Hi everyone, I’m Robert Carr, Second Officer (Navigation) on a container vessel. I want to share one of the most unusual incidents I’ve encountered on the bridge and the lessons we learned.

We were transiting the busy South China Sea overnight when our radar suddenly picked up a “ghost” vessel heading straight toward us. On the AIS display it showed up as “UNKNOWN VESSEL” with no MMSI or name. Satellite coverage in that corridor is normally flawless, so seeing a target like that in open water was highly suspicious.

My first thought was a system glitch, so we rebooted the AIS terminal and checked all cables—yet the “vessel” remained on screen. I compared the target’s position and course with the VTS bulletin: there was no real traffic there. It became clear this was an AIS spoofing attempt, likely someone testing network vulnerabilities or pulling pranks on passing ships.

I alerted the captain immediately. We switched to manual radar plotting and visual lookout, tightened our watch rotations, and notified the nearest coastal authority. By morning, other vessels in the area reported identical “ghost” targets—confirming a coordinated spoofing exercise rather than a one-off glitch.

Here’s what I took away from the incident:

1. Never trust automation 100%. AIS and electronic systems are invaluable, but they’re not infallible. Always cross-check targets with radar, visual sighting, and VHF inquiries.
2. Document everything. We logged the spoofed target’s coordinates, course, and timestamps, captured screenshots of the AIS logs, and handed this data to the coast guard. Detailed records helped authorities trace the spoofing source and warn other ships.
3. Train your watch team. Since then, I’ve run quick cyber-security briefings for all watch officers on recognizing spoofing. Simple procedures—like querying nearby vessels on VHF Channel 16 or toggling AIS display filters—can prevent confusion in critical moments.
4. Prepare for evolving threats. As navigation relies more on digital systems, cyber-risks grow more sophisticated. Regular software updates, secure AIS configurations, and ongoing crew training are essential.

We cleared the corridor without further incident and ended our watch safely, but this event reinforced a vital truth: in the digital era, human vigilance remains the cornerstone of safe navigation.