Astaara Update to interested parties on ongoing US-Israeli War (“Operation Epic Fury”) with Iran - 12 March
ASTAARA is West P&I's cyber security partner, providing specialist cyber risk intelligence, advisory and insurance solutions to the maritime and energy sectors.
1. PURPOSE
The purpose of this memorandum is to share information with our shipowners and brokers on known developments within the Persian Gulf from an operational / cyber and insurance perspective. Sources of the content are MTO and associated agencies.
2. GENERAL SITUATION (UPDATED)
The 28th Feb 2026 and onwards ‘Epic Fury’ attacks on Iran by Israel and the US will almost certainly increase the cyber threat regionally in the medium term. Other, possibly non-regional, hostile cyber threat actors may be encouraged in the ‘fog of war’ to attack elsewhere while masking their true intentions, and there are a number of Tier 2 Iranian proxies who may well launch attacks on infrastructure as the kinetic conflict continues.
Meanwhile competent authorities are reporting a significant increase in GNSS spoofing and jamming, requiring Masters and crews to be extra vigilant and cautious in their navigation.
Currently the threat is non-specific i.e. anyone is a target, with the objective being to cause maximum disruption globally. While on 12th March the newly appointed Supreme Leader issued a statement in familiar bellicose terms, Mojtada Khamenei has yet to be seen in person.
3. MTO GUIDANCE (UPDATED)
12th March. The regional maritime threat environment across the Arabian Gulf, Strait of Hormuz, and Gulf of Oman remains CRITICAL. On 12 March, three additional commercial vessels were struck within the Arabian Gulf, including the laden tanker ZEFYROS, laden tanker SAFESEA VISHNU, and the container vessel SOURCE BLESSING. The attacks underscore the continued risk to merchant mariners operating in the region.
Since the start of hostilities, more than twenty maritime incidents involving commercial vessels and offshore infrastructure have been reported across the Arabian Gulf, Strait of Hormuz, and Gulf of Oman. The incidents involve a wide range of vessel types and flag states, with no consistent pattern of Western ownership linkage, suggesting that the current strike pattern reflects a campaign aimed at broad maritime disruption rather than selective vessel targeting.
Recent incidents indicate that attacks are no longer confined to transit corridors and may occur across a broad operating area of the Arabian Gulf, including anchorages, Ship-to-Ship (STS) operations, and port approaches.
Authorities believe there is ‘almost certainly’ a heightened risk of indirect cyber threat for those organisations and entities who have a presence, or supply chains, in the Middle East. And Iranian state and Iran-linked cyber actors almost certainly currently maintain at least some capability to conduct cyber activity.
3.1. GNSS SPOOFING / INTERFERENCE (UPDATED)
The UK MTO has reported significant GNSS interference, spoofing, and jamming continue across the Strait of Hormuz approaches, Gulf of Oman, and the Arabian Gulf.
On 12 March, more than 600 GNSS disruption events were reported within the operational area based on aggregated open-source monitoring and maritime reporting. Documented impacts include:
→ positional ofsets
→ AIS anomalies
→ intermittent signal degradation
These effects are impacting several hundred maritime assets.
In the Eastern Mediterranean, similar disruptions are reported near naval activity and task groups. In the Red Sea, interference remains concentrated near the Bab el-Mandeb Strait.
Given the degraded positional integrity environment, mariners should consider increased reliance on traditional navigation methods, including radar ranges, visual bearings, and cross-checking ECDIS inputs with secondary navigation systems.
3.2. Recommended Measures:
→ Cross-check GPS position with radar ranges and visual bearings.
→ Validate ECDIS with secondary navigation systems.
→ Increase bridge manning in constrained waters.
→ Treat anomalous VHF communications cautiously and verify identity.
→ Include offshore activities and port operations in all threat and risk assessments.
4. ASTAARA INSURANCE MARKET UPDATE (UNCHANGED)
The AstaaraCyber Marine policy is not cancelled and provisions for such do not apply within the current iteration of the policy. Thus, cover continues, and brokers are reminded that cover for Terror and Confiscation risks are covered by virtue of carve outs from Cyber War Exclusion as per AstaaraCyber Marine Conditions 2.0