#576: How to track dark ships using OSINT (with demos)
Get the full intelligence
Search transcripts, export clips, track mentions, and explore all topics from “#576: How to track dark ships using OSINT (with demos)” inside PodZeus.
Dark fleets—ships that evade sanctions by manipulating their identity or turning off tracking systems—are a growing global threat, and OSINT experts like Ray Baker are on the front lines of uncovering them. Using tools like MarineTraffic and TankerTrackers, analysts can detect suspicious behavior such as sudden AIS signal drops, name changes, flag swaps, and repainted hulls. The real danger lies not just in oil smuggling, but in the broader cyber risks: hacked cranes at ports, vulnerable AIS systems, and even the potential for cyberattacks on entire supply chains. Ray reveals how a single compromised port crane—like those made by Chinese manufacturers—could disrupt global logistics, as seen in the Suez Canal blockage. She emphasizes that while AI can accelerate investigations, it’s no substitute for foundational OSINT skills. Her work, which blends maritime analysis, cyber intelligence, and human trafficking detection, is driven by the hunt for patterns and the need to stay ahead of adversaries who constantly evolve their tactics. The episode underscores a critical truth: the ocean is a high-stakes battleground where invisible ships, hidden identities, and digital vulnerabilities converge. From Denmark’s historical toll system shaping modern maritime law to China’s island-building and maritime militia, the geopolitical stakes are immense.
Dark fleets evade sanctions by turning off AIS, changing names, flags, or repainting hulls—making them invisible to casual observers.
Use free tools like MarineTraffic, Equasis, and Google Earth to track ship movements, verify identities, and detect suspicious patterns.
AIS signals can be manipulated, but their absence or sudden reactivation is a red flag for illicit activity like cargo transfers.
Port cranes and ship systems are vulnerable to hacking—especially if they have Wi-Fi cameras or poor cybersecurity—potentially disrupting global supply chains.
Shodan can reveal exposed IoT devices like AIS systems on ships or ports, exposing them to cyberattacks.
…and 3 more takeaways available in PodZeus
The Rise of Dark Fleets and Cyber Threats at Sea
David Bombal opens with recent news about hacked Chinese cranes at U.S. ports, setting the stage for a deep dive into dark fleets—ships that evade sanctions by manipulating their identity or turning off tracking systems. The episode introduces Ray Baker, an expert in OSINT and maritime intelligence, and sets the tone for a technical yet accessible exploration of how these vessels operate and how they can be tracked.
Ray Baker’s Journey into OSINT and Maritime Intelligence
Ray Baker shares her unexpected path into OSINT—from graphic design to cybersecurity research, sparked by a blog about hacking a ship. She explains how her curiosity led her to specialize in maritime analysis, combining cyber, human, and technical intelligence to uncover hidden threats.
Understanding AIS: The Lifeline and Weakness of Ship Tracking
The episode breaks down how AIS (Automatic Identification System) works—required for ships over 300 tons—and how it’s exploited by dark fleets. Ray explains how ships can change their IMO number, flag, name, or paint over hulls to hide their identity, making them nearly invisible to casual observers.
Tracking Dark Ships with Free and Paid Tools
Ray demonstrates how to use platforms like MarineTraffic and TankerTrackers to monitor ship movements in real time. She highlights red flags such as sudden stops, erratic paths, and AIS signal drops, which often indicate illicit cargo transfers.
The Human and Cyber Dimensions of Maritime Security
Beyond tracking, Ray reveals how port infrastructure—like cranes and cameras—can be hacked. She shows how poor security on Chinese-made cranes at U.S. ports poses a real threat, and how attackers could pivot from a camera to the entire port network.
“they are standard fishing vessels. They work as a fishing vessel, well, 80%, 90 of the time. But they are kind of fitted with... rams and things like that so that when the coast guard, the Chinese coast guard or the military decides that”
“can be manipulated. So, that is what dark ships are doing. And that is why it's important to know kind of how AIS works.”
“If you think about a giant crane lifting a bunch of cargo, if it's one of our ports and the crane gets hacked, they could move the crane in a way that it destroys things.”
Host
Guest
Ray Baker
person
David Bombal
person
China
place
U.S.
place
MarineTraffic
organization
TankerTrackers
organization
UK
place
Equasis
organization
Denmark
place
Venezuela
place
#568: 5-Minute Cyber Hacks Everyone Should Know (2026)
David Bombal • 36m • 3/31/2026
#570: 100 Terabit Smart Switches: What You Need to Know
David Bombal • 36m • 3/31/2026
#572: How Cisco Protects AI Agents in Modern Data Centers
David Bombal • 14m • 3/31/2026
#573: WhatsApp Hackers for Hire on the Dark Web (Surprisingly cheap)
David Bombal • 27m • 4/7/2026
#574: Hacking Windows Active Directory in 10 minutes
David Bombal • 25m • 4/16/2026
Get the full intelligence
Search transcripts, export clips, track mentions, and explore all topics from “#576: How to track dark ships using OSINT (with demos)” inside PodZeus.
Start discovering podcast insights today
Start with a 7-day trial and explore a growing catalog of popular podcasts. No credit card required.
No credit card required • 7-day trial • Cancel anytime