News + Resources

Industry news, Astaara press releases & maritime cyber risk resources

Tuesday, January 13, 2026
Oil Tanker Marinera – AIS spoofing, flag manipulation, and cybersecurity risks

The oil tanker Marinera (formerly Bella 1) engaged in multiple deceptive practices including AIS spoofing, false flag declarations, and cyber/navigation system manipulation. These actions highlight vulnerabilities in maritime cyber systems and pose significant implications for cyber insurance underwriting and risk assessment.

Timeline of events:
– Sep–Nov 2025: AIS location spoofing near Kharg Island during loading operations
– Dec 17 2025: AIS signal last detected near Antigua & Barbuda; vessel goes dark
– Dec 20–21 2025: US Coast Guard attempts boarding; vessel broadcasts 39 distress
calls
– Dec 31 2025: Vessel renamed Marinera, painted Russian flag, registered in Russia mid-
pursuit
– Jan 7 2026: US forces seize Marinera in North Atlantic after two-week pursuit

Methods of location/identity spoofing:
– AIS coordinate spoofing to misrepresent physical location
– Static field tampering (MMSI, vessel name, callsign, flag MID)
– Periods of AIS silence (going dark) to evade tracking
– False distress-call spamming to create situational confusion
– Mid-voyage flag and name changes to obscure identity

Cyber/navigation manipulation:
– AIS/GNSS stack exploited for spoofing and identity tampering
– Potential GPS spoofing near high-risk zones (e.g., Persian Gulf)
– Manipulation of GMDSS distress channels to disrupt enforcement
– AIS vulnerabilities due to lack of encryption/authentication

Detection techniques:
– Cross-verification of AIS data with satellite imagery (multisource fusion)
– Integrity checks for MMSI/name/callsign inconsistencies
– Behavioural analytics to flag AIS gaps and implausible movements
– Correlation of spoofing patterns with sanctions risk indicators

Implications for cyber insurance:
– AIS/GNSS spoofing represents a growing cyber-physical risk for maritime operators
– False-flag and identity manipulation complicate liability and coverage assessments
– Cyber insurance policies must account for navigation system integrity and compliance
controls
– High-risk indicators (AIS gaps, mid-voyage reflagging) should trigger premium
adjustments or exclusions

Recommendations:
– Implement GNSS anti-spoofing and AIS tamper-detection technologies
– Mandate cross-verification of AIS with LRIT and satellite feeds for insured fleets
– Develop underwriting guidelines for vessels exhibiting high-risk behaviours (e.g. AIS
silence, flag changes)
– Create incident response playbooks for distress-signal spamming and identity spoofing
scenarios

  • Robert Dorey
    CEO
    • Back to News + Resources

    More news articles

    May 8th, 2026
    Insight

    How Astaara supports clients to strengthen their cyber seaworthiness

    April 21st, 2026
    Case Study

    Case study – the voyage that stopped without a storm

    April 8th, 2026
    Insight

    Building cyber seaworthiness – a practical framework for compliance

    Astaara Underwriting UK Limited is an appointed representative of Davies MGA Services Limited, a company authorised and regulated by the Financial Conduct Authority under firm reference number 597301 to carry on insurance distribution activities. Astaara Underwriting UK Limited is registered in England and Wales company number 12570450. Registered office at 5th Floor 20 Gracechurch Street, London, United Kingdom, EC3V 0BG.

    © Astaara Company Limited 2021