Gray Zone Tactics Playbook: Spoofing

~ Trần Đình Hoành

Spoofing is the act of deceptively and deliberately falsifying a vessel’s AIS identifying information or location.

Gaute Friis | SEPTEMBER 3, 2023

Gray Zone Tactics Playbook: Spoofing
A China Coast Guard (CCG) cutter transmits fraudulent AIS signals to nearby vessels, appearing as a fishing boat on their monitoring equipment (Credit: Gaille Powell).

Gaute Friis

Analyst

Spoofing is a deception tactic meant to disrupt monitoring of maritime activities. It is frequently employed by Chinese gray zone actors in the South China Sea. In contrast to the “going dark” tactic of simply disabling a vessel’s Automatic Information System (AIS) broadcast, the spoofing tactic involves manipulating transmitting signals in order to falsify a vessel’s identity and/or location.

Spoofing has come to be used as an umbrella term that encompasses a range of AIS-tampering techniques. We divide these techniques into three primary buckets:

  1. Identity spoofing, or continuously broadcasting false vessel information.
  2. Identity switching, or temporarily changing vessel information when conducting certain activities. 
  3. Location spoofing, or embedding false GPS location data within a vessel’s AIS transmissions. 

Valid AIS identities for spoofing purposes can be acquired by various methods, such as simply assuming the identity of another operating vessel (“identity theft”) or the identity of a scrapped (“zombie”) vessel. A gray zone actor may also switch to a fraudulently obtained IMO-registered shell identity (“identity laundering”). This white paper by maritime intelligence provider Windward goes into more detail about these practices. 

1. Identity spoofing   

Ship operators are responsible for manually entering their AIS broadcast messages into their own transponders. This makes it easy to manipulate basic information such as a vessel’s name, type, length, tonnage, or Maritime Mobile Service Identity (MMSI)—a 9-digit reference number administered by the International Telecommunications Union (ITU) that should be unique to each ship. 

One unsophisticated method is for vessels to enter the country code followed by all zeros (XXX000000). In fact, so many ships do this that it can lead to multiple vessels operating simultaneously with the same fake ID. 

For example, on April 18 2023, a China Coast Guard cutter intercepted a Philippine resupply mission to Second Thomas Shoal while broadcasting an AIS signal identifying itself only as “G”, a 2x2m pleasure craft with MMSI 412000000–a bogus number used concurrently by dozens of other ships around the globe.

Post

Ray Powell @GordianKnotRay

BREAKING: Prob. #Philippines resupply to Ayungin (2nd Thomas) Shoal w/

@coastguardph‘s BRP Malapascua escorting. Prob. #China Coast Guard identifying as “G” (2x2m “pleasure craft” w/bogus MMSI) intercepting near Sabina Shoal as 2 maritime militia take position east of Ayungin.

Image

Frances Mangosing and 8 others

2. Identity switching 

It is so easy to manually change AIS broadcast data that occasionally ships are caught red-handed switching identities during sensitive operations. One example of this occurred on March 21 2023, when China Coast Guard cutter 5201 abruptly changed its callsign from “CCG5201” to “DONGYU1527-8 50%” while shadowing the Philippine Coast Guard vessel BRP Malapascua on a routine patrol mission in the Spratly Islands.

“Yu” (鱼) is Mandarin for “fish” and is often used in Chinese fishing boat names, which strongly suggests what the offending ship hoped its watchers would believe in this clumsy spoofing effort.

Post

Jay Tarriela

The @coastguardph vessel BRP MALAPASCUA conducted MARPAT mission to the KIG from March 16 to 21. She spotted a number of 🇨🇳 CCGVs and a PLA Navy Type 056A Jiangdao II Class Missile Corvette.

Image

Image

Image

The PLA Navy radio challenged MRRV 4403 within the territorial sea of Pag-asa Island.

Before returning to Buliluyan Port on March 21, MRRV 4403 patrolled Ayungin Shoal, CCGV 5201 shadowed @coastguardPH ship at a distance of approximately 1,600 yards. The PCG observed that CCGV 5201 suddenly changed its AIS info from CCG5201 to DONGYU1527-8 50%.

·

3. Location spoofing 

It is also possible for a more sophisticated gray zone actor to insert fake GPS location data into an AIS boadcast, which makes the spoofing vessel appear to to be in a different location. We are unaware of any known incidents of Chinese security vessels spoofing their locations in the South China Sea, but location spoofing is a well known tactic in other maritime contexts. 

Suffice it to say, AIS spoofing in all its forms endangers shipping and other lawful maritime activity, hinders transparency and effective monitoring, and contravenes both norms and rules for safety at sea and ITU regulations. 

See the rest of the gray zone playbook here.

Gaute Friis

Gaute is a Defense Innovation Scholar at Stanfo

Hình đại diện của Không hiểu

Đăng bởi Trần Đình Hoành

I am an attorney in the Washington DC area, with a Doctor of Law in the US, attended the master program at the National School of Administration of Việt Nam, and graduated from Sài Gòn University Law School. I aso studied philosophy at the School of Letters in Sài Gòn. . I have worked as an anti-trust attorney for Federal Trade Commission and a litigator for a fortune-100 telecom company in Washington DC. I have taught law courses for legal professionals in Việt Nam and still counsel VN government agencies on legal matters. I have founded and managed businesses for me and my family, both law and non-law. I have published many articles on national newspapers and radio stations in Việt Nam. In 1989 I was one of the founding members of US-VN Trade Council, working to re-establish US-VN relationship. Since the early 90's, I have established and managed VNFORUM and VNBIZ forum on VN-related matters; these forums are the subject of a PhD thesis by Dr. Caroline Valverde at UC-Berkeley and her book Transnationalizing Viet Nam. I translate poetry and my translation of "A Request at Đồng Lộc Cemetery" is now engraved on a stone memorial at Đồng Lộc National Shrine in VN. I study and teach the Bible and Buddhism. In 2009 I founded and still manage dotchuoinon.com on positive thinking and two other blogs on Buddhism. In 2015 a group of friends and I founded website CVD - Conversations on Vietnam Development (cvdvn.net). I study the art of leadership with many friends who are religious, business and government leaders from many countries. I have written these books, published by Phu Nu Publishing House in Hanoi: "Positive Thinking to Change Your Life", in Vietnamese (TƯ DUY TÍCH CỰC Thay Đổi Cuộc Sống) (Oct. 2011) "10 Core Values for Success" (10 Giá trị cốt lõi của thành công) (Dec. 2013) "Live a Life Worth Living" (Sống Một Cuộc Đời Đáng Sống) (Oct. 2023) I practice Jiu Jitsu and Tai Chi for health, and play guitar as a hobby, usually accompanying my wife Trần Lê Túy Phượng, aka singer Linh Phượng.

Bình luận về bài viết này