Ship AIS Data Spoofing in Black Sea to Draw Russian Pro-War Z Symbol

Image Credit: Geonius TM from Geollect

The UK gave today a defence intelligence update on the situation in Ukraine referring to the analysis by Geollect which indicates that since 14 May 2023, commercial vessel´s Automatic Identification System (AIS) data has been remotely spoofed to create the impression of a 65m long Russian pro-war Z symbol on the Black Sea, visible on open source tracking software.

The DefenceHQ, the official corporate news channel of the UK Ministry of Defence, said tracks making up the image suggested vessel speeds of up to 102 knots (188 km per hour), further suggesting they were fake.

“Pro-Russian actors likely conducted the spoofing as an information operation, potentially in an attempt to bolster Russian morale ahead of an anticipated Ukrainian counter offensive,” as mentioned.

And it warned: “The spoofing of AIS increases the risk of maritime accidents.”

Despite Russian virtual information operations in the Black Sea, its physical navy remains vulnerable, the UK believes.

The Ivan Khurs intelligence-gathering vessel was likely attacked on 24 May 2023, also said.

Geollect, a UK & USA market leading geospatial intelligence and data analysis firm reports that it is almost certain that many commercial vessels’ Automatic Identification System (AIS) data is being remotely spoofed to create the pro-Russian war ‘Z’ symbol in the vicinity of (IVO) Russian-occupied Crimea.

“This is highly likely a deliberate information operation by a pro-Russian actor (possibly Russian military psychological operations) ahead of an anticipated Ukrainian counter offence and/or in celebration of Russia’s proclaimed victory over Bakhmut,” mentions Geollect in its analysis.

This pattern started to emerge from May 14. Vessel speeds were recorded as high as 102 knots with no variation for tide and weather, clearly suggesting spoofing.

Geollect mentions in its analysis that the user is almost certainty using radio frequency signals to mimic a true signal, causing the signal from the vessel to display false information.

“It is almost certain that this has been done remotely without the knowledge or consent of the vessels given the disconnect between vessel types, flags, ownership, or insurers.”

Geollect warned that spoofing of AIS data increases the risk of vessel collisions and accidents operating in this area.

“It is likely this is designed to increase pro-Russian audiences’ morale, as well as antagonise Ukrainian and NATO audiences. The message seems clear: ‘Crimea is Russian’,” it argued.

Disclaimer for podcasts and articles

When you view, access or otherwise use our podcasts or articles, you acknowledge the application of this disclaimer:

Shipping Telegraph ApS provides no warranty, guarantee or representation as to the accuracy or sufficiency of the information featured in our podcasts or articles. The information, opinions, recommendations, content, etc. presented in our podcasts or articles are for information purposes only and do not constitute or replace professional advice. Any reliance you may place on the information provided in our podcast or articles is strictly at your own risk.

Unless it is specifically stated, Shipping Telegraph ApS does not approve, recommend or certify any product, process, service, organization, etc. presented or mentioned in our podcasts or articles. Any third-party materials, advertisements or content of any third-party referenced in our podcasts or articles do not necessarily reflect the opinions, standard or policies of Shipping Telegraph ApS, and Shipping Telegraph ApS cannot be held accountable hereof. Shipping Telegraph ApS is not responsible or liable for the accuracy, completeness or compliance with applicable laws of any third-party material, advertisements and content.

Shipping Telegraph ApS shall not be responsible for any errors or omissions contained in the podcasts, the articles or the website used to gain access hereto and reserves the right to make changes without notice. Shipping Telegraph ApS makes no warranty that our podcasts or articles, or the server making them available, are free of viruses, worms, etc.

Shipping Telegraph ApS expressly disclaims any and all liability or responsibility for any direct, indirect, punitive, incidental, consequential or other damages or other claims arising out of or in connection with any individual's and business entity's use of, reference to, reliance on our podcasts or articles or the information presented herein. By ticking the box, I agree with the disclaimer above.