In July 2019, the British-flagged oil tanker *Stena Impero*, operated by Stena Bulk, was targeted in a GPS spoofing cyber attack while transiting the Strait of Hormuz, a geopolitically sensitive and high-risk maritime chokepoint. The attack manipulated the vessel’s navigation systems, causing it to deviate into Iranian territorial waters in violation of maritime laws. Iran’s Revolutionary Guards subsequently seized the tanker and detained its 19 crew members for 19 days, escalating tensions between the UK and Iran. Investigations by Britain’s MI6 later suggested state-sponsored involvement, potentially linking the incident to Iran or Russia as retaliation for the UK’s earlier seizure of an Iranian oil tanker in Gibraltar.The attack disrupted global shipping operations, raised concerns over maritime cybersecurity vulnerabilities, and demonstrated how GPS spoofing could be weaponized to manipulate critical infrastructure. The incident also strained diplomatic relations, with the UK deploying naval assets to protect commercial vessels in the region. While no direct physical harm or data breach occurred, the operational and reputational damage to Stena Bulk was significant, given the high-profile nature of the seizure and the geopolitical implications of the attack. The case underscored the growing threat of cyber-enabled disruptions in maritime logistics, particularly in conflict-prone regions.
TPRM report: https://www.rankiteo.com/company/stena-bulk
"id": "ste407092125",
"linkid": "stena-bulk",
"type": "Cyber Attack",
"date": "7/2019",
"severity": "100",
"impact": "8",
"explanation": "Attack that could bring to a war"{'affected_entities': [{'industry': 'Maritime/Shipping',
'location': 'Strait of Hormuz, Iran',
'name': 'Stena Impero',
'type': 'Oil tanker (vessel)'},
{'industry': 'Maritime/Shipping',
'location': 'United Kingdom',
'name': 'Stena Bulk (operator of Stena Impero)',
'type': 'Shipping company'}],
'attack_vector': 'GPS spoofing',
'date_detected': '2019-07',
'date_publicly_disclosed': '2019-07',
'date_resolved': '2019-07-19',
'description': 'In July 2019, the British-flagged tanker Stena Impero was '
'reportedly victim to an alleged GPS spoofing incident in the '
'Strait of Hormuz, Iran, causing the vessel to violate '
'maritime regulations. The ship was subsequently seized by '
"Iran's Revolutionary Guards, and its 19 crew members were "
"held in confinement for over 19 days. Britain's MI6 "
'investigated the incident and suggested that Iran and/or '
'Russia may have been involved in deliberately spoofing the '
'ship into Iranian waters. This incident is considered a '
'follow-up to the seizure of an Iranian ship by Britain in '
'Gibraltar two weeks earlier. The region is a high-risk area '
'for vessels, with a similar incident occurring in 2016 '
'involving two U.S. Navy ships allegedly spoofed into Iranian '
'waters before being seized.',
'impact': {'brand_reputation_impact': ['Negative media coverage',
'Geopolitical tensions',
'Perceived vulnerability in maritime '
'security'],
'downtime': '19 days (crew confinement)',
'legal_liabilities': ['Potential violations of maritime law',
'Diplomatic disputes'],
'operational_impact': ['Vessel seizure',
'Crew detention',
'Violation of maritime regulations'],
'systems_affected': ['GPS navigation system']},
'initial_access_broker': {'entry_point': 'GPS signal manipulation (spoofing)',
'high_value_targets': ['Maritime vessels in '
'geopolitically sensitive '
'regions']},
'investigation_status': 'Closed (resolved via diplomatic means; MI6 '
'investigation concluded)',
'lessons_learned': ['GPS spoofing poses significant risks to maritime '
'navigation in geopolitically sensitive regions.',
'Need for enhanced cyber-resilience in maritime GPS '
'systems.',
'Importance of real-time monitoring and verification of '
'navigation data.',
'Diplomatic and cybersecurity coordination is critical in '
'high-risk maritime areas.'],
'motivation': ['Geopolitical retaliation',
'Maritime disruption',
'Hostage-taking'],
'post_incident_analysis': {'corrective_actions': ['UK and allies enhanced '
'maritime cybersecurity '
'protocols.',
'Increased use of '
'alternative navigation '
'methods in high-risk '
'areas.',
'Diplomatic efforts to '
'de-escalate tensions in '
'the Strait of Hormuz.'],
'root_causes': ['Lack of redundant navigation '
'systems to detect GPS spoofing.',
'Geopolitical tensions escalating '
'cyber-physical risks in maritime '
'domains.',
'Insufficient real-time monitoring '
'of navigation anomalies.']},
'recommendations': ['Implement multi-layered navigation verification systems '
'(e.g., inertial navigation backup).',
'Conduct regular cybersecurity audits for maritime GPS '
'and communication systems.',
'Enhance crew training on cyber threats to maritime '
'navigation.',
'Strengthen international cooperation on maritime '
'cybersecurity standards.',
'Issue advisories for vessels transiting high-risk areas '
'like the Strait of Hormuz.'],
'references': [{'source': 'BBC News',
'url': 'https://www.bbc.com/news/world-middle-east-49157386'},
{'source': 'The Guardian - MI6 investigation',
'url': 'https://www.theguardian.com/world/2019/jul/23/iran-seizure-of-british-tanker-may-have-involved-gps-spoofing'},
{'source': 'Maritime Executive - 2016 U.S. Navy GPS spoofing '
'incident',
'url': 'https://www.maritime-executive.com/article/us-navy-ships-fell-victim-to-gps-spoofing-in-2016'}],
'regulatory_compliance': {'legal_actions': ['Diplomatic protests',
'International maritime '
'investigations'],
'regulations_violated': ['Maritime regulations '
'(unauthorized entry into '
'Iranian waters)'],
'regulatory_notifications': ['Reported to '
'International '
'Maritime Organization '
'(IMO)',
'UK Maritime and '
'Coastguard Agency']},
'response': {'communication_strategy': ['Public statements by UK government',
'Media briefings',
'Maritime advisories for Strait of '
'Hormuz'],
'containment_measures': ['Diplomatic negotiations for crew '
'release',
'Vessel recovery efforts'],
'enhanced_monitoring': ['Increased vigilance in GPS navigation '
'systems for maritime vessels in '
'high-risk areas'],
'incident_response_plan_activated': 'Yes (by UK government and '
'Stena Bulk)',
'law_enforcement_notified': 'Yes (UK authorities, international '
'maritime organizations)',
'recovery_measures': ['Crew repatriation after 19 days',
'Vessel released after diplomatic '
'resolution'],
'third_party_assistance': ['UK government (MI6 investigation)',
'Diplomatic efforts']},
'stakeholder_advisories': ['UK government advisories for vessels in the '
'Strait of Hormuz.',
'International Maritime Organization (IMO) '
'circulars on GPS spoofing risks.',
'Maritime cybersecurity guidelines updated '
'post-incident.'],
'threat_actor': ['Iran (alleged)', 'Russia (alleged)'],
'title': 'GPS Spoofing Incident Involving Stena Impero in the Strait of '
'Hormuz',
'type': ['GPS spoofing',
'Maritime cyber incident',
'Geopolitical cyber operation'],
'vulnerability_exploited': 'Weakness in GPS navigation systems '
'(susceptibility to spoofing)'}