
A few months ago, while researching a paper on maritime security, I kept running into the same strange fact: ships in some of the world’s most dangerous waters are switching off the very systems designed to keep them safe. Not by accident. On purpose, and with growing regularity. The more I dug into it, the more it seemed worth writing about outside the confines of an academic paper, because it says something uncomfortable about where merchant shipping actually stands right now.
Here’s the short version. AIS — the Automatic Identification System every deck cadet learns about early — was built for one job: collision avoidance. It broadcasts a vessel’s identity, position, course, and speed on open VHF frequencies every few seconds, so that everyone nearby knows everyone else is there. That’s the whole idea. Except “everyone nearby” now includes people it was never meant for. In the southern Red Sea, Houthi targeting cells have been documented using the same commercial AIS tracking platforms that port authorities and shipping lines use, just to find and hit specific vessels. A safety system has quietly become a targeting system, and nobody redesigned it to account for that.
SOLAS technically allows a Master to switch AIS off if safety or security demands it, but the rule never actually says when that threshold is crossed. So officers are left making a judgment call, alone, in real time, with no clear line to point to afterward. That gap between what the regulation assumes and what’s actually happening at sea is really the whole subject of this piece.
Going dark isn’t one action, it’s a discipline
What I found interesting is that “going dark” isn’t a single switch. It’s closer to a set of habits, each one closing off a different way of being found.
The most basic version is simply turning the AIS transponder off. It works reasonably well against low-tech threats — pirate groups with a receiver and not much else. During the worst years of Gulf of Guinea piracy, crews who adopted this consistently saw fewer successful boardings, because they’d removed the real-time positional data that syndicates relied on to plan an approach.
But turning off AIS alone doesn’t make a ship invisible, it just makes it slightly quieter. VSAT terminals, Fleet Broadband, radar, even the crew’s Wi-Fi all give off their own detectable signal. Anyone running proper signals intelligence in the area can still find a vessel that’s switched off its transponder but left everything else running. Full EMCON means shutting down all of it, which is a much harder discipline to maintain on a working ship where people still want to call home.
Then there’s spoofing, which is a different approach entirely — not hiding, but lying. A manipulated GPS offset can shift a vessel’s reported position by tens of nautical miles; documented cases in the Black Sea put the displacement at up to 30 nautical miles. Some ships go further and clone another vessel’s MMSI number outright, which produces two versions of the same “ship” appearing on monitoring systems at once. The hardware for this isn’t exotic or expensive anymore, which is part of why it’s spreading.
And then there’s the cheapest trick of all — just typing a message into the AIS free-text field and hoping it works. Crews have broadcast things like “ALL CHINESE CREW” or “HUMANITARIAN VESSEL,” essentially trying to talk their way out of being a target. It costs nothing, changes no equipment, and there’s honestly no strong evidence it does anything against a serious, disciplined adversary. But it’s free, so people try it anyway.
An old trick, repurposed
None of this started with the current conflicts. The basic template — go dark, transfer cargo ship-to-ship somewhere quiet, come back under a different flag — was worked out over a decade ago by Iranian and Venezuelan operators trying to move sanctioned oil. After 2022, the same playbook scaled up fast, with somewhere between 400 and 600 ageing tankers forming what’s now called the Russian shadow fleet, moving crude entirely outside Western insurance frameworks using near-identical methods.
What actually shifted the reputation of the technique was piracy, not sanctions. When masters in the Gulf of Guinea — dealing with the highest crew kidnapping rates anywhere in the world at the time — started going dark purely to protect their crews, insurers had to reconsider their blanket assumption that any AIS disablement meant something shady was happening. It became, for the first time, a defensible safety decision rather than an automatic red flag.
What the Epaminondas incident actually proved
This is the part of the research that stuck with me the most. In March 2026, the tanker Shenlong ran a full EMCON transit through the Strait of Hormuz — AIS off, radar passive, satcom dark — and got through without incident. It looked like proof the method works. Then, on April 21, 2026, the MSC Epaminondas, operating under what should have been an equally dark configuration, was hit in a drone attack anyway.
The post-incident analysis is the important bit. The vessel was found not through AIS, not through radio intercept, but through satellite radar imaging and infrared thermal detection — methods that don’t care in the slightest whether your transponder is on or off. That’s the real limit of this whole approach. Going dark works reasonably well against a pirate with a laptop and an AIS feed. It does close to nothing against a state actor watching from orbit. That’s not a small caveat, it’s the central finding.
The cost of silence
And going dark isn’t free even when it does work. In crowded shipping lanes — the Strait of Hormuz, the Dover Strait, the Singapore Strait — an AIS-dark vessel simply doesn’t exist on the traffic picture of every ship around it, which removes their ability to take early avoiding action under COLREGS Rule 16. Lloyd’s data shows a 30% rise in near-miss incidents in AIS-dark corridors during the worst of the Red Sea tensions. Bridge teams trained for years on integrated ARPA/AIS displays also feel the strain of running without them — a genuine gap that training institutes will need to take seriously, because manual watchkeeping skills don’t stay sharp on their own.
Then there’s the legal exposure, which is arguably the least discussed part of all this. Because the SOLAS security exception has no defined threshold, a Master who decides to go dark is doing so without any real legal cover. If a collision happens while dark, P&I coverage becomes genuinely contestable, and the financial exposure for the shipowner — and the officer who made the call — can be enormous. One 2024 grounding involving a shadow fleet tanker left an estimated USD 35–50 million in uninsured losses.
Where this actually needs to go
The honest conclusion of my research isn’t “ships should go dark more carefully.” It’s that the underlying system needs to change. Two ideas seem genuinely workable. One is an encrypted, tiered version of AIS, where every vessel keeps transmitting, but only verified recipients — VTMS operators, naval escorts, bodies like MPA Singapore — can actually decode who and where the ship is. Everyone else just sees a generic marker. The other is building passive sensing directly into the bridge — LIDAR and infrared imaging that let an officer maintain a full traffic picture without transmitting anything at all, which solves the collision-risk problem that pure silence creates.
Alongside both of these, the SOLAS security exception simply needs an actual, written threshold, so masters aren’t improvising a legal defense after the fact. And GPS spoofing in international waters probably deserves to be treated as a wrongful act under UNCLOS rather than a grey area.
None of this is a criticism of the crews making these calls — they’re doing the best they can with a rulebook that was never written for the world they’re now sailing through. But that gap is exactly why it belongs on the IMO’s desk, not just on a Master’s shoulders at three in the morning somewhere off Yemen.

