The threats I actually plan for.

What it is. AIS — the Automatic Identification System that broadcasts vessel position, speed, and identity — has no authentication. Anyone with a software-defined radio and an open-source transmit stack can broadcast false vessel positions. Ghost ships, phantom fleets, wrong collision vectors. It costs less than $100 to do at scale.

What 32°N does about it. The chart app cross-references AIS targets against radar returns, AIS history, and the vessel's own GNSS track. Statistically implausible targets — sudden appearances at speed, inconsistent heading/speed vectors, zero-history vessels in congested water — are flagged visually. We don't block AIS data; we annotate confidence.

What you should do. Treat AIS as advisory, not authoritative. Use radar independently on night passages and in shipping lanes. If a vessel's AIS track is inconsistent with what you can see or what the radar shows, trust the radar.

What it is. Most NMEA-2000 gateways ship with a web admin panel and default credentials — admin/admin, admin/1234, or a password printed on the underside of the device that nobody changes. The admin panel is usually reachable by anything on the boat's WiFi, including every phone your crew has connected. A compromised credential means full control of what the gateway reports to the bus.

What 32°N does about it. The security scanner app includes a check for known default-credential combinations on the devices it can reach. During initial setup, it prompts to change default credentials before completing registration. The device registry only admits hardware that has completed the setup checklist.

What you should do. Change the admin password on every gateway, chart plotter, and instrument before it goes live on the network. Check the manufacturer's site for firmware updates — many vendors have patched this silently without announcing a CVE. Put gateway admin panels on a dedicated VLAN that crew devices can't reach.

What it is. Marina WiFi is shared, often open or shared-password, and physically accessible to people who paid a nightly fee. An attacker in the marina can run a passive capture, strip TLS from older clients with HSTS bypass tools, or set up a rogue access point with the same SSID as the marina network. Any unencrypted boat traffic — position updates, weather data, login flows on apps that haven't enforced HTTPS — is readable in cleartext.

What 32°N does about it. All traffic between the hub and cloud services uses TLS 1.3 with certificate pinning. The sync service is designed to be safe over untrusted networks — it authenticates both ends before transmitting. No plaintext protocol support is included for any platform service.

What you should do. Use a cellular connection rather than marina WiFi for any cloud sync when in port. If you must use marina WiFi, run a VPN tunnel to a server you control before connecting the hub. Treat marina networks with the same suspicion as airport WiFi — they're shared infrastructure you don't own.

What it is. Some older multi-function displays publish a web admin panel on their assigned IP. If the boat's router does NAT traversal, port forwarding, or the marina provides a public IP directly, that admin panel can be reachable from the open internet without any authentication. Shodan indexes thousands of exposed marine electronics. This is not theoretical.

What 32°N does about it. The scanner app checks for internet-exposed services during its initial assessment. Any service reachable from outside the boat's local network without authentication is flagged as critical. The setup guide for the hub explicitly covers NAT configuration and recommends against port forwarding for any device that isn't the hub itself.

What you should do. Audit your router's port-forwarding rules today. Nothing on the boat should be directly internet-accessible except the hub's controlled ingress. Run the 32°N scanner app and look at everything listed under "network exposure." If you don't know what a service is, close its port first, investigate second.

What it is. A popular marine app — chart plotter, weather, anchor alarm — pulls in open-source dependencies. One of those dependencies is taken over by a hostile actor who publishes a malicious version. The app auto-updates and ships the compromised dependency to every boat running it. The attacker now has code execution on the hub, with access to every sensor feed.

What 32°N does about it. The app registry requires signed builds. Every app published through the platform produces a reproducible build with a software bill of materials (SBOM). Updates go through the same registry review as initial publication. The platform's scanner app is specifically designed to detect anomalous behavior from installed apps — unexpected outbound connections, filesystem access outside permitted paths, unusual sensor queries.

What you should do. Only install apps from the 32°N registry. Review the SBOM for any app before installing it, particularly for apps that request access to navigation data or the NMEA bus. Enable update notifications and review changelogs before accepting updates for safety-critical apps like anchor watch or collision avoidance.

What it is. A cruiser's forum post says "here's a firmware update for the Garmin/Raymarine/Furuno that fixes that annoying bug." The file is hosted on a personal Google Drive or a third-party forum attachment. The firmware is unsigned, unverified, and potentially modified. Installing it replaces the device's operating system with something you have no assurance about. This is a textbook implant vector.

What 32°N does about it. The scanner app checks installed firmware versions against known-good hashes from manufacturer sources. It flags firmware that doesn't match the manufacturer's published checksums. The platform's device registry records the firmware version at registration time, so any change is visible in the audit log.

What you should do. Only install firmware from the device manufacturer's official download page. Verify the checksum against what the manufacturer publishes before flashing. Never install firmware from forums, file sharing sites, or "helpful" crew members unless you can independently verify it matches a manufacturer-signed release.

What it is. The hub is a Mac mini in the nav station. Someone boards the boat, takes the hub, and has physical access to the entire local data store: every position log, every system reading, every document stored locally, and potentially cached cloud credentials. Even without removing the device, a few minutes of physical access with a USB boot drive is enough to extract the disk.

What 32°N does about it. The hub setup guide requires enabling FileVault full-disk encryption before completing registration. Cloud credentials are stored in the macOS Keychain, not in plaintext config files. If the hub goes offline unexpectedly, the platform's cloud sync records the timestamp — sudden offline events in port can be surfaced as alerts.

What you should do. Enable FileVault on the Mac mini. Use a strong login password — not a PIN. Physically secure the hub in a locked nav station if possible. Review the cloud audit log if the hub goes offline for an unexplained period while the boat is in a marina.

What it is. Your AIS transponder is stolen from the boat — or taken from a dinghy, or picked up from a wrecked boat. It's now broadcasting your MMSI from somewhere else. Authorities, other vessels, and your own monitoring system see your boat in a location you're not. It can trigger false distress responses, interfere with a real search-and-rescue operation, and flag your vessel for investigation.

What 32°N does about it. The platform tracks expected position ranges from your own GNSS versus what AIS reports. A significant discrepancy between where the hub thinks you are and where the AIS is reporting you are will trigger an alert. Sensor registration in the device registry means removing and re-registering a transponder creates an audit record.

What you should do. Report a stolen AIS transponder to your MMSI registration authority immediately. Contact your flag state and the relevant Coast Guard to have the MMSI flagged as compromised. Do not leave portable transponders unattended in dinghies or on deck in marina berths.

What it is. The boat owner uses the same email address and password for their 32°N account as they do for a forum, a chandlery, or some other service that gets breached and its credentials dumped to HaveIBeenPwned. An attacker runs the dumped credentials against every marine platform they can find. Your account access, your boat's configuration, your position history, and your emergency contacts are all readable.

What 32°N does about it. The platform enforces multi-factor authentication for all accounts. Login events from new devices or unusual locations require step-up verification. The audit log records every login, including failed attempts and the source IP.

What you should do. Use a unique, randomly generated password for your 32°N account. A password manager — 1Password, Bitwarden, the macOS Keychain — makes this cost-free. Enable multi-factor authentication. Check HaveIBeenPwned periodically with the email address you use for the account.

What it is. An attacker sends a convincing phishing email — "your 32°N subscription is about to expire," "your hub went offline," "unusual activity on your account" — with a link to a convincing fake login page. You enter your credentials. The attacker has full access to your cloud account: all synced data, the ability to modify app configuration, the ability to push settings to the hub, and potentially to add a malicious device to your device registry.

What 32°N does about it. The platform will never ask for your password by email. Every email from 32°N links back to 32north.ai — if you're unsure, navigate there directly rather than following a link. New device registrations and configuration changes to the hub require a second confirmation step that's separate from the initial login. Audit log access is available so you can see exactly what changed and when.

What you should do. Never follow a login link from an email. Open your browser, go to 32north.ai, and log in directly if you think something needs attention. Use a hardware security key or an authenticator app for multi-factor authentication — not SMS. If you think your account was compromised, revoke all active sessions from the account settings page immediately, then rotate your password.