The emergence of GNSS manipulation
In April 2021, Windward uncovered the first known case of orchestrated Global Navigation Satellite Systems (GNSS) manipulation off the Caribbean Islands. This discovery is a landmark moment in global maritime security, signaling that bad actors have now attained technologies and know-how enabling them to co-opt electronic warfare manipulations that up until now were only in the hands of states.
Upon discovery of the BERLINA, a tanker confirmed to have visited Jose Oil Terminal by Vortexa, and with separate physical confirmation of it loading sanctioned crude oil by TankerTrackers.com, Windward launched an inquiry into its behavioral profile. However, on casual examination, the vessel appeared to show a steady AIS transmission profile, indicating that it arrived in the area empty, drifted for an extended period of time just outside of Venezuelan waters, and left the area reporting to be full without calling on any port.
Observing these two diverging tales of reality, it was blatantly clear that the BERLINA’s AIS transmission profile was misleading.
Calling the bluff
Upon widening our anomaly identification parameters, it became plain that the BERLINA’s drifting pattern was not only anomalous but impossible, exhibiting a 180° turn in under 2 minutes.
This behavioral indicator was then scaled and uncovered a fleet of 10 crude oil tankers exhibiting similar drift patterns offshore the Caribbean island nations of Grenada in the South to the Virgin Islands in the North. Additionally, the vessels all drifted in a north/south pattern, and all had a draft change indicating they were loaded during the said drifts.
The players are going all-in
Not only was this GNSS manipulation orchestrated technologically, but the players involved went to lengths to create ownership and identity covers for the vessels. According to the Windward ownership repository, these vessels are heavily connected through at least one of the 7 levels of ownership.
- At least 5 of the vessels are connected to the same shipping company based in Greece.
- The rest of the companies are all owned and managed by sketchy companies with no addresses or obscure information based in either Greece or Cyprus.
Furthermore, all 10 vessels are sailing under the flag of Cyprus. The registration with this flag took place shortly prior to the described behavior, indicating a correlation between the flag change and the manipulation.
Bots at the table
The BERLINA fleet marks the first known instance of orchestrated GNSS manipulation. But discovering a new deceptive shipping practice typology and new levels of sophistication on the part of bad actors is only the tip of this iceberg.
The know-how gained from The BERLINA anomaly has enabled Windward to develop location tampering typology to proactively identify GNSS manipulations. Leading to the discovery of multiple instances throughout the globe, all leveraging machine-generated GNSS manipulation to transmit a different location than their real whereabouts.
Stop betting blind
It is critical to recognize that location tampering is much more than an additional Deceptive Shipping Practice; it’s a whole new ballgame. Bad actors are now taking advantage of advanced technologies to cover their tracks, and it is no longer conceivable to argue that standard maritime tracking technologies can be used to monitor DSP activity. This new tactic destabilizes the integrity of the data we all rely upon to ensure navigational safety at sea and even more disturbingly threatens national security across the globe.
Typologies like location tampering epitomize why we build Windward Maritime AI. We’re not developing tools just for the regulations and sanctions of today but the security, governance, environmental, and safety that organizations and governments need to protect against 10, 20, 30 years from now.
Book your demo and see how maritime AI can help your organization detect GNSS manipulation at scale