia Commons)