Full Report
Shipping through the Strait of Hormuz—the narrow but vital oil trade route in the Middle East—has almost ground to a halt since the start of the United States and Israel’s war against Iran. Tankers in the region have faced military strikes and a spike in GPS jamming attacks, a new analysis says. Since the first U.S.-Israeli strikes against Iran on…
Analysis Summary
# Incident Report: Massive GPS and AIS Disruption in the Strait of Hormuz
## Executive Summary
A significant spike in Electronic Warfare (EW) attacks, specifically GPS jamming and AIS spoofing, has targeted maritime traffic in the Strait of Hormuz following the escalation of the U.S.-Israel-Iran conflict. Over 1,100 vessels have experienced navigational disruption, causing a near-total halt to vital oil trade routes and physical damage to at least three tankers.
## Incident Details
- **Discovery Date:** March 03, 2026 (Analysis published by Windward)
- **Incident Date:** Ongoing since February 28, 2026
- **Affected Organization:** Multiple commercial shipping entities (1,100+ vessels)
- **Sector:** Maritime / Energy / Transportation
- **Geography:** Strait of Hormuz / Persian Gulf / Middle East
## Timeline of Events
### Initial Access
- **Date/Time:** February 28, 2026
- **Vector:** External Electronic Warfare (EW) interference
- **Details:** Concurrent with the first U.S.-Israeli kinetic strikes against Iran, a massive wave of GPS jamming and Automatic Identification System (AIS) disruption began.
### Lateral Movement
- **N/A:** This incident involves external signal interference rather than network intrusion; however, the disruption "spread" geographically across the Gulf region as the conflict expanded.
### Data Exfiltration/Impact
- **Data Spoofing:** Vessel GPS coordinates were manipulated, making ships appear at false locations (e.g., inland at a nuclear power station).
- **Physical Damage:** At least three tankers sustained damage due to the escalating military conflict.
### Detection & Response
- **Detection:** Identified via maritime intelligence analytics (Windward) and real-time tracking platforms (MarineTraffic).
- **Response Actions:** Maritime officials issued "critical" risk warnings; shipping traffic has ground to a virtual halt to avoid navigation errors or kinetic strikes.
## Attack Methodology
- **Initial Access:** RF (Radio Frequency) Interference / Signal Overpowering.
- **Persistence:** Continuous broadcasting of jamming signals from regional military installations.
- **Defense Evasion:** Spoofing techniques used to provide false positioning data rather than just blocking signals, making detection of the "lie" more difficult for automated systems.
- **Impact:** GPS Jamming (Denial of Service for navigation) and AIS Spoofing (Manipulation of identity and position data).
## Impact Assessment
- **Financial:** Massive. The Strait of Hormuz is a "vital oil trade route"; a halt in shipping causes global fluctuations in energy prices.
- **Data Breach:** Compromise of data integrity for navigation and identification systems.
- **Operational:** Near-total cessation of shipping operations in the affected corridor.
- **Reputational:** Increased regional instability and high-risk premiums for maritime insurance.
## Indicators of Compromise
- **Behavioral indicators:** Vessels appearing "inland" on digital mapping tools; loss of GPS signal lock (No Fix); sudden jumps in AIS-reported positions (teleportation).
- **Network indicators:** Interference in the 1575.42 MHz (L1) and 1227.60 MHz (L2) frequency bands.
## Response Actions
- **Containment:** Vessels shifting to manual navigation (dead reckoning) or anchoring in safe zones.
- **Eradication:** Not possible by civilian actors as this is a state-level military action.
- **Recovery:** Rerouting of global trade where possible; ongoing intelligence monitoring by firms like Windward.
## Lessons Learned
- **Fragility of GNSS:** Commercial shipping remains overly reliant on GPS/GNSS, which is easily disrupted by state-level actors.
- **AIS Vulnerability:** The AIS system lacks encryption and authentication, allowing actors to project false "ghost" ships or move real ships on the map.
- **Geopolitical Correlation:** Kinetic military actions in 2026 are now near-certain to be accompanied by large-scale electronic and cyber disruption.
## Recommendations
- **Navigational Redundancy:** Training crews in non-GNSS navigation (radar pilotage, celestial navigation).
- **Resilient Hardware:** Deployment of Controlled Reception Pattern Antennas (CRPA) to mitigate jamming effects.
- **Intelligence Integration:** Subscription to real-time maritime threat intelligence to identify "risk zones" before vessels enter them.