Phantom Ships Expose Weakness in Vessel-Tracking System: Freight

Phantom Ships Expose Weakness in Vessel-Tracking System: Freight

Shippers, traders and researchers monitoring global vessel traffic in the past six months might have seen an imaginary U.S. ferry sail to North Korea, a tugboat go from the Mississippi River to a Dallas lake in two minutes and the path of a fake Italian yacht spelling out PWNED — hacker slang for “defeated.” These false signals, orchestrated by Trend Micro Inc., a Tokyo-based Internet security company, were designed to expose vulnerabilities in the mandatory system used to track merchant vessels worldwide. With the network that was built to improve safety at sea unprotected against hackers, phony tracks could lead to collisions and other accidents, according to the International Chamber of Shipping, a trade association representing more than 80 percent of the fleet.International conventions require all ships to broadcast their identity, status and location to other vessels and coastal authorities. The signals, compiled by websites such as and data services including Bloomberg LP, the parent of Bloomberg News, may be used to gauge how many ships are available to load a cargo or predict trade before official figures are released. The system needs security, according to Kyle Wilhoit, a Trend Micro researcher in St. Louis.

“This would be the equivalent of a house being wide open, windows open, everything wide open,” Wilhoit said by phone Oct. 21. “We can literally move, create and modify existing boats, as well as boats that don’t even exist. Some nerd in a basement can do that.”

Formal Review

Trend Micro wants to help secure the system and is working with U.S. government agencies to bring the matter before the International Maritime Organization, the United Nations agency that oversees shipping, Wilhoit said, declining to be more specific. The IMO can’t consider the issue until a member state or organization formally presents it for review, spokeswoman Natasha Brown said by phone from London Oct. 21, declining to comment further.

Since 2004, an IMO convention required all ships to carry automatic identification systems, known as AIS. As an international standard, the actual technology isn’t owned by anyone, much like the Internet. Ships carry transponders that communicate with shore-based antennae and satellites to report their identity, position, speed and status.

Radio Interference

AIS isn’t meant to replace navigation systems such as radar, according to IMO regulations. Data are either transmitted automatically or manually entered by a ship’s captain. Authorities around the world who use the signals say they’re generally reliable: A 2011 study by the Lisbon-based European Maritime Safety Agency found that fewer than 3 percent of ships were signaling invalid identification numbers.

A disclaimer on says the site isn’t responsible for the underlying AIS data, which may be inaccurate or incomplete because of radio interference, weather conditions, incorrectly configured devices or negligent data entry by a vessel’s crew.

The signals are aggregated and made available on websites and through paid services such as IHS Inc. (IHS)’s AISLive, which shows updates every three minutes from 70,000 vessels in more than 100 countries. While that’s useful for analysts, ship owners generally resent AIS because it weakens their ability to win higher rates by bluffing about vessel availability, said Peter Sand, an analyst at the Baltic and International Maritime Council, whose members control 65 percent of the global fleet.


“Ship owners would rather be without that,” Sand said by phone Oct. 24. “With AIS available to everybody, it has limited negotiating power.”

Shipping rates have declined since 2008 because owners ordered too many vessels before the global recession. The ClarkSea Index, a measure of industrywide earnings, averaged $9,586 a day this year, tied with 2012 for the lowest since at least 1990, according to data from Clarkson Plc (CKN), the world’s largest shipbroker.

The knowledge that signals are being monitored has sometimes affected the transmissions. Ships transiting Somalia’s coast often broadcast “ARMED GUARDS” because of speculation that pirates follow the signals to target ships and won’t attack those with security details. Others misspell or abbreviate their destination, or even display “NONE OF UR BUSINESS” and “DONT BE NOSEY.” An Iranian tanker once reported its destination as “NEW YOURK” (sic), according to data compiled by Bloomberg.

Iranian Silence

Some of Iran’s fleet stopped signaling since U.S. and European sanctions started hampering the country’s oil exports last year, according to the International Energy Agency. Vessels that switch off their AIS equipment will still be seen by radar, IHS said in an e-mailed statement.

The system has no way of verifying who’s submitting data and whether the signals are plausible, according to the Trend Micro study presented Oct. 16 at the Hack in the Box conference in Kuala Lumpur.

Since shippers and traders monitor the signals to anticipate trade patterns, hackers could theoretically profit from betting on commodity or freight prices and manipulating AIS, said Roy Mason, the founder of tanker tracker Oil Movements, who has been using information from port agents, shipbrokers and AIS signals for 26 years. This would require significant effort because shipping markets are highly variable, he said.

Suspect Signals

“In order to establish that something real has happened, something significant and out of the ordinary, three to four weeks is what’s needed,” Mason said by phone Oct. 24. “One extra tanker isn’t news, but 10 is, or 20.”

Marine trackers know to discount signals that appear untrustworthy, Mason said. If data appear suspect, users should check the ship’s flag, name and identification numbers, IHS said.

The U.S. Coast Guard hasn’t received any reports of AIS hacking, spokesman Carlos Diaz said by e-mail.

AIS is vulnerable to hacking because it lacks any form of authentication or encryption, EMSA said in an Oct. 22 e-mailed statement. Updating the protocols is the responsibility of the IMO and the International Telecommunication Union, according to EMSA.

The ITU will consider enhancements to AIS at the World Radiocommunication Conference in 2015, the Geneva-based organization said in an e-mailed statement Oct. 28.

Equipment needed to transmit the false signals cost about 700 euros ($965), Wilhoit said. Trend Micro found ways to stage fake emergencies, such as a man overboard or collision warnings, he said. They didn’t attack any real vessels.

“AIS is now being used at the fringes of what it was intended for,” John Murray, marine director at the International Chamber of Shipping in London, said by phone Oct. 21. “When signals can be spoofed or inaccurate for whatever reason, inevitably this is of concern.”

To contact the reporter on this story: Isaac Arnsdorf in New York at

About bambooinnovator
Kee Koon Boon (“KB”) is the co-founder and director of HERO Investment Management which provides specialized fund management and investment advisory services to the ARCHEA Asia HERO Innovators Fund (, the only Asian SMID-cap tech-focused fund in the industry. KB is an internationally featured investor rooted in the principles of value investing for over a decade as a fund manager and analyst in the Asian capital markets who started his career at a boutique hedge fund in Singapore where he was with the firm since 2002 and was also part of the core investment committee in significantly outperforming the index in the 10-year-plus-old flagship Asian fund. He was also the portfolio manager for Asia-Pacific equities at Korea’s largest mutual fund company. Prior to setting up the H.E.R.O. Innovators Fund, KB was the Chief Investment Officer & CEO of a Singapore Registered Fund Management Company (RFMC) where he is responsible for listed Asian equity investments. KB had taught accounting at the Singapore Management University (SMU) as a faculty member and also pioneered the 15-week course on Accounting Fraud in Asia as an official module at SMU. KB remains grateful and honored to be invited by Singapore’s financial regulator Monetary Authority of Singapore (MAS) to present to their top management team about implementing a world’s first fact-based forward-looking fraud detection framework to bring about benefits for the capital markets in Singapore and for the public and investment community. KB also served the community in sharing his insights in writing articles about value investing and corporate governance in the media that include Business Times, Straits Times, Jakarta Post, Manual of Ideas, Investopedia, TedXWallStreet. He had also presented in top investment, banking and finance conferences in America, Italy, Sydney, Cape Town, HK, China. He has trained CEOs, entrepreneurs, CFOs, management executives in business strategy & business model innovation in Singapore, HK and China.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: