A couple of hours ago, in what appeared to be the latest development in the cat-and-mouse naval activities being played out by Russia and NATO in the Black Sea, online ship tracking services showed the U.S. Navy’s Arleigh Burke class destroyer USS Ross (DDG-71), sailing together with a Ukrainian patrol boat just five miles off the coast of the contested Crimean Peninsula in the middle of the night. The Navy has denied that ship was ever anywhere near Crimea. What looked at first sight like a deliberate passage through what NATO recognizes as Ukrainian territorial waters, but which are also claimed by Russia, now seems to have been a case of deliberate spoofing of maritime tracking data, something that also occurred two weeks ago in the same area.
Earlier this evening, MarineTraffic and VesselFinder, aggregators that provide real-time information on ship movements, showed USS Ross sailing very close to the Crimean coast, causing a big stir in the online open source intelligence community. If true, this would have put the ship closer to the Russian-occupied peninsula than the U.K. Royal Navy’s Type 45 destroyer HMS Defender had been on June 23. In that instance, the British ship had sailed within around 10 miles of Crimea, prompting a response from Russia’s security forces. The Kremlin claimed that its military aircraft dropped bombs in front of the warship and that its patrol boats fired warning shots to ward it off. Russia seized the Crimean Peninsula from Ukraine in 2014 and now considers the waters around it to be part of its national territory. The United States and the United Kingdom, among many other members of the intentional community, do not recognize Moscow’s authority over Crimea.
However, while online ship tracking appeared to show that USS Ross was underway very close to Crimea, accompanied by the Ukrainian Matka class hydrofoil patrol boat Priluki, also known by its hull number U153, in reality, the U.S. Navy destroyer was sitting in a harbor. This was initially evidenced by a live webcam feed hosted on YouTube that shows the vessel in the Ukrainian port of Odesa.
USS Ross is currently in the region to take part in the latest iteration of the annual U.S. Navy-led Sea Breeze exercise, which began yesterday. The destroyer, which is forward-deployed at Naval Station Rota, Spain, and assigned to Commander, Task Force 65, entered the Black Sea on June 26, according to the U.S. Navy. The official Twitter account for the exercise has also now confirmed that the destroyer was in the port of Odesa when the online tracking showed it off Crimea.
As for the Ukrainian patrol boat, it seems highly unlikely that it would attempt a solo mission, even by night, so close to Russian-controlled Crimea. The two countries are effectively at war and, in 2018, Russia seized two other Ukrainian patrol boats, as well as a tug, and detained their crews after a violent altercation in the Kerch Strait, which links the Black Sea with the Sea of Azov. This strongly suggests that the location data available online for Priluki tonight was also spoofed.
Interestingly, a previous case of apparent automatic identification system (AIS) spoofing in the Black Sea took place on June 18 and was reported several days later by USNI News. This incident involved HMS Defender together with the Royal Netherlands Navy frigate Evertsen. In that instance, MarineTraffic showed the warships sailing within just two nautical miles of the Russian naval base at Sevastopol in Crimea. In reality, they were some 180 miles away, also in Odessa, where they arrived earlier in the day. Once again, live webcam feeds showed that the two warships remained in the harbor the entire time.
Both Defender and the Evertsen are in the Black Sea having temporarily detached from the U.K. Royal Navy-led Carrier Strike Group 21, or CSG21, which is based around the aircraft carrier HMS Queen Elizabeth and that is currently undertaking operations in the eastern Mediterranean, closely monitored by Russia.
Of course, as already noted, after the previous AIS spoofing incident, HMS Defender did indeed sail close to Crimea. The United Kingdom has insisted that the warship was “conducting innocent passage through Ukrainian territorial waters in accordance with international law.” Claims and counter-claims have followed, including Russia releasing video of supposed warning shots fired from a Russian Border Guard patrol boat. Defender was so far away at the time that it may well not have been aware that this fire was being directed at it, which is what the British authorities had claimed at the time.
As for the Evertsen, the Royal Netherlands Navy only today released details of an apparent incident in international waters on June 24. The Dutch claim that the frigate was harassed by Russian fighter jets, and released photos of the flybys by Su-30SM fighter jets, one of which, at least, was armed with anti-ship missiles.
At this point, we can’t say how sophisticated these spoofing incidents may have been, but in the past, there has also been GPS spoofing traced to the Russians in the Black Sea. The application of electronic warfare, in general, is extremely widespread in the region.
We also don’t know how or why these attempts to falsify the AIS data might have been made. According to the USNI News analysis of the first spoofing event, AIS positions were provided to MarineTraffic by a receiver station in Chornomorsk, close to Odessa, and the same data was also shared with other AIS aggregators, too.
Ultimately, the efforts failed, due to a combination of live webcam feeds, plus keen-eyed observers on the ground and in the digital domain. The incidents do, however, reinforce the need for caution when it comes to examining real-time information relating to ship or aircraft movements since they don’t necessarily show us the real picture of what’s happening. As for the goals of such an operation, that remains to be seen, but eroding the trust in this data among foreign observers and the military could benefit Russia.
Regardless, we’ll keep you updated on this strange situation as we continue to learn more.
Contact the author: email@example.com