Full analysis, recommended actions, tabletop scenarios, and cited sources in the complete issue.
GNSS · HIGH
Strait of Hormuz: AIS spoofing learns to lie with names
Between 8 and 14 June, interference in the strait crossed from denial into deception. On top of the usual GNSS jamming, a new identity layer appeared: AIS “trolling” with named spoof handles (“Jersey Devil 404”, “Opium Cargo”) broadcasting vessels that do not exist into the traffic picture. Windward counted six tankers transmitting false positions in the Gulf of Oman. Experts told Sky News the jamming now poses “a real risk to life.”
Why it matters: trolling corrupts the picture while leaving it looking normal. A watchkeeper sees a plausible vessel that isn’t there. In this strait, plan for GNSS denial as the default.
INCIDENT · HIGH
Qilin ransomware hits the body that coordinates the Port of New York & New Jersey
On 8 June the Qilin gang listed the Shipping Association of New York & New Jersey (SANYNJ) on its leak site, claiming to have stolen its data. SANYNJ coordinates terminals, carriers, stevedores and labour across one of North America’s busiest container complexes. It is the coordination layer of the port, not a single terminal. Nobody has confirmed operational disruption yet; for now the claim is just a leak-site listing.
Why it matters: attackers are climbing into the bodies that coordinate ports, where one breach reaches every operator in the complex. Two more cases this fortnight, a shipyard and a freight forwarder, fit the same upstream pattern.