This document provides a comprehensive analysis of maritime open-source intelligence (OSINT) and its implications for maritime law enforcement, emphasizing ethical concerns, operational challenges, data sources, applications, and key tools. It details the Automatic Identification System (AIS), its operational benefits, vulnerabilities, and the risks associated with AIS manipulation, including spoofing and evasion tactics. The analysis also highlights the potential for AIS misuse in geopolitical contexts and calls for enhanced security and regulatory measures to safeguard maritime safety and compliance.

1. Read more: Boosty | Sponsr | TG
Abstract – This document aims to provide a comprehensive analysis
of maritime open-source intelligence (maritime OSINT) and its
various aspects: examining the ethical implications of employing
maritime OSINT techniques, particularly in the context of maritime
law enforcement authorities, identifying and addressing the
operational challenges faced by maritime law enforcement
authorities when utilizing maritime OSINT, such as data acquisition,
analysis, and dissemination.
The analysis will offer a thorough and insightful examination of
these aspects, providing a valuable resource for cybersecurity
professionals, law enforcement agencies, maritime industry
stakeholders, and researchers alike. Additionally, the document will
serve as a valuable resource for researchers, policymakers, and
industry stakeholders seeking to understand the potential and
implications of maritime OSINT in ensuring maritime security and
safety.
I. INTRODUCTION
Maritime Open-Source Intelligence (OSINT) refers to the
practice of gathering and analyzing publicly available
information related to maritime activities, vessels, ports, and
other maritime infrastructure for intelligence purposes. It
involves leveraging various open-source data sources and tools
to monitor, track, and gain insights into maritime operations,
potential threats, and anomalies.
Maritime Open-Source Intelligence (OSINT) is crucial for
capturing information critical to business operations, especially
when electronic systems like Automatic Identification Systems
(AIS) fail. OSINT can provide valuable context and insights into
vessel operations, including the identification of vessels, their
positions, courses, and speeds
A. Data Sources
• Vessel tracking websites and services (e.g.,
MarineTraffic, VesselFinder) that provide real-time and
historical data on ship movements, positions, and
details.
• Satellite imagery and remote sensing data from
providers like Sentinel, LANDSAT, and commercial
vendors.
• Social media platforms, news outlets, and online forums
where maritime-related information is shared.
• Public databases and registries containing information
on vessels, companies, ports, and maritime
infrastructure.
• Open-source intelligence tools and search engines
specifically designed for maritime data collection and
analysis.
B. Applications
• Maritime security and law enforcement: Monitoring
illegal activities like piracy, smuggling, illegal fishing,
and potential threats to maritime infrastructure.
• Maritime domain awareness: Enhancing situational
awareness by tracking vessel movements, patterns, and
anomalies in specific regions or areas of interest.
• Risk assessment and due diligence: Conducting
background checks on vessels, companies, and
individuals involved in maritime operations for risk
mitigation and compliance purposes.
• Environmental monitoring: Tracking potential oil
spills, pollution incidents, and assessing the
environmental impact of maritime activities.
• Search and rescue operations: Assisting in locating
and tracking vessels in distress or missing at sea.
• Competitive intelligence: Monitoring competitors'
maritime operations, shipments, and logistics for
strategic business insights.
C. Key Tools and Techniques
• Vessel tracking and monitoring platforms like
MarineTraffic, VesselFinder, and FleetMon.
• Geospatial analysis tools and platforms for processing
and visualizing satellite imagery and remote sensing
data.
• Social media monitoring and analysis tools for gathering
intelligence from online platforms.
• OSINT frameworks and search engines like Maltego,
Recon-ng, and Shodan for comprehensive data
collection and analysis.
• Data visualization and reporting tools for presenting
maritime intelligence in a clear and actionable manner.
II. AUTOMATIC IDENTIFICATION SYSTEM
The Automatic Identification System (AIS) is a sophisticated
maritime navigation safety communications system that uses
Very High Frequency (VHF) radio broadcasting to transfer data
between vessels and shore-based stations.

2. Read more: Boosty | Sponsr | TG
A. Technology and Functionality
• AIS uses Very High Frequency (VHF) radio
broadcasting to transfer data between vessels and shore-
based stations.
• It provides real-time information on a vessel's
identification, position, course, and speed, which is
crucial for safe navigation and efficient operations.
B. Purpose and Applications
• AIS was developed primarily as a collision avoidance
tool, allowing vessels to 'see' each other more clearly
and make informed navigational decisions.
• It is also used for vessel traffic services (VTS), fishing
fleet monitoring, maritime security, and aids to
navigation.
C. Regulatory Requirements
• The International Maritime Organization (IMO)
mandates that all international voyaging ships of 300
gross tonnage (GT) or more, and all passenger ships
regardless of size, must be equipped with AIS.
• AIS must always remain operational, with very limited
exceptions, to ensure continuous data transmission and
reception.
D. Data Transmission and Reception:
• AIS transceivers continuously broadcast information at
regular intervals, which can be received by other AIS-
equipped vessels and shore stations within range.
• The system operates on two dedicated VHF frequencies:
161.975 MHz (Channel 87B) for ship-to-ship
communication and 162.025 MHz (Channel 88B) for
ship-to-shore communication.
E. Integration with Other Systems:
• AIS data can be integrated with marine radar, electronic
chart display and information systems (ECDIS), and
other navigational tools to provide a comprehensive
view of the maritime environment.
• Satellite-AIS (S-AIS) extends the range of AIS by using
satellites to receive AIS signals, enabling global tracking
of vessels beyond coastal areas.
F. Operational Benefits:
• AIS enhances maritime domain awareness, improves
the efficiency of maritime operations, and supports
search and rescue efforts by providing accurate and
timely information about vessel movements.
• It also helps in optimizing vessel routes, reducing fuel
consumption, and minimizing emissions, contributing to
more sustainable maritime operations
G. Security and Vulnerabilities:
• AIS is susceptible to vulnerabilities such as data
spoofing, hijacking, and other forms of cyber
interference, which can compromise the accuracy and
reliability of the information.
• Measures are being developed to enhance the security of
AIS, including cryptographic methods and improved
data handling protocols.
III. AIS THREATS
AIS communications are susceptible to various
vulnerabilities, including malicious cyber activity, legal
changes, adverse physical conditions, and intentional
interventions.
A. CPA Spoofing (Closest Point of Approach)
• Safety Risks: CPA spoofing involves faking a possible
collision with a target ship, triggering a CPA alert. This
can lead the target vessel to alter its course
unnecessarily, potentially causing it to hit a rock, run
aground, or collide with another vessel.
• Cybersecurity Implications: This type of spoofing can
be used by malicious actors to create navigational
hazards, disrupt shipping routes, and cause accidents,
thereby compromising maritime safety and security.
B. AIS-SART Spoofing
• Safety Risks: AIS-SART (Search and Rescue
Transponder) spoofing involves generating false distress
beacons to lure vessels into traps. This can lead to
vessels being directed into hostile or dangerous areas
controlled by attackers, such as pirates.
• Cybersecurity Implications: This tactic can be used to
facilitate piracy, hijacking, and other criminal activities,
posing significant risks to the safety of crew members
and the security of cargo.
C. Faking Weather Forecasts
• Safety Risks: False updates on weather conditions
communicated via AIS can mislead vessels about
upcoming weather, leading to poor navigational
decisions and increased risk of accidents in adverse
weather conditions.
• Cybersecurity Implications: Manipulating weather
data can be part of a broader strategy to disrupt maritime
operations and create unsafe conditions for vessels at
sea.
D. Ship Spoofing
• Safety Risks: Ship spoofing involves creating a
fictitious vessel by assigning false static information
such as ship name, identifiers (MMSI and call sign),
flag, ship type, and other details. This can cause
confusion and misidentification, leading to potential
collisions and navigational errors.
• Cybersecurity Implications: This type of spoofing can
be used to disguise the true identity and location of
vessels involved in illicit activities, such as smuggling
or sanctions evasion, complicating enforcement efforts.
E. Software-Based Threats
• Safety Risks: AIS installations on ships require
software to provide data to online providers. Security

3. Read more: Boosty | Sponsr | TG
issues with these implementations can lead to the
transmission of inaccurate or false data, compromising
maritime safety.
• Cybersecurity Implications: Vulnerabilities in AIS
software can be exploited by cyber attackers to
manipulate AIS data, disrupt maritime operations, and
facilitate illegal activities.
F. GPS Interference and AIS Vulnerability
• Safety Risks: Significant GPS interference can affect
AIS data accuracy, leading to lost or inaccurate
positioning information. This can result in navigational
errors and increased risk of collisions.
• Cybersecurity Implications: AIS signals, being open
and unencrypted, are vulnerable to spoofing and
interference, making it easier for attackers to manipulate
AIS data and create navigational hazards.
G. AIS Blackouts
• Safety Risks: Intentional AIS blackouts, where vessels
switch off their AIS to evade detection, can lead to
increased risk of collisions and hinder search and rescue
operations.
• Cybersecurity Implications: AIS blackouts can be
used to facilitate illegal activities, such as smuggling and
sanctions evasion, by making it difficult for authorities
to track vessel movements.
H. Hijacking and Availability Disruption
• Safety Risks: Hijacking AIS signals or disrupting their
availability can lead to loss of situational awareness for
vessels and maritime authorities, increasing the risk of
accidents and security incidents.
• Cybersecurity Implications: Disrupting AIS
availability can be part of a broader cyber-attack strategy
to compromise maritime operations and create chaos in
shipping routes.
I. Engineering Challenges
• Interference with VHF Radiotelephone: AIS
equipment can cause interference with a ship’s VHF
radiotelephone, leading to communication issues and
potential safety risks.
• Installation and Configuration Issues: Poor
installation and configuration of AIS equipment can
result in incorrect data transmission, affecting the
reliability and accuracy of AIS information
J. Vulnerabilities in AIS
• Spoofing and False Data Injection: AIS is susceptible
to spoofing attacks, where attackers can create fake
vessels or modify details of existing vessels, including
position, course, cargo, and flag state. This can lead to
false collision alerts, unauthorized entry into territorial
waters, or even piracy and terrorism activities by
disguising the attackers' vessels.
• Lack of Encryption and Authentication: The AIS
protocol, particularly the SOTDMA protocol it uses,
lacks built-in security features such as encryption and
authentication. This makes AIS data vulnerable to
eavesdropping, tampering, and unauthorized access,
allowing cybercriminals to alter valid AIS data or inject
false AIS data.
• Overloading and Congestion: The increase in AIS
installations and the use of AIS for various applications
can lead to overloading and congestion of the AIS
network. This can result in delays in the transmission of
critical information and increase the risk of navigational
errors, especially in congested waterways.
• Erroneous Manual Input: AIS data, including vessel
destination and ETA, are entered manually by the crew,
leading to potential errors due to operator mistakes or
intentional misrepresentation of information. This can
result in inaccurate tracking and monitoring of vessels.
• Exposure of Sensitive Information: AIS broadcasts
critical and comprehensive data about the ship to the
public, including type of cargo, crew nationality, and
route plan. This information can be valuable to illegal
organizations for planning attacks or threats against
ships.
K. Failures of AIS
• Failure to Update Information: AIS information that
is manually maintained may not be updated in a timely
manner, leading to stale or incorrect data being
transmitted. This can mislead other vessels and coastal
authorities, increasing the risk of navigational accidents.
• Multiple Transceivers for the Same MMSI:
Incorrectly configured AIS transmitters can send
messages for an MMSI that is also used by another
vessel, causing confusion and potentially hazardous
situations if both transmitters are in the same
geographical area.
• Exploitation for Cryptocurrency Mining: Hackers
have exploited vulnerabilities in AIS to install
cryptocurrency miners on exposed servers, diverting
processing power meant for training AI to mine digital
coins instead. This not only compromises the security of
the AIS infrastructure but also affects its operational
efficiency.
IV. AIS MANIPULATION
A. Switching Off AIS
• Evasion Tactic: Some vessels have been observed
switching off their AIS to evade detection. This practice
complicates tracking efforts and poses significant risks
to compliance programs.
• Regulatory Concerns: Disabling AIS is a violation of
the International Convention for the Safety of Life at Sea
(SOLAS), which mandates continuous AIS
broadcasting except in specific emergency situations.

4. Read more: Boosty | Sponsr | TG
B. AIS Spoofing
• False Positions: In addition to switching off AIS, some
vessels broadcast false AIS positions to mislead
monitoring authorities. This involves creating fake
coordinates to hide their true locations and activities.
• Deceptive Practices: AIS spoofing can be used to mask
ship-to-ship (STS) transfers, disguise port calls, and
create the illusion of compliance with sanctions while
engaging in illicit activities.
C. Impact on Sanctions Compliance
• Tracking Challenges: Disabling or manipulating AIS
makes it difficult for governments and regulatory bodies
to track vessels, thereby undermining sanctions
enforcement.
• Risk to Private Enterprises: Private enterprises,
including ship owners, managers, operators, brokers,
flag registries, port operators, freight forwarders,
commodity traders, insurance companies, and financial
institutions, face risks of unintentional exposure to
sanctioned entities within their supply chains.
• Compliance Programs: Effective compliance
programs must incorporate advanced monitoring tools
and techniques to detect AIS manipulation and ensure
adherence to sanctions.
D. Technological and Regulatory Measures
• Detection Tools: Advanced tools and techniques, such
as automated correlation of AIS data with satellite
imagery, have been developed to detect false AIS
broadcasts and identify vessels engaging in deceptive
practices.
• Regulatory Actions: Regulatory bodies, such as the
U.S. Office of Foreign Assets Control (OFAC), have
issued alerts and guidelines to help stakeholders detect
and address AIS manipulation. These measures include
enhanced due diligence, monitoring of high-risk ship-to-
ship transfers, and reviewing shipping and ancillary
costs.
E. Case Studies and Real-World Examples
• Shadow Fleet: An armada of aging oil tankers, known
as the "shadow fleet," has been identified as engaging in
AIS manipulation to continue exporting activities
despite sanctions. These vessels often operate with
opaque ownership structures and questionable
insurance.
• Specific Incidents: For example, vessels were identified
by docking at specific ports without using AIS
V. AIS IMPLICATIONS
A. Maritime safety impact
• Geopolitical Tensions: AIS spoofing can exacerbate
geopolitical tensions by creating false scenarios that
may lead to misunderstandings or conflicts between
nations. For example, spoofed AIS data showing
military maneuvers in sensitive areas can inflame
regional tensions.
• Maritime Safety: The reliability of AIS is crucial for
maritime safety, as it helps in collision avoidance and
efficient navigation. Intentional AIS failures, such as
those caused by spoofing or legal restrictions, can
endanger vessel operations. For example, the temporary
AIS blackout in China due to the implementation of the
Personal Information Protection Law in November 2021
posed risks to vessel operations in some of the world's
busiest shipping routes.
• Collision Risks: Spoofing can create false collision
alerts, leading to inappropriate navigational decisions.
This can cause vessels to alter their courses
unnecessarily, potentially resulting in real collisions
with other ships, rocks, or other hazards. An example
includes CPA (Closest Point of Approach) spoofing,
where false data suggests an imminent collision,
prompting the vessel to take evasive action that could
lead to accidents.
• Search and Rescue Operations: AIS-SART (Search
and Rescue Transponder) spoofing can generate false
distress signals, diverting rescue resources to non-
existent emergencies and leaving real emergencies
unattended. This can endanger lives and waste valuable
time and resources.
• Environmental and Economic Impact: Spoofing can
facilitate illegal activities such as unregulated fishing,
smuggling, and environmental pollution by concealing
the true location and identity of vessels involved in these
activities. This can lead to significant environmental
damage and economic losses.
• Operational Disruptions: AIS spoofing can disrupt
maritime logistics and supply chains by creating
confusion about vessel locations and movements. This
can lead to delays, increased operational costs, and
inefficiencies in port operations and shipping routes.
• Security Threats: Spoofing can be used as a tactic by
pirates and other malicious actors to lure vessels into
traps or hostile areas. For instance, false AIS data can
direct ships into pirate-controlled waters, increasing the
risk of hijacking and attacks.
• Data Integrity and Trust Issues: The integrity of AIS
data is crucial for maritime situational awareness.
Spoofing undermines trust in AIS data, making it
difficult for maritime authorities and operators to rely on
this information for safe navigation and decision-
making.
• Legal and Regulatory Challenges: Legal frameworks
may not be fully equipped to address the complexities of
AIS spoofing, leading to challenges in enforcement and
compliance. This can hinder efforts to mitigate the risks
associated with spoofing and protect maritime safety.
For example, China's Personal Information Protection
Law can lead to making it difficult for foreign entities to
monitor vessel movements and enforce sanctions.

5. Read more: Boosty | Sponsr | TG
• Technological and Security Measures: To combat AIS
vulnerabilities, there is a need for enhanced security
measures such as encryption and authentication
mechanisms. These measures can help prevent AIS
spoofing and ensure the integrity of AIS data, thereby
reducing the risks associated with intentional AIS
failures
B. Implications for global geopolitics
• Propaganda and Disinformation: AIS spoofing can be
used as a tool for propaganda and disinformation. For
instance, AIS spoofing was used to create false
narratives, thereby influencing public perception and
international relations.
• Sanctions Evasion: AIS spoofing is frequently used to
evade international sanctions. Vessels can falsify their
locations and identities to continue trading with
sanctioned countries, undermining the effectiveness of
sanctions and international efforts to enforce economic
restrictions. For example, Iranian and North Korean
vessels have used AIS spoofing to disguise their
activities and evade sanctions, complicating
enforcement and compliance efforts.
• Strategic Military Deception: State actors can use AIS
spoofing as a form of strategic military deception. By
creating false AIS tracks, they can mislead adversaries
about the location and movements of their naval forces,
potentially gaining a tactical advantage. This tactic can
be part of broader strategies of sub-threshold warfare,
where states engage in actions that fall below the
threshold of open conflict but still achieve strategic
objectives.
• Impact on Maritime Security and Safety: AIS
spoofing undermines the reliability of AIS as a tool for
maritime safety and security. False AIS data can lead to
navigational errors, collisions, and other maritime
incidents, posing risks to vessels and their crews. The
manipulation of AIS data can also hinder search and
rescue operations by generating false distress signals,
diverting resources away from real emergencies.
C. AIS Spoofing for Influence Public Opinion
• Creating False Narratives: AIS spoofing can support
disinformation campaigns by creating false narratives
about naval activities. For example, spoofed AIS data
showing foreign ships violating country waters can be
used to portray one nation as aggressors, thereby
influencing public opinion against them.
• Undermining Trust in Information: By injecting false
information into AIS data streams, state actors can
undermine trust in maritime tracking systems and the
information they provide. This can lead to confusion and
skepticism among the public, making it easier to
manipulate opinions and narratives.
• Fabricating Incidents: AIS spoofing can be used to
fabricate incidents that provoke diplomatic responses.
For example, spoofing AIS data to show a vessel in a
hostile nation's territorial waters can trigger defensive
measures or diplomatic protests, influencing public
opinion by portraying the spoofed nation as a victim of
aggression.
• Creating Pretexts for Action: Spoofed AIS data can
serve as a pretext for military or diplomatic actions,
which can be used to justify aggressive policies or
interventions. This can shape public opinion by framing
such actions as necessary responses to perceived threats.
• Exaggerating Threats: By spoofing AIS data to create
the appearance of increased naval activity or threats in
certain areas, state actors can manipulate public
perception of maritime security. This can be used to
justify increased military spending or to rally public
support for defensive measures.
• Creating a Sense of Insecurity: Spoofing AIS data to
show false collisions or near-misses can create a sense
of insecurity and fear among the public, influencing
opinions about the safety and security of maritime
operations.
D. Implications for International Trade Agreements &
Shipping routes
• Sanctions Evasion: AIS spoofing is frequently used to
evade international sanctions by disguising the true
location and identity of vessels involved in illicit trade.
This undermines the effectiveness of sanctions and
complicates enforcement efforts. For example, vessels
can spoof their AIS data to appear as if they are in legal
waters while engaging in prohibited activities, such as
trading with sanctioned countries like North Korea or
Iran.
• False Documentation: Spoofing can be combined with
falsified shipping documents to disguise the origin,
destination, and nature of cargo. This makes it difficult
for authorities to enforce trade restrictions and ensures
that illicit goods can be traded without detection.
• Concealing Illicit Activities: AIS spoofing can be used
to conceal the true locations and activities of vessels
involved in sanctions evasion. By creating false AIS
tracks, state actors can argue that their vessels are
complying with international regulations, thereby
influencing public opinion about the legitimacy of
sanctions and the actions of the sanctioned state.
• Highlighting Sanctions' Ineffectiveness: By
demonstrating the ability to evade sanctions through
AIS spoofing, state actors can influence public opinion
by highlighting the ineffectiveness of international
sanctions and questioning their legitimacy.
• Economic Disruption: By spoofing AIS data, state
actors or criminal organizations can disrupt maritime
logistics and supply chains, causing economic losses
and operational inefficiencies. This can be part of a
broader strategy of economic warfare, where the goal is
to destabilize the economies of rival nations by
interfering with their trade routes.

6. Read more: Boosty | Sponsr | TG
• Market Manipulation: AIS spoofing can be used to
create false supply and demand signals in the market.
For example, by spoofing the location of oil tankers,
actors can create the illusion of supply shortages or
surpluses, thereby manipulating global oil prices. This
can have a destabilizing effect on international markets
and trade agreements that rely on stable pricing.
• Floating Storage: Vessels can use AIS spoofing to hide
their true locations while storing commodities like oil
offshore. This can be used to manipulate market prices
by controlling the apparent supply of these
commodities.
• Compliance Evasion: AIS spoofing can be used to
evade compliance with international maritime
regulations and trade agreements. For instance, vessels
can spoof their AIS data to avoid detection by regulatory
authorities, thereby circumventing environmental
regulations, safety standards, and other compliance
requirements.
• Flag Hopping: Vessels can repeatedly change their
transmitted Maritime Mobile Service Identity (MMSI)
numbers and flags to avoid detection and compliance
with international regulations. This practice, known as
flag hopping, makes it difficult for authorities to track
and enforce compliance
• Fake Vessel Positions: Spoofing can create false
positions for vessels, making it appear as though they
are in different locations than they actually are. This can
lead to confusion and misdirection of shipping routes,
causing delays and inefficiencies in the supply chain.
• Ghost Ships: Spoofing can generate "ghost ships" that
do not exist, cluttering navigational systems and causing
real vessels to alter their courses to avoid non-existent
threats, further disrupting shipping routes.
• Traffic Congestion: Spoofing can create artificial
congestion in busy shipping lanes by making it appear
that there are more vessels in the area than there actually
are. This can lead to rerouting of ships and delays in
cargo delivery
VI. THE MARITIME OSINT DOMAIN
Maritime OSINT can effectively manage AIS threats and
failures by providing alternative sources of information and
context, such as social media intelligence (SOCMINT), satellite
imagery, and company-related data. OSINT can track vessel
movements, identify ownership, and uncover links to illegal
activities, even when AIS data is unavailable or manipulated.
A. Social Media Intelligence (SOCMINT)
• Understanding Personnel: SOCMINT is used to gather
information about shipping and port personnel. By
identifying individuals linked to vessels and shipping
infrastructure, analysts can gain insights into vessel
ownership and associated supply chains.
• Identifying Illegal Activities: Social media posts by
soldiers, sailors, militiamen, and criminal syndicate
members can unintentionally reveal locations through
landmarks or street signs. This information can be used
to identify links between shipping operations and
adversarial, nefarious, or illegal activities.
• Social Media Platforms: Platforms like Twitter,
Facebook, Instagram, and YouTube are valuable for
gathering information about shipping and port
personnel, vessel activities, and locations. Users often
post pictures and videos that can reveal critical details
such as landmarks, vessel interiors, and operational
activities.
B. Company-Related Data
• Ownership Records: Investigating the ownership
records of vessels can reveal information about the
companies that own, operate, and repair them. This can
help identify shell companies used to obfuscate the real
owners or operators, which is crucial for understanding
the true nature of maritime activities.
• Sanctions Data: Accessing sanctions data from sources
like the Office of Foreign Assets Control (OFAC) can
provide insights into entities and individuals involved in
sanctioned activities. This is important for tracking
compliance and identifying potential violations
C. Mapping Applications and Satellite Imagery
• Location Identification: Mapping applications Google
Earth and Google Maps, satellite imagery, webcam
footage, and photos are essential tools for identifying a
vessel's location and providing insights into port
environments and activities.
• Commercial Satellite Services: Providers like
Sentinel-1 and Sentinel-2 offer satellite imagery that can
be used for monitoring maritime activities, detecting oil
spills, and analyzing environmental impacts.
• Visual Insights: Videos tagged to specific locations on
platforms like YouTube can offer visual insights into a
vessel's interior environment, onboard operations, and
personnel. This can be particularly useful for monitoring
vessels entering sensitive areas, such as oil ports.
D. Geospatial Intelligence (GEOINT)
• Mapping Applications: mapping applications can
provide detailed geographical context and historical
imagery, allowing analysts to track changes in port
infrastructure and vessel movements over time.
• Geospatial Data Platforms: Platforms like Skopenow's
Grid combine satellite imagery with public data to
provide comprehensive situational awareness and detect
anomalies in maritime activities.
• Drone Footage: Drones can capture high-resolution
images and videos of maritime activities, providing real-
time insights into port operations and vessel conditions.
E. Maritime Databases and Registers
• MarineTraffic: MarineTraffic is a widely used
platform for real-time AIS vessel tracking. It provides

7. Read more: Boosty | Sponsr | TG
information on vessel positions, traffic, and port
activities. Analysts can track the movements of specific
vessels, monitor port congestion, and analyze shipping
patterns.
• VesselFinder: VesselFinder offers real-time tracking of
ships using AIS data. It provides detailed information
about vessel locations, routes, and historical data. Useful
for tracking the current and past movements of vessels,
identifying patterns, and monitoring compliance with
maritime regulations.
• Equasis: Equasis is a database that provides information
on the safety and quality of ships and their operators. It
includes data on inspections, detentions, and incidents.
Analysts can use Equasis to check the safety records of
vessels and companies, identify past violations, and
assess compliance with international standards.
• Datalastic and GateHouse: These services provide
comprehensive maritime data, including vessel
locations, ownership details, and historical data, which
are crucial for in-depth analysis.
• Shipping Registers: Databases such as the UK Ship
Register, eShips World Shipping Register, and the
Superyacht Directory provide comprehensive
information on registered vessels, including ownership,
specifications, and historical data.
F. Crew and Personnel Information
• Crew Lists and Social Networks: Platforms like
Maritime-Connector and MyShip facilitate connections
between ship crew members and shipping jobs, offering
valuable information on crew members and their
movements.
• Professional Networks: LinkedIn and other
professional networking sites can provide information
on individuals working in the maritime industry, helping
to identify key personnel and their affiliations.
G. News and Media Reports
• News Aggregators: Tools like Google News and RSS
feeds can aggregate news articles and reports related to
maritime activities, providing timely updates on
incidents, regulatory changes, and geopolitical
developments.
• Documentaries and Podcasts: Watching
documentaries and listening to podcasts about specific
regions or maritime topics can provide valuable context
and insights for OSINT investigations.
H. Government and Regulatory Sources
• Maritime Safety Authorities: Organizations like the
International Maritime Organization (IMO) and national
maritime safety authorities publish reports and data on
vessel safety, regulations, and incidents.
• Customs and Border Protection: Data from customs
and border protection agencies can provide information
on cargo, vessel inspections, and compliance with trade
regulations.
I. Commercial and Trade Intelligence
• Trade Databases: Platforms like GovTribe and
GovWin offer information on contracts and trade
activities, shedding light on the financial aspects of
maritime operations.
• Industry Reports: Research reports, white papers, and
industry studies can provide insights into market trends,
supply chain dynamics, and economic factors affecting
maritime trade
J. Open Source Intelligence Tools
• Shodan: This search engine for IoT devices can find
VSATs, comm boxes, and other maritime
communication devices, revealing information such as
vessel locations and vulnerabilities.
• Maltego and Spiderfoot: These tools are used for
comprehensive OSINT data gathering, including
domain reconnaissance, metadata extraction, and social
media analysis.
K. Other Maritime Databases for OSINT
• Paris MoU (Paris Memorandum of Understanding):
The Paris MoU database provides records of ship
inspections and detentions in European waters. It
focuses on ensuring compliance with international
maritime regulations. Useful for identifying ships that
have been detained or inspected for regulatory
violations, providing insights into their operational
history.
• Tokyo MoU: Similar to the Paris MoU, the Tokyo MoU
database covers ship inspections and detentions in the
Asia-Pacific region. Analysts can use this database to
track compliance and safety records of vessels operating
in the Asia-Pacific region.
• OpenCorporates: OpenCorporates is a database that
provides information on corporate entities, including
maritime companies. It includes details on company
registrations, officers, and affiliations. Useful for
investigating the ownership and operational structures
of maritime companies, identifying shell companies,
and uncovering links between entities.
• Global Fishing Watch: An open-access platform that
provides visualization and analysis of global fishing
activity using AIS and VMS data. Analysts can monitor
illegal fishing activities, track fishing vessel
movements, and assess the impact on marine resources.
• Inmarsat Ships Directory: This directory provides
contact information for vessels, including their names,
numbers, and call signs. Useful for identifying and
contacting specific vessels, verifying their details, and
cross-referencing with other maritime databases.
• BIC Code Database: The Bureau International des
Containers (BIC) code database allows users to look up

8. Read more: Boosty | Sponsr | TG
the owners of shipping containers. Analysts can trace the
ownership of cargo containers, which can be crucial for
tracking the movement of goods and identifying
potential smuggling activities.
• IMO-GISIS (Global Integrated Shipping
Information System): The IMO-GISIS database
provides comprehensive information on ships, including
their registration, ownership, and compliance with
international regulations. Useful for verifying the details
of vessels, checking their compliance with international
standards, and identifying their operational history
VII. USING SATELLITE IMAGERY FOR MARITIME OSINT
A. Identifying Port Functions
• Satellite imagery can provide insights into the primary
functions of ports by revealing the presence of
infrastructure such as oil storage structures, piers, and
docked vessels.
• The satellite imagery shows gas or oil storage structures
adjoining the piers, indicating that object is likely used
for exporting gas or oil.
B. Vessel Identification
• High-resolution satellite imagery can potentially enable
the identification of specific vessels docked at ports,
provided that maritime experts with knowledge of
tanker architecture are involved in the analysis.
• However, the lack of precise date information and the
aerial perspective of satellite imagery can make it
challenging to verify assessments based on small visual
features like ship names or International Maritime
Organization (IMO) identification numbers.
C. Temporal Analysis
• Mapping services like NASA's Worldview allow users
to view satellite imagery captured on specific dates,
enabling temporal analysis of port activities and vessel
movements.
• However, the resolution of such imagery may not be
sufficient for detailed identification or analysis based on
small visual features.
D. Limitations and Challenges
• While satellite imagery can provide valuable insights
into port operations and vessel movements, there are
limitations in terms of resolution, perspective, and the
availability of precise temporal information.
• Overcoming these limitations may require combining
satellite imagery with other sources of information, such
as Automatic Identification System (AIS) data, social
media intelligence (SOCMINT), and expert analysis.
E. Integration with Other OSINT Sources
• To enhance the effectiveness of maritime OSINT,
satellite imagery should be integrated with other sources
of information, such as AIS data, SOCMINT, and
company-related data.
• This multi-source approach can provide a more
comprehensive understanding of maritime activities,
vessel movements, and potential links to illegal or
sanctioned activities.
VIII. USING WEBCAMS FOR MARITIME OSINT
A. Webcam Accessibility
• Online Platforms: Websites like Windy.com offer free
access to webcams placed across the world, allowing
users to monitor real-time weather conditions and
fluctuations in weather patterns over time.
• Port Monitoring: Webcam services like Windy.com
offer real-time footage of various global locations,
including ports. However, not all ports are covered by
such webcam services. In such cases, social media
platforms like Facebook can be utilized to search for
images tagged to specific port locations, providing
insights into vessel activities in ports not covered by
webcams
B. Image Analysis
• Visual Identification: Using image editing software, it
is possible to view and analyze the oil vessels transiting
specific sections of the port. Large-scale visual markers
and ship characteristics can be compared to images of
ships reported in the area to potentially identify these
vessels.
• Example Identification: An example involves a search
on Facebook using the keyword “ship” and filtering
photos by the tagged location. A photo uploaded by a
user, who identified as an engineer officer at Shipping
Corporation of India Ltd., showed the deck of a large
shipping vessel, consistent with oil tanker vessels.
C. Verification and Validation
• Cross-Referencing Sources: It is good practice to
verify or validate information by comparing the original
source to other sources. For instance, the maritime
website FleetMon provides a port database with details
on global ports, including weather, usage, vessels, and
media reporting, which can be used to corroborate AIS
data.
D. Implications for Sanctions Monitoring
• Tracking Sanctioned Vessels: By identifying and
monitoring vessels stakeholders can enhance their
sanctions compliance efforts. Continuous monitoring of
such vessels can provide valuable insights into
sanctioned activities.
• Satellite imagery and social media can provide visual
cues for vessel identification. However, the lack of
precise date information and the aerial perspective of
satellite imagery can make it challenging to verify
assessments based on small visual features like ship
names or International Maritime Organization (IMO)
identification numbers.

9. Read more: Boosty | Sponsr | TG
• Social media images can offer additional clues but may
require cross-referencing with other data sources for
verification.
IX. USING COMPANY DATA
A. Data Aggregators
• Data aggregators like Dun & Bradstreet and
OpenCorporates have access to information provided by
individuals when registering businesses or
organizations.
• These aggregators can provide details on company
structures, ownership, key personnel, addresses, and
other relevant information.
B. Government Restrictions
• Some governments, like the Government of the People's
Republic of China, restrict the sale of sovereign
company data due to data protection legislation.
• A lack of results from data aggregators does not
necessarily indicate an absence of information, as the
data may be restricted in certain jurisdictions.
C. Indigenous Data Repositories
• In cases where data is restricted, researchers can explore
indigenous company data repositories or government-
provided search engines to access relevant information.
D. Case Study: Shipping Corporation of India Ltd.
• A search on Dun & Bradstreet for "Shipping
Corporation of India Ltd" revealed a tiered corporate
structure spanning India, the United Kingdom,
Singapore, and Belgium.
• Information retrieved included the company address,
key personnel, and a website link.
• The company's annual corporate report for 2020–2021
identified board members and major shareholders.
E. Supplementary Information
• Company data can be supplemented with information
from other sources, such as corporate websites, annual
reports, news articles, and industry publications, to gain
a more comprehensive understanding of the entity
X. SEARCHING ACROSS SANCTIONS DATA
A. OpenSanctions.org
• Data Aggregator: OpenSanctions.org aggregates data
on sanctioned entities from multiple governments and
organizations, including the European Union (EU).
• Search Example: A search for "Shipping Corporation
of India Ltd" and its listed oil tankers on
OpenSanctions.org returned no results. However,
further searches for shareholders revealed that "BIIS
Maritime Limited" was sanctioned for being a
subsidiary of "Irano Hind Shipping Co," an Iranian
company involved in exporting sanctioned commodities
like oil.
B. Investigative Journalism Tools
• OCCRP Aleph: Developed by the Organized Crime
and Corruption Reporting Project (OCCRP) and
supported by the Google Digital News Initiative, Aleph
allows users to search across multiple databases,
including those linked to the Panama Papers. It helps
users curate search findings into graphs, tables, and
charts to highlight linkages.
• Offshore Leaks: Founded by the International
Consortium of Investigative Journalists (ICIJ), Offshore
Leaks provides access to an extensive repository of data
from 200 locations. This service is similar to OCCRP's
Aleph and is useful for identifying corporate
connections and hidden assets.
C. Building Supply Chain Connections
• Corporate Connections: By using tools like
OpenSanctions.org, OCCRP Aleph, and Offshore
Leaks, investigators can identify multiple entities linked
to sanctioned companies. For example, these tools
helped build out the supply chain of "Shipping
Corporation of India Ltd" by identifying connections to
"Irano Hind Shipping Co".
• Data Visualization: Tools like Aleph and Offshore
Leaks allow users to visualize complex networks of
corporate relationships, making it easier to understand
and communicate the connections between entities
involved in sanctioned activities.
D. Challenges and Limitations
• Data Gaps: Searches may not always return results due
to data gaps or restrictions in certain jurisdictions. For
instance, the initial search for "Shipping Corporation of
India Ltd" on OpenSanctions.org did not yield results,
highlighting the need for comprehensive and multi-
source searches.
• Verification: It is crucial to verify findings from these
databases with additional sources to ensure accuracy and
reliability. Cross-referencing data from multiple
platforms can help validate the information and provide
a more complete picture.