AIS spoofing – New technologies for new threats

The global landscape is continually shifting, and with it, the reliance on best in class technological innovations.  Businesses and organizations that want to protect their assets and operations need to ensure that they utilize the most advanced technological innovations to do so while driving efficiencies, and staying ahead of new evasion tactics, such as AIS spoofing.

The ingenuity of bad actors continually evolves as they seek new ways to exploit technological vulnerabilities in the hopes of getting away with illicit activities. 

As a result, those who need to enforce the law or protect business interests must out-wit even the most sophisticated criminals with technology, artificial intelligence (AI) and machine learning (ML). 

The technological solutions and tools businesses use must be best-in-class and flexible enough for each organization’s specific needs. The approach of ‘one solution fits all’ creates limitations ready to be exploited.

How AIS goes from friend to foe

When originally developed, the sole purpose of Automatic Identification Systems (AIS) was to enable vessels to see one another at sea, thereby avoiding collisions. With time, AIS use has evolved, and with it, the reliance vessels have on it. Today, governments and security agencies use AIS to detect and prevent illicit activities at sea, and private organizations use AIS data as a crucial element of their due-diligence process. 

Safety of Life at Seas (SOLAS) convention recognized the benefits of AIS and sought to instil AIS transmissions as a primary safety tool for all vessels.  

The new AIS requirements by SOLAS’s sought to improve authorities and other organizations’ ability to track vessels at sea by mandating the use of AIS, however, the technological capabilities and trade needs were not aligned. 

While AIS tracking is an excellent tool for visibility and avoiding collisions at sea, it was never designed as a tracking tool, nor was it created as a safety and protection solution.

AIS technology relies on radio frequency and, to some extent, manual inputting of data, it can be prone to human error or intentional manipulation. When vessels began using AIS for ship-tracking, it created an opening for criminals who realized AIS manipulations were possible and could be used to mask their location and flag. This made it easier for criminals to hide their illicit activities in plain sight. 

The use of AIS for a purpose it was not designed for grew, and bad actors continued to choose AIS manipulation for their deceptive shipping practices, creating a new term – AIS spoofing. 

An industry shift in technological needs 

With time, organizations increased their reliance on AIS, using it as a crucial element of their compliance process. As this happened, bad actors developed new and sophisticated ways to manipulate AIS and hide their illegal operations and increase the sophistication of AIS spoofing. 

Following the 2012 sanctions placed on Iran, AIS manipulations rose drastically, creating a new wave of problems for enforcement agencies. Iranian tankers, no longer able to enter international ports, simply changed their flags and entered international ports under false pretense. This brought to light the ease with which bad actors could manipulate AIS data as well as the growing need for alternative monitoring and security tools.

The case that changed an industry 

The Yuk Tung vessel spoofed AIS entirely when it transmitted under a Panamanian flag, using the vessel name Maika, and altered its course and destination. This was brought to light on November 11th 2018, after a suspicious ship-to-ship transfer between the Yuk Tung and the Ocean Explorer in October 2018. 

During the time of the deception, and over the course of several months, the vessel legally authorized and registered a Comoros-flagged vessel, the Hika, under the same IMO as the Maika. The two vessels were sister ships, built in the same year, by the same manufacturer, with the same specifications and profile, however, during this time, the Hika was actually over 7,000 miles away, and the Maika (aka Yuk Tung) was deceiving authorities under the Hika’s name, making this a complex and never-before-seen AIS spoofing case.

AIS spoofing progressed as Iranian and North Korean vessels continued exploiting AIS vulnerabilities, taking their methods to new levels and showcasing the sophisticated capabilities of criminals and sanction-evaders.  

The rise in AIS spoofing highlights the need to adopt the latest technologies as it will enable the full view of what is going on at sea, before it happens.

Combating crime with advanced AI & ML

Cases such as the Yuk Tong and Su Ri Bong brought to light the fact that AIS regulations and advisories alone cannot stop criminals. Businesses need technology and the latest in predictive intelligence to stay ahead of the game.

To protect themselves from AIS spoofing and other types of AIS manipulations, government agencies and private businesses need to know more about vessels they engage with, and they need that information to be accurate, constantly updated, and easily accessible.  Simply stated, they need to be able to see beyond what is in plain sight, and specifically, beyond what AIS transmissions alone provide.

Combining advanced artificial intelligence (AI) and Machine Learning (ML) with AIS data can provide the crucial additional layers of intelligence needed to enhance the understanding of data and identify potential bad actors at sea.  While a vessel may be spoofing AIS and masking its location, it will not be able to hide all of its information. 

That is where AI and ML can provide critical insights on the behavior of vessels, recognizing if the information put into AIS systems matches the historical data of thousands of other vessels. In doing so, AI and ML can actually bring to light instances of spoofing, helping governments and enforcement agencies prevent illicit activities, and providing private organizations the assurance that they are not engaging with vessels that are up to no good. 

Maritime intelligence solutions can further enhance the knowledge by fusing multiple data sources together. Doing so enables accurate behavioral analytics, smart risk analysis, and improved capabilities, thereby enabling decision-makers to easily determine which vessels require further investigation and which can be cleared.

Shifting from reactive to proactive 

As bad actors continue to evolve, data continues to amass, and businesses increasingly need accurate in-depth intelligence, there is a global shift in the way organizations operate, specifically regarding a shift from reactive to proactive. 

In the maritime industry, the reliance on AIS transmissions for protection forced agencies and organizations to understand events in hindsight. When new technologies are brought in to protect operations and improve risk and compliance, it is possible to shift to a proactive approach, improving the ability of an organization to protect itself and retain business readiness at all times.

As bad-actors continually seek new ways to engage in AIS spoofing and exploit vulnerabilities, any business looking to protect its assets must stay one step ahead of the game; that means having the best technology do what it was designed to do, and having the right tools at hand to keep any unwanted players out of their waters.

Incorporating maritime intelligence solutions now can provide game-changing information about the seas, making it easier to deter bad actors and to avoid engaging with sanctions-violating entities. When backed by the best technology, the seas, and the world, can become a safer place for all.