WAR Dozens of NATO warship positions being faked, but why?

Hfcomms

EN66iq
Alex Hollings | July 29, 2021

More than a hundred warships from as many as 14 nations may have had their locations faked on a global tracking system used to monitor maritime activity and help prevent collisions. The spoofing seems to be happening, but who’s behind it and why?



The potential for international incidents

On June 18 of this year, a system used to track the locations of vessels on the open ocean showed two NATO warships steam out of port in Odessa, Ukraine near midnight, under cover of darkness. The two ships, one British Destroyer and one Frigate from the Royal Netherlands, set course through the Black Sea to Sevastopol, the strategic headquarters of Russia’s Black Sea fleet.

Before long, the HMS Defender and HNLMS Evertsen had closed to within just two nautical miles of the Russian port, in what seemed like one of the most brazenly aggressive acts taken by NATO warships in recent memory. Parking so close to the epicenter of Russia’s military might in the region would almost certainly prompt a response. Indeed, later that same week, Russian warships would claim to fire warning shots at the very same British destroyer in the very same region.



HMS Defender (WikiMedia Commons)


Sending these ships so close to a Russian Navy base could have resulted in an even more aggressive response from Putin’s forces than warning shots. There was just one thing stopping them…

The HMS Defender and HNLMS Evertsen never actually left port.

At the time, this spoofing of the Automatic Identification System (AIS) was reported in the news, but the story quickly slipped back beneath the surf as other, more pressing, stories reached the news cycle. Soon, most had forgotten about the unusual signals seemingly sending a NATO ghost fleet straight into the heart of Russia’s regional defenses. That is, until July 29, when a joint analysis from the non-profit SkyTruth and Global Fishing Watch was released showing that this was no fluke, nor was it an accident.

In fact, they claimed to have discovered a trend of over 100 warships flagged from at least 14 different nations that have had their locations “spoofed” or faked since August of 2020. Many of these ships are European and American, but not all. In fact, at least two have been from the Russian Navy. More pressing, these fake signals often show these warships entering contested waterways or the sovereign territory of other nations.
“Analysis of tracking data from Automatic Identification System broadcasts reveals vessel locations have been simulated for a number of ships, including military vessels,” the report reads.
“This false information could compromise vessel safety, decrease confidence in a crucial collision avoidance system and potentially spark international conflict.“

Faking the location of an entire carrier strike group

warship positions

HMS Queen Elizabeth and the UK Carrier Strike Group (WikiMedia Commons)


Last September, the Royal Navy’s new flagship, the carrier HMS Queen Elizabeth, was shown on the same Automatic Identification System sailing alongside a bevy of warships from allied nations the Netherlands and Belgium. The carrier strike group, comprised of six total vessels, could be seen clearly on the publicly available tracking information heading for the Irish Sea.

But satellite imagery of their location on that day, at that time, shows nothing but waves and surf: no ships, no crews, nothing but water.

The ships being tracked by the AIS alongside the British carrier were:
  • HMS Duncan
  • HMS Albion
  • Dutch HNLMS Rotterdam
  • HNLMS Johan de Witt
  • Belgian BNS Leopold I
As you might now expect, that fleet and their entire voyage also never existed.
“This flotilla of massive warships should have made quite a striking picture on Sentinel-2 satellite imagery. However, the image coinciding with the AIS transit dates, seen below, shows none of the six naval vessels. Furthermore, several publicly posted photos and news articles show that these vessels were in port elsewhere at the time,” SkyTruth’s report goes on.
The Automatic Identification System

warship positions


Seaman Operations Specialist Jason Dailey, sector operator at the Vessel Traffic Center at Coast Guard Activities New York, Staten Island, N.Y. monitors vessel traffic in the New York Harbor (USCG photo ny PA2 Mike Hvozda)


The system being spoofed, called the Automatic Identification System (AIS), is an automatic tracking system that pulls data from transceivers installed in every ocean-going vessel. The data is collected by satellites overhead and aggregated for use in maritime safety efforts (to avoid collisions) and increasingly, to identify vessels that are violating international sanctions and the like. While this system isn’t the primary means of preventing a collision onboard most ships (collision avoidance radar fills that role), this data is widely leveraged for everything from logistics to criminal investigations.

But it would seem that someone has found a way to fool this system into seeing ships that aren’t there, even fabricating entire voyages. Bjorn Bergman, a data analyst with SkyTruth and Global Fishing Watch, first identified nine Swedish naval vessels sailing south of Karlskrona that weren’t really there on February 4 and 5 of 2021. As he poured over the data, he found an unusual pattern in the code, so he used it to create a search query to identify any other potential fakes out on the seven seas.

“The results were alarming. Nearly a hundred U.S. and European naval vessels had track segments with the same AIS pattern as the false tracks of the Swedish navy ships near Karlskrona,” he wrote.
“Over the past few months I dug into this data using all available sources to confirm vessel locations and identities. I confirmed false AIS positions for 15 navy vessels from seven countries, with many more vessels suspected of having fabricated positions.”
The nations with apparently faked warship positions include:
  • United States
  • UK
  • Belgium
  • Lithuania
  • Estonia
  • Germany
  • Russia
  • The Netherlands
Bergman used publicly available images of the ships, satellite imagery, and even formal confirmation from national navies to determine the actual location of the confirmed fakes, but confirming them all is difficult. Some ships don’t have many photos taken of them in port, or the suspected fakes are beneath a thick layer of cloud cover satellites can’t see past.

With more than a hundred potential “ghost ships” shown in AIS in recent months, Bergman has yet to find a single one with the unusual code pattern that he can prove was actually there.

It’s important to note that warships are known to turn off their AIS transponders, which makes locating them more difficult, but until recently, no one had ever spotted fake transmissions before.


Who would fake warship positions and why?


warship positions


Russia’s Pyotr Velikiy (background) escorted by HMS Dragon (foreground) off the coast of the United Kingdom (WikiMeda Commons)


Because the majority of faked ship signals seem to be from NATO nations, often showing them behave aggressively toward Russia, the inclination is to assume that Russia has a had in this effort. After all, Russia is perhaps best known in the 21st century as a Grey Zone power, often leveraging cyber campaigns and hacking to achieve their geopolitical aims.
“Confirmed and suspected false AIS segments show incursions by 11 North Atlantic Treaty Organization (NATO) and NATO allied warships into Russian territorial waters near Kaliningrad and Murmansk as well as within the disputed territorial waters around Crimea in the Black Sea,” the report states.
If indeed Russian in origin, the effort could be aimed at presenting NATO nations as aggressive, bolstering Russia’s repeated claims that accusations about the nation’s aggressive behavior, including attempted assassinations on foreign soil and the military annexation of Crimea in 2014, are more about international bullying than Russia violating international norms.

Russia has long relied on an information operation strategy known as Reflexive Control, wherein they flood the media (and now social media) with conflicting information and intentional disinformation all aimed at driving the recipient to an intended conclusion that they feel as though they arrived at organically. Russian efforts to manipulate the 2016 presidential election, as one example, has become a controversial subject in American politics, with many Republicans often downplaying Russia’s meddling and many Democrats presenting it as nothing short of a foreign-backed insurrection. The truth, however, was that Russia’s aim was less about putting Trump in the White House and more about diminishing the American public’s faith in its electoral process and government as a whole.

In that regard, one could argue that their Reflexive Control strategy was a rousing success.

The AIS system isn’t so heavily relied upon that these ghost readings could spark a war, but they are so widely leveraged that they could almost certainly be used to substantiate aggressive behavior in response to what appears to be a Naval incursion. In other words, these ghost readings could be about painting Russia as the victim of international prodding.
“We are aware of manipulation of AIS tracking data placing Carrier Strike Group vessels in areas where they were not,” a spokesperson for the UK Ministry of Defence told WIRED.
“There was no operational impact on any of the vessels, but AIS is the commercial global safety system for all marine traffic. Any manipulation could result in a serious incident.”
However, at least two Russian ships also seem to have been spoofed in the past year. That doesn’t eliminate Russia as a possibility, but it does muddy the proverbial waters.


It’s not over: The USS Roosevelt was spoofed on July 15

warship positions

USS Roosevelt (DDG 80) (US Navy photo)

We’re not talking about an isolated incident, but rather an ongoing situation. As recently as July 15, the USS Roosevelt, an Arleigh Burke-class guided-missile destroyer, was shown on AIS to be sailing into Russian territorial waters near Norway while the vessel itself was actually hundreds of miles away training with members of Norway’s Navy.

Thus far, there hasn’t been third-party confirmation of Skytruth’s analysis, and Bergman has not released the tell-tale pattern in the code he’s identified, citing concerns that the perpetrator or perpetrators will adjust their approach to eliminate his ability to track them.
So for now, at least, these digital ghost ships remain a pressing mystery–and perhaps even an international incident waiting to happen.


 

Hfcomms

EN66iq
Which probably means that a fair amount of the air traffic on the ads-b maps are faked as well, especially the military traffic. That can get dangerous though as ads-b is actually replacing some of the primary radar coverage that used to track air traffic.
 

night driver

ESFP adrift in INTJ sea
IF SO, then someone I know may have just gotten a change in priorities work order, given his expert status on International Port Security.

Hmmm.
 

bw

Fringe Ranger
Bergman has not released the tell-tale pattern in the code he’s identified, citing concerns that the perpetrator or perpetrators will adjust their approach to eliminate his ability to track them.
Ya think?
 

Hfcomms

EN66iq
I know the ads-b can be turned off by the pilots as we've seen that many times so I'm sure the shipping can turn them off as well. As far as spoofing positions it's probably a little harder but a good EW package can spoof a heck of a lot. Wouldn't surprise me in the least that vessels and aircraft are not where the maps show them to be especially when things are getting spicy in the meat world.
 

hiwall

Veteran Member
I could easily see this used by all military units of every country to try and confuse or use as propaganda or many other reasons. Spoof their own ships and planes and spoof the ships and planes of other nations for various reasons.
If I was in charge I would use this tactic on occasion.
 

Millwright

Knuckle Dragger
_______________


(snip)
According to the Manukai’s screens, another ship was steaming up the same channel at about seven knots (eight miles per hour). Suddenly, the other ship disappeared from the AIS display. A few minutes later, the screen showed the other ship back at the dock. Then it was in the channel and moving again, then back at the dock, then gone once more.

Eventually, mystified, the captain picked up his binoculars and scanned the dockside. The other ship had been stationary at the dock the entire time.

When it came time for the Manukai to head for its own berth, the bridge began echoing to multiple alarms. Both of the ship’s GPS units—it carried two for redundancy—had lost their signals, and its AIS transponder had failed. Even a last-ditch emergency distress system that also relied on GPS could not get a fix.
Now, new research and previously unseen data show that the Manukai, and thousands of other vessels in Shanghai over the last year, are falling victim to a mysterious new weapon that is able to spoof GPS systems in a way never seen before.
 

AlfaMan

Has No Life - Lives on TB
It ain't just ships and planes. GPS can be spoofed to give bad locations on buildings. It happens locally a lot-you're following directions towards a certain building and end up a mile or two from the actual location of it.
 

OldArcher

Has No Life - Lives on TB
I could easily see this used by all military units of every country to try and confuse or use as propaganda or many other reasons. Spoof their own ships and planes and spoof the ships and planes of other nations for various reasons.
If I was in charge I would use this tactic on occasion.
As in Polish forces attacking Germans, leading to WW II? Great. The fog of war takes on a new dimension.

OA
 

subnet

Boot


(snip)
According to the Manukai’s screens, another ship was steaming up the same channel at about seven knots (eight miles per hour). Suddenly, the other ship disappeared from the AIS display. A few minutes later, the screen showed the other ship back at the dock. Then it was in the channel and moving again, then back at the dock, then gone once more.

Eventually, mystified, the captain picked up his binoculars and scanned the dockside. The other ship had been stationary at the dock the entire time.

When it came time for the Manukai to head for its own berth, the bridge began echoing to multiple alarms. Both of the ship’s GPS units—it carried two for redundancy—had lost their signals, and its AIS transponder had failed. Even a last-ditch emergency distress system that also relied on GPS could not get a fix.
Now, new research and previously unseen data show that the Manukai, and thousands of other vessels in Shanghai over the last year, are falling victim to a mysterious new weapon that is able to spoof GPS systems in a way never seen before.
The newer the tech, the bigger the crutch
 

Millwright

Knuckle Dragger
_______________
The newer the tech, the bigger the crutch
We fish and area about 2400 square miles, with zero landmarks.

The productive spots are measured in square yards.

It would me almost impossible without GPS.

Back in the days of LORAN-C, you had to be good at it and practice a LOT.
 

subnet

Boot
We fish and area about 2400 square miles, with zero landmarks.

The productive spots are measured in square yards.

It would me almost impossible without GPS.

Back in the days of LORAN-C, you had to be good at it and practice a LOT.
So those spots were never fished before gps?
 

Millwright

Knuckle Dragger
_______________
So those spots were never fished before gps?
Yes...but.

There were a lot more oil rigs to triangulate from. During the reign of Zero, it was mandated that they all be cut down.

LORAN-C was the best tech available, not particularly accurate tho.

Captains had to really know how to navigate, not just drive a boat.

It gets kinda scary where the intercoastal meets the ship channel, right before the jetties. Lotsa dumbasses who don't have a clue.
 

subnet

Boot
Yes...but.

There were a lot more oil rigs to triangulate from. During the reign of Zero, it was mandated that they all be cut down.

LORAN-C was the best tech available, not particularly accurate tho.

Captains had to really know how to navigate, not just drive a boat.

It gets kinda scary where the intercoastal meets the ship channel, right before the jetties. Lotsa dumbasses who don't have a clue.
I love tech.... but man, our society has forgotten what used to be basic skills and will be seriously screwed, if they don't have a fall back to use in situations like what the op is talking about
 

northern watch

Has No Life - Lives on TB
Alex Hollings | July 29, 2021

More than a hundred warships from as many as 14 nations may have had their locations faked on a global tracking system used to monitor maritime activity and help prevent collisions. The spoofing seems to be happening, but who’s behind it and why?



The potential for international incidents

On June 18 of this year, a system used to track the locations of vessels on the open ocean showed two NATO warships steam out of port in Odessa, Ukraine near midnight, under cover of darkness. The two ships, one British Destroyer and one Frigate from the Royal Netherlands, set course through the Black Sea to Sevastopol, the strategic headquarters of Russia’s Black Sea fleet.

Before long, the HMS Defender and HNLMS Evertsen had closed to within just two nautical miles of the Russian port, in what seemed like one of the most brazenly aggressive acts taken by NATO warships in recent memory. Parking so close to the epicenter of Russia’s military might in the region would almost certainly prompt a response. Indeed, later that same week, Russian warships would claim to fire warning shots at the very same British destroyer in the very same region.



HMS Defender (WikiMedia Commons)


Sending these ships so close to a Russian Navy base could have resulted in an even more aggressive response from Putin’s forces than warning shots. There was just one thing stopping them…

The HMS Defender and HNLMS Evertsen never actually left port.

At the time, this spoofing of the Automatic Identification System (AIS) was reported in the news, but the story quickly slipped back beneath the surf as other, more pressing, stories reached the news cycle. Soon, most had forgotten about the unusual signals seemingly sending a NATO ghost fleet straight into the heart of Russia’s regional defenses. That is, until July 29, when a joint analysis from the non-profit SkyTruth and Global Fishing Watch was released showing that this was no fluke, nor was it an accident.

In fact, they claimed to have discovered a trend of over 100 warships flagged from at least 14 different nations that have had their locations “spoofed” or faked since August of 2020. Many of these ships are European and American, but not all. In fact, at least two have been from the Russian Navy. More pressing, these fake signals often show these warships entering contested waterways or the sovereign territory of other nations.




Faking the location of an entire carrier strike group

warship positions

HMS Queen Elizabeth and the UK Carrier Strike Group (WikiMedia Commons)


Last September, the Royal Navy’s new flagship, the carrier HMS Queen Elizabeth, was shown on the same Automatic Identification System sailing alongside a bevy of warships from allied nations the Netherlands and Belgium. The carrier strike group, comprised of six total vessels, could be seen clearly on the publicly available tracking information heading for the Irish Sea.

But satellite imagery of their location on that day, at that time, shows nothing but waves and surf: no ships, no crews, nothing but water.

The ships being tracked by the AIS alongside the British carrier were:
  • HMS Duncan
  • HMS Albion
  • Dutch HNLMS Rotterdam
  • HNLMS Johan de Witt
  • Belgian BNS Leopold I
As you might now expect, that fleet and their entire voyage also never existed.


The Automatic Identification System

warship positions


Seaman Operations Specialist Jason Dailey, sector operator at the Vessel Traffic Center at Coast Guard Activities New York, Staten Island, N.Y. monitors vessel traffic in the New York Harbor (USCG photo ny PA2 Mike Hvozda)


The system being spoofed, called the Automatic Identification System (AIS), is an automatic tracking system that pulls data from transceivers installed in every ocean-going vessel. The data is collected by satellites overhead and aggregated for use in maritime safety efforts (to avoid collisions) and increasingly, to identify vessels that are violating international sanctions and the like. While this system isn’t the primary means of preventing a collision onboard most ships (collision avoidance radar fills that role), this data is widely leveraged for everything from logistics to criminal investigations.

But it would seem that someone has found a way to fool this system into seeing ships that aren’t there, even fabricating entire voyages. Bjorn Bergman, a data analyst with SkyTruth and Global Fishing Watch, first identified nine Swedish naval vessels sailing south of Karlskrona that weren’t really there on February 4 and 5 of 2021. As he poured over the data, he found an unusual pattern in the code, so he used it to create a search query to identify any other potential fakes out on the seven seas.




The nations with apparently faked warship positions include:
  • United States
  • UK
  • Belgium
  • Lithuania
  • Estonia
  • Germany
  • Russia
  • The Netherlands
Bergman used publicly available images of the ships, satellite imagery, and even formal confirmation from national navies to determine the actual location of the confirmed fakes, but confirming them all is difficult. Some ships don’t have many photos taken of them in port, or the suspected fakes are beneath a thick layer of cloud cover satellites can’t see past.

With more than a hundred potential “ghost ships” shown in AIS in recent months, Bergman has yet to find a single one with the unusual code pattern that he can prove was actually there.

It’s important to note that warships are known to turn off their AIS transponders, which makes locating them more difficult, but until recently, no one had ever spotted fake transmissions before.


Who would fake warship positions and why?


warship positions


Russia’s Pyotr Velikiy (background) escorted by HMS Dragon (foreground) off the coast of the United Kingdom (WikiMeda Commons)


Because the majority of faked ship signals seem to be from NATO nations, often showing them behave aggressively toward Russia, the inclination is to assume that Russia has a had in this effort. After all, Russia is perhaps best known in the 21st century as a Grey Zone power, often leveraging cyber campaigns and hacking to achieve their geopolitical aims.

If indeed Russian in origin, the effort could be aimed at presenting NATO nations as aggressive, bolstering Russia’s repeated claims that accusations about the nation’s aggressive behavior, including attempted assassinations on foreign soil and the military annexation of Crimea in 2014, are more about international bullying than Russia violating international norms.

Russia has long relied on an information operation strategy known as Reflexive Control, wherein they flood the media (and now social media) with conflicting information and intentional disinformation all aimed at driving the recipient to an intended conclusion that they feel as though they arrived at organically. Russian efforts to manipulate the 2016 presidential election, as one example, has become a controversial subject in American politics, with many Republicans often downplaying Russia’s meddling and many Democrats presenting it as nothing short of a foreign-backed insurrection. The truth, however, was that Russia’s aim was less about putting Trump in the White House and more about diminishing the American public’s faith in its electoral process and government as a whole.

In that regard, one could argue that their Reflexive Control strategy was a rousing success.

The AIS system isn’t so heavily relied upon that these ghost readings could spark a war, but they are so widely leveraged that they could almost certainly be used to substantiate aggressive behavior in response to what appears to be a Naval incursion. In other words, these ghost readings could be about painting Russia as the victim of international prodding.

However, at least two Russian ships also seem to have been spoofed in the past year. That doesn’t eliminate Russia as a possibility, but it does muddy the proverbial waters.


It’s not over: The USS Roosevelt was spoofed on July 15

warship positions

USS Roosevelt (DDG 80) (US Navy photo)

We’re not talking about an isolated incident, but rather an ongoing situation. As recently as July 15, the USS Roosevelt, an Arleigh Burke-class guided-missile destroyer, was shown on AIS to be sailing into Russian territorial waters near Norway while the vessel itself was actually hundreds of miles away training with members of Norway’s Navy.

Thus far, there hasn’t been third-party confirmation of Skytruth’s analysis, and Bergman has not released the tell-tale pattern in the code he’s identified, citing concerns that the perpetrator or perpetrators will adjust their approach to eliminate his ability to track them.
So for now, at least, these digital ghost ships remain a pressing mystery–and perhaps even an international incident waiting to happen.


This I believe is another sign of a coming war.
 

et2

Has No Life - Lives on TB
Remembering my pilot training days learning how to navigate VFR. Using aerial maps, plotter, compass, a watch/ timer, and two eyes. Yep, lot of work managing the flight vs using electronic Navigation. But comforting knowing if something failed I was on top of it.

I always made a habit of using old fashion navigation while cross checking with the VOR’s, GPS, NDB/ADF for accuracy. During a night flight I lost all cockpit instrument lights during a long base approach to the airport. VFR training kicked in immediately and I navigated in just fine.
 

pauldingbabe

The Great Cat
So China has no involvement?

None?

Who benefits most from this practice? Have your enemies fighting amongst themselves them come in and clean up the rest.
 

Abert

Veteran Member
Remembering my pilot training days learning how to navigate VFR. Using aerial maps, plotter, compass, a watch/ timer, and two eyes. Yep, lot of work managing the flight vs using electronic Navigation. But comforting knowing if something failed I was on top of it
Even better, during my initial Army Flight training - in old Korean War era helicopters - which only had airspeed, compass, and altimeter - on long cross country flights over rural TX - if you were not 100% where you were there was always one sure fire way to ID you location. Every TX town, no matter how small, has a Water Tower - with the town name! The trick was to drop down and do a fast fly by to get the name - was a big NO NO - but better than not knowing where you were.
 

ivantherussian03

Veteran Member
Think about it…. a cheap way of dealing with overwhelming naval force…..mess with their gps systems.

when US Naval forces started having gps location issues I suspected someone was hacking the system. The history of warefare is full of cheap hacks Used against expensive weapons.
 

BV141

Has No Life - Lives on TB
Which probably means that a fair amount of the air traffic on the ads-b maps are faked as well, especially the military traffic. That can get dangerous though as ads-b is actually replacing some of the primary radar coverage that used to track air traffic.

A US Military reconnaissance aircraft was caught changing it's transponder code to a civilian aircraft last year over the China Sea. The Chinese were performing missile testing and the US Military wanted telemetry data......
 

Jaybird

Veteran Member
None of this is new. Ever since ADS-B come out aircraft have been spoofing it for the US.gov. How do you think Evergreen used to get corporate jets out of the country undetected? Besides the usual close formation with another aircraft.
 

mistaken1

Veteran Member
So China has no involvement?

None?

Who benefits most from this practice? Have your enemies fighting amongst themselves them come in and clean up the rest.
Exactly. The article blames Russia, sounds like someone cough china cough trying to goad Russia into action.

Where is china in this list .... innocently in port I am sure.

The nations with apparently faked warship positions include:

United States
UK
Belgium
Lithuania
Estonia
Germany
Russia
The Netherlands
 

Meemur

Voice on the Prairie
This is why boots-on-the-ground or speedboat-in-the-water reporting is important. Signals can be masked or faked.
 
Top