Safeguarding the seas: technology's role in mitigating spoofing 

The practice of deceiving authorities through false identities or obscured vessel information dates back centuries, with mariners using natural flags and disguises as early as the 17th century. Over time, spoofing has evolved alongside technological advancements to continue to be a problem for modern maritime activities. 

Third-party spoofing that is caused by GPS jamming generally affects multiple vessels in a small area. It takes place via a third-party actor that broadcasts a powerful signal, which overrides information received from GPS satellites in orbit, thereby impacting vessel’s Automatic Identification System (AIS) data.  

AIS positions tend to centre on singular areas such as airports, buildings, or in some cases the middle of nowhere. So, when a third-party actor broadcasts a powerful signal, overriding information received from GPS satellites in orbit, in spoofing incidents, the vessel or aircraft can appear to be in a completely different position to where it is. This practice can serve various purposes, such as making a political statement, evading sanctions, or for piracy. For example, a spoofed position can enable the perpetrators to appear to be carrying out legitimate operations while carrying out illicit activities.  

While the practice of deceiving authorities through false identities or obscured vessel information is an age-old problem, spoofing has evolved with technological advancements, making it increasingly complex and difficult to combat. 

It’s also important to note that not all instances of spoofing are illegal or problematic. However, when spoofing breaches established regulations, it’s a compliance violation that may lead to severe consequences for all involved parties. 

Data from Kpler suggests that the top zones for AIS spoofing events include the United Arab Emirates with 14.7%, indicating significant involvement in transporting Iranian crude oil, Angola at 10.8%, primarily tied to Venezuelan crude for the receivers and Ukraine and Russia, with 7.8% and 3.9% respectively, are both involved in the illicit trade of Russian crude oil in the Black Sea. 

In recent news, there have been several incidents of GPS interference recorded in the northern part of the Red Sea over the past several months, as well as cases documented outside Jazan, Saudi Arabia and near the Yemen border within the Red Sea. What implications does this have on maritime operations? 

As geopolitical tensions continue to escalate, vessel location tampering (GNSS manipulation) and GPS spoofing has become a maritime sector problem and can have serious implications.  

For maritime traffic, spoofed signals can lead ships astray, leading to collisions or groundings. Similarly, spoofed GPS can mislead drivers, disrupt emergency services, and even manipulate location-based security systems. 

According to research by Windward AI, nearly 600 unique cases of vessel location tampering have been identified taking place globally in the last three years, with the majority (56%) occurring near Iran.  

From our data, we have identified Beirut-Rafic Al Hariri International airport in Lebanon as a common hotspot, with over 30,000 spoofing incidents this year affecting both maritime and aviation operations for our clients. “Many of the recent reported examples in the maritime space show vessels reporting positions at the airport in Beirut, instead of at Haifa port in Israel”, commented Nick Evans, Director of Product Management at Insurwave. 

“We're constantly looking at ways to correctly represent vessel positions for our clients, and we have released a new feature that can effectively detect and remove instances of spoofing from the platform.”

An example of spoofing on Insurwave's Risk Map

AIS spoofing techniques have continued to progress, seen in actions by Iranian and North Korean vessels continuing to exploit AIS vulnerabilities, taking their methods to new levels and showcasing the sophisticated capabilities of criminals and sanction evaders. More recently, the Russia-Ukraine war has caused bad actors to utilise AIS spoofing to get around regulations and sanctions on Russian oil.  

However, while the advancement of technology aids unscrupulous actors to manipulate and impact maritime operations, technology can also help to mitigate and quickly manage these incidents as they occur, ensuring minimum disruption to the affected parties.  

So, how do you combat this problem? The vastness of the world’s oceans and limitations of current sensor deployment mean that the scope of surveillance and monitoring directly is still limited.   

Lacking real-time context means that satellite images are of limited use in the swift interception of nefarious maritime activities. However, Insurwave’s platform has the ability to provide this real-time context and regularly helps Insurers navigate these rough waters and manage the disruption through a digital-first approach to risk management.  

“Despite the challenges presented by spoofing, technology is a real enabler to helping our clients manage their risks”, explained Madeline Bailey, Chief Client Officer at Insurwave.  

“Working with over 50 clients, Insurwave has built a solution to take out friction in specialty insurance, enable participants to see their live exposures on a real time basis, augmented by a team of specialists to provide additional support when these types of situations arise.”  

The solution offers smarter dynamic aggregated exposure monitoring based on declared values, contracted terms and live tracking for dynamic risks such as vessels and aircraft. Should a spoofing incident occur, clients can be notified quickly, with the ability to correct the faked position quickly to resume normal operations. 

Having worked alongside Insurwave for many years to develop the platform’s marine capabilities, Simon Lockwood,  Head of Shipowners at WTW, outlined his stance on the role technology can play in mitigating the disruptive effects of spoofing.

“With geopolitical tensions continuing to escalate, AIS spoofing has become a recurring issue for the shipping industry, with bad actors using the activity to evade sanctions and cause disruption in key waterways around the world. However, technology can also offer means to mitigate the effects of spoofing, with data management platforms like Insurwave enabling our clients to better track and quickly identify incorrect positions to minimise the impact on maritime operations.”

While technology is available to combat spoofing, there is always room for improvement. With that in mind, what does the future of spoofing mitigation look like? 

The rise in spoofing incidents highlights the urgent need for advancements in detection technologies and the enforcement of robust regulatory frameworks on AIS tracks and Global Navigation Satellite System (GNSS) as the impacts of falsified AIS data are substantial. 

Bad actors can execute various actions with serious implications. These include covert ship-to-ship transfers, altering ship courses by creating false AIS targets to obstruct their path or deploying fake V-AtoNs (Virtual Aids to Navigation) near harbour entrances to deliberately ground ships.  

However, technology like Artificial Intelligence (AI) and Machine Learning AI algorithms can help combat the problem due to their enhanced pattern recognition and adaptive adjustment. These technologies enable predictive analytics, risk minimisation, and informed real-time decision-making that are crucial in combating future spoofing threats.  

Similarly, there are initiatives that look to address the growing threat of GNSS spoofing and other cyber-attacks on navigation systems used in the maritime industry. For example, Saab and GMV are collaborating on ASGARD, an EU-funded project that aims to improve maritime security when using GNSS.  

One of the key technologies being developed is OSNMA, which provides a means of authenticating GNSS signals to ensure that they are genuine and have not been tampered with. By implementing OSNMA, navigation systems can provide more reliable and trusted positioning information to vessels, which improves safety and efficiency.

While spoofing technology continues to grow in sophistication, organisations' abilities to respond quickly to fix vulnerabilities is improving. GNSS spoofing has been a security concern for many years, and it is now beginning to significantly impact shipping. As more devices and autonomous systems depend on GNSS, more systems could be susceptible to spoofing attacks.  

However, with technology platforms like Insurwave providing the real-time context needed to respond and manage these incidents as they occur and international cooperation continues, innovative solutions alongside regulation will help curb the impact spoofing can have, ensuring participants across the insurance value chain can continue their maritime operations safely.