Navigating Maritime OSINT, Sanctions Compliance, and the Rise of the “Shadow Fleet”

DALL·E 2025-01-27 19.54.24 - A minimalist screen print-style illustration of a single maritime shadow fleet tanker. The design emphasizes bold black and white elements with subtle

Renowned naval strategist Alfred Mahan referred to maritime trade routes as the “wide common”, signifying an open, ungoverned space. Heavily influenced by Mahan, President Teddy Roosevelt built the ‘Imperial Fleet’ to sail around the world in a show of force with the greatest Navy in the history of the world. Wilson’s second of Fourteen Points included “Economic free trade on the seas during war and peace.” The United States Navy and her allies have blunted adversaries through two World Wars, the Korean War, arguably started US involvement in Vietnam, and prevented countless other conflicts through shear deterrence.

The wide common is threatened today by shadow fleets and simple electronic ‘spoofing’, subverting world markets, conducting sabotage operations amongst global data flows, and we write this, NATO has deployed regular Naval patrols in the Baltic Sea to prevent further nefarious undersea cable cutters. To some amateur historians and veterans of wars past, the world is already at war. To others, we are headed straight for a world war – and it won’t be a war that is limited to soldiers and sailors.

With mounting sanctions levied against foreign adversaries and the covert use of so-called “shadow fleets” to transport sanctioned oil, goods, or weapons, organizations face heightened risks and responsibilities. Insurance companies and small to medium-sized companies find themselves in the middle of geopolitical tensions as international trade is more accessible today than it ever has been.

Recently on the Shadow Dragon Podcast (Season 4, Episode 1), host Nico “Dutch OSINT Guy” Dekens and co-host David Cook sat down with Rae Baker, a distinguished open-source (OSINT) and maritime intelligence analyst. Their conversation shed valuable light on why maritime OSINT is crucial, how sanctions can be circumvented using shady maritime practices, and what insurance companies and risk managers need to do to stay compliant.


1. Why Maritime Operations Are Under the Spotlight

  • Global Trade Lifeline: Over 90% of global trade is conducted by sea. This makes maritime routes a prime area of focus for sanctions enforcement and for those looking to evade those same sanctions.
  • Geopolitical Hotspots: Regions like the Black Sea, South China Sea, the Bab-el-Mandeb Strait, and Arctic shipping lanes have seen escalations that can directly affect shipping patterns and insurance risk models.
  • Sanctions and Compliance Challenges: As more sanctions target specific regions, vessels, or shipping companies, it’s become essential for all stakeholders—especially insurers—to closely monitor vessel movements, ownership structures, and cargo histories.

2. What Is the “Shadow Fleet”?

The term “shadow fleet” has garnered headlines as bad actors employ fleets of seemingly legitimate vessels to transport sanctioned goods—often oil, but potentially weapons or other contraband as well.

  • AIS Manipulation: Vessels can turn off or spoof their Automatic Identification System (AIS), obscuring true locations or broadcasting false signals.
  • Shell Companies: Ownership is often buried under layers of shell corporations, making it difficult for regulators and insurers to pinpoint ultimate beneficiaries.
  • Mid-Sea Transfers: Shadow fleet tankers frequently conduct ship-to-ship transfers in remote waters, changing cargo mid-route to launder supply chains.

3. Key Takeaways for Insurance and Risk Management

Insurers face significant liabilities if they underwrite vessels or cargoes linked to sanction violations. Here’s how to mitigate the risks:

  1. Leverage Maritime OSINT Platforms
    • Marine Traffic, FleetMon, or AIS Data Services: Monitor vessel drafts (how high or low a ship sits in the water), which can indicate if cargo was offloaded or added.
    • Specialized Sanctions Databases: Tools like Dow Jones Risk & Compliance help screen companies, vessels, and individuals named in sanctions lists.
  2. Conduct Thorough Ownership Investigations
    • Shell Company Layering: Always look beyond the first or second corporate entity. Many sanctioned fleets hide behind layers of LLCs in multiple jurisdictions.
    • Historical Tracking: Investigate a vessel’s historical routes for anomalies, and cross-reference with known hotspots for illicit activity.
  3. Use Satellite Imagery Wisely
    • Validate AIS Data: Satellite snapshots can confirm or dispute a vessel’s self-reported location.
    • Watch for Ship-to-Ship Transfers: Persistent or suspicious loitering in open water could signal illicit cargo handoffs.
  4. Assess Crew and Social Media
    • Crew Background: Conduct OSINT investigations on crew members (e.g., via LinkedIn or even fitness apps like Strava) can reveal patterns or port calls.
    • Social Media Posts: Bored crew members often post photos or videos from onboard, inadvertently exposing security details or cargo specifics.

4. How Sanctions Evasion Affects the Insurance Industry

  1. Financial Exposure: If underwriters insure cargo later found to be part of a sanctions breach, they may face significant fines and reputational damage.
  2. Legal Repercussions: Regulatory bodies like OFAC (Office of Foreign Assets Control) in the U.S. or the EU’s sanction authorities aggressively pursue companies failing to meet due diligence standards.
  3. Increased Premiums: The heightened risk environment often leads to adjusted insurance premiums, as underwriters price in potential compliance pitfalls.

5. Tools and Techniques for Enhanced Compliance

  • Artificial Intelligence (AI) and Analytics
    AI-powered platforms can sift through millions of data points—satellite images, AIS signals, shipping databases—to flag suspicious patterns in near real time.
  • Cross-Referencing Maritime Databases
    A best practice is to consolidate data from multiple sources (Lloyd’s List, IHS Markit, and classification societies) for more comprehensive vessel oversight.
  • Continuous Training
    Equip your compliance team with OSINT skills to interpret large data sets, track anomalies, and verify vessel identities.

6. The Human Element: Cultivating Expertise in Maritime OSINT

  • Focus on Regional Expertise: Trying to track every region at once is overwhelming. Analysts and risk officers should specialize in specific hotspots (e.g., Black Sea, Red Sea, South China Sea) for deeper insight using public and commercially available data.
  • Methodology Matters: Baseline normal shipping patterns so you can quickly spot anomalies. This approach is especially valuable for detecting unusual draft changes or port calls.
  • Community and Collaboration: Share insights and collaborate. Even partial information from different analysts can form a more complete picture when pieced together carefully.

7. Future Outlook: AI, Cybersecurity, and Regulatory Pressures

  • Rapidly Evolving AI Tools: As AI becomes more integral, expect next-generation solutions to refine anomaly detection, identify vessel spoofing, and improve real-time risk assessments.
  • Cyber Threats at Sea: With increased digitization, vessels are now cyber targets. A misconfigured satellite radio or unpatched systems can offer hackers (or hostile states) a way to track or even hijack maritime operations.
  • Stricter Enforcement: Sanctioning bodies worldwide are stepping up enforcement through multi-agency collaborations. Insurance companies will be under increasing scrutiny to prove compliance protocols are robust.

Rae Baker: “We’re at a point where maritime OSINT touches all aspects of open-source techniques—corporate records, shipping databases, people investigations, and even cyberthreat intelligence. Staying compliant will demand a broader skillset.”


8. Key Recommendations for Insurance and Compliance Teams

  1. Invest in Multi-Source OSINT Tools
    • Combine AIS-based tracking with advanced satellite imagery for real-time situational awareness.
  2. Strengthen Due Diligence
    • Go beyond the first layer of vessel ownership. Keep an updated registry of shell companies and watchlists.
  3. Implement Regular Staff Training
    • Train underwriters, risk officers, and analysts on emerging maritime intelligence techniques and evolving regulations.
  4. Adopt AI Responsibly
    • Use AI to enhance, not replace, human analysis. Validate AI outputs with contextual, domain-specific knowledge.
  5. Monitor Crew and Shore-Based Activities
    • Review open-source social media for operational security gaps. Employees can inadvertently leak location or cargo details.

Conclusion

The maritime domain is an ever-shifting battleground of sanctions, geopolitics, and illicit “shadow fleets.” For insurers and compliance teams, the stakes couldn’t be higher. By leveraging robust OSINT practices—ranging from AIS data correlation and satellite imagery analysis to a crews’ social media accounts—organizations can stay a step ahead.

As Rae Baker emphasizes, “You need the historical context of a region, combined with ongoing OSINT diligence, to quickly spot anomalies and mitigate risks.” For insurance companies and risk managers, adopting these strategies now will be critical for long-term compliance and operational security.


About Our Guest: Rae Baker

Rae Baker is a senior OSINT analyst with deep expertise in maritime intelligence. Author of “Deep Dive: Exploring the Real-World Value of Open Source Intelligence,” and soon releasing a book on harnessing AI in OSINT, Rae is a frequent speaker at cybersecurity and intelligence conferences worldwide. Connect with Rae on LinkedIn, her website, or on social media (Twitter/BlueSky: @Wondersmith_Rae) to stay updated on the latest in maritime security.


Have Questions or Need Assistance?
Contact our team at Shadow Dragon for more insights into leveraging OSINT tools and best practices for maritime risk management and sanctions compliance. We’ll ensure your organization navigates the treacherous waters of modern maritime threats—and does so in full compliance with international regulations.

Avatar photo

David Cook

David spent a decade in the US Army with both conventional and special operations forces focused on the Middle East. After leaving the military, David worked for a Member of Congress focused on technology, foreign affairs, and national security before developing policy and strategy for both the Army OSINT Office and the Defense Intelligence Agency. David is also the Executive Director for the Special Operations Association of America - a Veteran Service Organization based in Virginia.
Scroll to Top