Extended Operational and Trade Vocabulary

Piracy, Maritime Security and Armed Protection glossary

The piracy and armed-protection vocabulary: the BMP hardening routine, acoustic hailing devices, active citadels, AIS gaps and spoofing in sanctions evasion, and the armed-guard and high-risk-area terms. Grounds each term in the Best Management Practices and the security operation it belongs to, the operational counterpart to the geopolitics section.

264 defined terms.

Showing 250 on this page (page 1 of 2).

A

A4 Routine: BMP shipboard preparedness drill running Assess, Avoid, Alert, Apply hardening before entering a high risk area.
Acoustic Hailing Device: Long range directional speaker (LRAD) used to warn approaching skiffs at distances beyond small arms range.
Active Citadel: Hardened internal compartment where crew retain control of propulsion, steering and communications during a piracy attack.
AIS Gap: Period when a vessel's Automatic Identification System transmission stops, often indicating sanctions evasion or illicit ship-to-ship transfer.
AIS Spoofing: Falsifying AIS data (MMSI, position, identity) to disguise vessel movements.
Alongside Phase: Stage of an attack when a pirate skiff is hull to hull with the target, immediately before boarding.
Anti-Piracy Course: Recommended transit route through a high risk area, published in BMP and updated by UKMTO and MSCHOA.
Anti-Piracy Watch: Dedicated lookout posted in addition to the navigational watch during HRA transits.
Approach Phase: Stage of an attack when skiffs are detected closing on the target at high speed, usually beyond 5 nautical miles.
Armed Guard Team: Group of PCASP, typically three or four operators, embarked for a single transit.
Armed Robbery Against Ships: IMB-defined acts in TS/internal waters (vs UNCLOS piracy).
Article 101 UNCLOS: Definition of piracy.
Article 105 UNCLOS: Seizure of pirate ships and prosecution.
Article 110 UNCLOS: Right of visit on the high seas.
ATALANTA: EU NAVFOR counter-piracy operation off Somalia, launched December 2008 and extended to 2026.
Attack Phase Matrix: BMP framework dividing pirate attacks into Approach, Attack and Boarding stages.
Automatic Identification System: VHF data system mandated by SOLAS Chapter V for vessels of 300 GT and above on international voyages.
Avoidance Routing: Practice of diverting from declared HRA boundaries where commercially feasible to reduce exposure.

B

Bab-el-Mandeb: 18 nautical mile wide strait between Yemen and Djibouti linking the Red Sea to the Gulf of Aden.
Barrier Methods: BMP passive defences including razor wire, electrified fencing and physical obstacles on the main deck.
Best Management Practices: Industry agreed guidance for ships transiting piracy affected waters, first published 2009.
BIMCO: Baltic and International Maritime Council, drafter of standard maritime contracts.
BIMCO Cyber Security Clause 2019: Standard cyber-risk-allocation charterparty clause.
BIMCO Cyber Security Guidelines: Industry guidance jointly produced with ICS, INTERTANKO, INTERCARGO, OCIMF and others, currently version 4.
BIMCO Piracy Clause for Time Chartered Vessels 2009: Allocates liability, deviation rights and additional costs when a chartered vessel transits a piracy area.
BIMCO US Maritime Cybersecurity Clause: 2021 clause addressing compliance with US Coast Guard and TSA cyber requirements.
BMP West Africa: Guidance tailored to Gulf of Guinea threat profile.
BMP4: Best Management Practices Version 4, published August 2011, focused on Somalia based piracy.
BMP5: Best Management Practices Version 5, published June 2018, replacing BMP4 and covering the wider Indian Ocean.
Boarding Phase: Stage when pirates physically climb on board, typically via grappling hooks, ladders or knotted ropes.
Boarding Team: Naval personnel inserted to recover a vessel held by pirates.
Bridge Hardening: Reinforcement of bridge windows, doors and approaches with Kevlar, steel or polycarbonate.
Bunker Theft: Illicit siphoning of fuel oil from a vessel, common in West Africa and Southeast Asia anchorages.

C

CCRF: Code of Conduct concerning the Repression of Piracy and Armed Robbery against Ships in the Western Indian Ocean and Gulf of Aden, Djibouti Code of Conduct 2009.
Charter Party Cyber Clause: BIMCO standard clause covering cyber incident allocation between owner and charterer.
Citadel: Hardened on-board refuge for crew during piracy boarding.
CMF: Combined Maritime Forces, a 46 nation naval partnership headquartered in Bahrain.
CMF CTF-150: Maritime security and counter terrorism task force covering the Gulf of Oman and Indian Ocean.
CMF CTF-151: Counter piracy task force established January 2009, focused on the Gulf of Aden and Somali Basin.
CMF CTF-152: Persian Gulf maritime security task force.
CMF CTF-153: Red Sea maritime security task force, established April 2022.
CMF CTF-154: Maritime security training task force, established May 2023.
Co-Located Armoury: Onshore facility holding PCASP weapons between transits, distinct from a floating armoury.
Combined Maritime Forces: Multinational naval coalition operating in the Middle East, established 2002.
Company Security Officer: CSO, ashore appointed individual under ISPS Code Part A Section 11.
Compliance Audit: ISPS verification of a Ship Security Plan by the flag state or recognized security organization.
Concealment Drill: Crew exercise practicing rapid movement to the citadel and hiding from boarders.
Conduct of Operations: PCASP operational document defining team behavior, communications and engagement procedures.
Continuous synopsis record: CSR, SOLAS history-of-flag record.
Cosco Shipping Lines Cyber Attack: July 2018 ransomware incident affecting Cosco's American operations.
CSO: Company Security Officer under ISPS Code Part A/11.
CSR: Continuous Synopsis Record; sighted during ISM and ISPS audits.
Cyber Risk Management: Process required by IMO Resolution MSC.428(98) to be addressed in the Safety Management System.
Cyber Security Audit: Assessment of OT and IT systems for vulnerabilities, often referenced to IACS UR E26.

D

Dark Fleet: Ships obscuring identity or ownership to evade sanctions, also called shadow fleet.
Deck Floodlights: BMP recommended high intensity lighting illuminating the main deck and overside areas during darkness.
Declaration of Security: ISPS document recording security responsibilities between a ship and a port facility or another ship.
Deterrent Lighting: Use of searchlights and pyrotechnics to dissuade approaching skiffs.
Distress alert: GMDSS message indicating grave and imminent danger.
Djibouti Code of Conduct: 2009 IMO instrument on cooperation against piracy in the western Indian Ocean and Gulf of Aden.
Djibouti Floating Armoury: Anchorage based weapons storage vessel used for embarking and disembarking PCASP gear.
DoS: Declaration of Security under ISPS Code Part A Section 5.
Dual Watch: BMP recommended doubling of bridge watch during HRA transits.
Dummies: Mannequins placed on deck to give the impression of a larger crew, a BMP passive measure.

E

ECDIS Update USB Risk: Vector for malware introduction via removable media during chart updates.
Electric Fencing: Non lethal energized perimeter installed on rails to deter boarders, a BMP recommended hardening.
Embarkation point: Point from which a survey or pilot departs the vessel.
Emergency Communication Plan: Pre-arranged contact list for UKMTO, MSCHOA, CSO and flag state in event of attack.
Engagement Authority: Legal basis under which PCASP may use force, derived from flag state law and contract.
Escalation of Force: Graduated PCASP response from verbal warning to warning shot to aimed disabling fire.
EU NAVFOR: European Union Naval Force conducting Operation ATALANTA in the western Indian Ocean.
Evasive Maneuver: Rapid course and speed changes designed to prevent skiffs from closing on the quarter or beam.
Eyes On Bridge: BMP recommended dedicated lookout focused solely on detection of approaching craft.

F

First Hit Vessel: Term used by ReCAAP for the initial target in a series of related incidents.
Flag State Approval: Authorization required by IMO MSC.1/Circ.1406 before PCASP may embark.
Floating Armoury: Vessel anchored in international waters where PCASP weapons are stored between transits.
Foam Monitor: Fixed fire fighting equipment used in BMP to repel boarders with high pressure foam.
Force Continuum: Graduated response framework governing PCASP use of force.
Freeboard: Distance from waterline to freeboard deck, governed by the Load Lines Convention but referenced in SOLAS.
Fujairah Anchorage Armoury: UAE based floating armoury serving Gulf transit PCASP.

G

Galle Floating Armoury: Sri Lanka based weapons storage vessel widely used by Indian Ocean PCASP teams.
Global Counter Piracy Guidance: 2021 industry publication issued by ICS, BIMCO, INTERTANKO, INTERCARGO and OCIMF consolidating regional guidance.
GoG-MOU: Gulf of Guinea Maritime Collaboration Forum / Shared Awareness and De-confliction Memorandum.
GPS Jamming: Interference with GNSS signals, regularly reported in the eastern Mediterranean, Black Sea and Persian Gulf.
GPS Spoofing: Transmission of false GNSS signals causing receivers to compute incorrect positions.
Group Transit: Coordinated convoy of merchant ships through the Internationally Recognised Transit Corridor under naval escort.
GUARDCON: BIMCO 2012 standard contract for the employment of security guards on vessels.
Gulf of Aden: Embayment between Yemen and Somalia connecting the Red Sea and the Arabian Sea.
Gulf of Guinea: Atlantic waters off West Africa, current epicenter of kidnap for ransom piracy.
Gulf of Oman: Strategic approach to the Strait of Hormuz.

H

Hague Convention on Hostage-Taking: 1979 International Convention against the Taking of Hostages.
Hardening: Cumulative physical and procedural measures making a vessel a less attractive target.
High Risk Area: BMP designated maritime zone where piracy attacks have occurred and additional measures are recommended.
Hijack for Ransom: Pirate business model dominant off Somalia between 2008 and 2012 involving capture of vessel and crew.
HOA: Horn of Africa, region centered on Somalia.
Horn of Africa: Maritime region including the Gulf of Aden, Somali Basin and approaches to the Bab-el-Mandeb.
Hose Deployment: BMP measure rigging fire hoses overside to deluge boarders.
Hostage Negotiation: Specialist crisis response in piracy/K&R incidents.
Hostile Boarding Decoy: Dummy or false target placed to mislead pirates as to crew location.
HRA: High Risk Area, formally reduced and renamed Voluntary Reporting Area in the Indian Ocean from 1 January 2023.

I

IACS UR E26: Cyber resilience of ships (new builds 1 Jul 2024+).
IACS UR E27: Cyber resilience of on-board systems and equipment (new builds 1 Jul 2024+).
ICC Commercial Crime Services: Division of the International Chamber of Commerce hosting the IMB.
ICOC: International Code of Conduct for Private Security Service Providers, signed 2010 in Geneva.
IMB: International Maritime Bureau, ICC division reporting piracy incidents since 1992.
IMB Annual Piracy Report: Yearly compilation of piracy and armed robbery incidents published by the International Maritime Bureau.
IMB Live Piracy Map: Online real time display of reported incidents maintained by the IMB Piracy Reporting Centre Kuala Lumpur.
IMO MSC.1/Circ.1405: Revised interim guidance to shipowners on use of PCASP.
IMO MSC.1/Circ.1406: Revised interim recommendations to flag states on use of PCASP.
IMO MSC.1/Circ.1408: Interim recommendations for port and coastal states regarding PCASP.
IMO MSC.1/Circ.1443: Interim guidance to private maritime security companies providing PCASP on board ships.
IMO Resolution MSC.428(98): 2017 resolution requiring cyber risks to be addressed in the SMS from the first DOC annual verification after 1 January 2021.
Incident Report Form: Standard form used by UKMTO and IMB to capture attack details.
Indian Ocean HRA: Original BMP designated area extending from Suez to 78 degrees East and 10 degrees South.
Information Sharing Centre: Singapore based ReCAAP secretariat coordinating reporting in Asia.
Insurance Joint War Committee: Lloyd's body designating Listed Areas of perceived enhanced risk.
International Code of Conduct for Private Security Service Providers: Voluntary standard governing PMSC conduct, monitored by ICoCA.
International Maritime Bureau: Specialized division of the ICC Commercial Crime Services.
International Recommended Transit Corridor: Naval coordinated route through the Gulf of Aden, replaced by the Maritime Security Transit Corridor in 2015.
International Ship and Port Facility Security Code: ISPS Code.
Intruder Detection: BMP recommended sensors, alarms and CCTV covering deck approaches.
IRTC: Internationally Recommended Transit Corridor through the Gulf of Aden.
ISO 28000: Supply-chain security management standard.
ISO 28007: Specification for PMSCs providing privately contracted armed security personnel on board ships, first issued as ISO/PAS 28007 in 2012 and as ISO 28007-1 in 2015.
ISPS Code: International Ship and Port Facility Security Code, mandatory under SOLAS XI-2.
ISPS Part A: Mandatory section of the ISPS Code containing detailed requirements.
ISPS Part B: Recommendatory guidance for implementing Part A.

J

Joint War Committee: London insurance market body publishing Hull War, Piracy, Terrorism and Related Perils Listed Areas.
JWC Listed Areas: Geographic zones triggering hull war additional premium.

K

K and R Insurance: Kidnap and ransom cover for crew piracy events.
Kidnap for Ransom: Pirate model removing selected crew from a vessel for ransom ashore, predominant in the Gulf of Guinea.
Kuala Lumpur Piracy Reporting Centre: IMB facility receiving incident reports 24 hours a day.

L

Letter of Authorization: Flag state document permitting embarkation of specific PCASP weapons on a named vessel.
Listed Areas: JWC designated waters attracting additional war risk premium.
Live Piracy Map: IMB hosted geographic display of reported attacks.
Lookout Doubling: BMP recommended posting of additional lookouts during HRA transit.
Low and Slow: Vessel profile of low freeboard and speed below 18 knots historically associated with successful pirate attacks.
LRAD: Long Range Acoustic Device used to project warnings at high directional volume.

M

Maersk NotPetya: June 2017 ransomware incident causing reported losses of around USD 300 million to A.P. Moller Maersk.
Maritime Cyber Risk Management: IMO defined process to identify, analyze, assess and communicate cyber related risks.
Maritime Security Centre Horn of Africa: EU NAVFOR civil and military information exchange for shipping transiting the Gulf of Aden and western Indian Ocean.
Maritime Security Transit Corridor: Successor to the IRTC introduced in 2015 covering the Gulf of Aden, Bab-el-Mandeb and southern Red Sea.
MARSEC Level 1: Normal security level under ISPS/USCG.
MARSEC Level 2: Heightened security level.
MARSEC Level 3: Exceptional/incident-imminent level.
MDAT-GoG: Maritime Domain Awareness for Trade Gulf of Guinea, French and UK navy facility based in Brest.
Memorandum of Understanding: MOU, regional cooperative agreement among port states for harmonized PSC.
MMS: Maritime Mobile Service or various port MMS messaging systems.
Mothership: Larger vessel from which pirate skiffs are launched far from shore.
MSC 2020 Cyber Incident: April 2020 malware incident disabling MSC's Geneva headquarters network for several days.
MSC HOA: Maritime Security Centre Horn of Africa, operated by EU NAVFOR.
MSC-FAL.1/Circ.3/Rev.2: 2022 joint guidelines on maritime cyber risk management.
MSC.428(98): IMO resolution on Maritime Cyber Risk Management in Safety Management Systems.
MSCIO: Maritime Security Centre Indian Ocean, terminology used after the 2022 reorganization of the HRA framework.
MSP: Multinational Specialized Unit or, separately, the Malacca Strait Patrol coordinated by the four littoral states.

N

NATO Operation Ocean Shield: Alliance counter piracy operation in the Horn of Africa from 2009, terminated December 2016.
NAVAREA warning: Long-range navigational warning issued by an area coordinator.
Navigation Watch Augmentation: BMP measure adding lookouts and increasing radar plotting effort.
Negotiator: K&R response consultant managing communications with hostage takers.
NIST Cybersecurity Framework: US National Institute of Standards and Technology voluntary framework cited in BIMCO guidelines.
No-go area: Area on passage plan excluded from passage.
NotPetya: June 2017 wiper malware that propagated through MeDoc Ukrainian tax software, impacting Maersk and others.

O

OCIMF: Oil Companies International Marine Forum, owner of SIRE.
OFAC SDN List: US Treasury Specially Designated Nationals list naming sanctioned persons and vessels.
OFSI: UK Office of Financial Sanctions Implementation, part of HM Treasury.
Oil Bunker Theft: Siphoning of fuel from vessels, particularly in the Singapore Strait and West Africa.
On Board Armoury: Locked, restricted access compartment for PCASP weapons and ammunition during a transit.
Open Source Reporting: Use of public AIS, news and satellite imagery to monitor suspect vessels.
Operation Agenor: European Maritime Awareness in the Strait of Hormuz military arm, launched 2020.
Operation Atalanta: EUNAVFOR mission off Somalia (since 2008).
Operation Ocean Shield: NATO counter-piracy mission (2009 to 2016).
OT/IT Segregation: Network architecture separating operational technology from information technology systems.

P

Passive Measures: BMP defences not requiring crew action once installed, such as razor wire and grilles.
PCASP: Privately Contracted Armed Security Personnel as defined by IMO.
Petro-Piracy: Theft of refined products from tankers, observed in the Strait of Malacca in 2014 to 2015.
PFSO: Port Facility Security Officer under ISPS.
PFSP: Port Facility Security Plan.
Piracy Reporting Centre: IMB facility in Kuala Lumpur operating since October 1992.
Pirate Action Group: Term used by combined naval forces for an organized group of skiffs and mothership.
Pirate Skiff: Small fast craft used in approach phase.
PMSC: Private Maritime Security Company providing PCASP under ISO 28007.
Port Facility Security Assessment: ISPS required risk assessment underpinning the PFSP.
Port Facility Security Plan: ISPS document setting out security measures at a port facility.
Privately Contracted Armed Security Personnel: Commercial armed guards embarked with flag state approval to deter piracy.
Product Tanker Theft: Pirate model targeting refined cargo for transhipment, principally in Southeast Asia.

Q

Quarter Approach: Common skiff attack vector from a vessel's port or starboard quarter exploiting blind spots.
Quick Response Team: Naval boarding party held on standby for piracy intervention.

R

RAAF: Rapid Alert and Reporting Format used by UKMTO and MSCHOA for incident messages.
Ransom Drop: Physical delivery of ransom funds, historically by aerial drop to Somali held tankers.
Ransomware: Malware encrypting systems and demanding payment; major shipping cyber threat.
Razor Wire: Coiled barbed tape rigged on rails and overhangs to obstruct boarders, a BMP recommended measure.
ReCAAP: Regional Cooperation Agreement on Combating Piracy and Armed Robbery against Ships in Asia, entered into force September 2006.
ReCAAP ISC: Regional Cooperation Agreement on Combating Piracy and Armed Robbery, Singapore-based ISC.
Reporting Vessel: Ship transmitting position and itinerary to UKMTO or MSCHOA under voluntary schemes.
Risk assessment: Documented evaluation of hazards.
Routing Through HRA: Passage planning factoring naval escort timings, weather and recent incidents.
RUF: Rules for the Use of Force governing PCASP engagement, distinct from military Rules of Engagement.
Rules of Engagement: Military authority to use force, separate from civilian RUF.

S

Safety Management System: ISM Code required system now obliged to address cyber risks under MSC.428(98).
SafetyNET: Inmarsat-C broadcast service for MSI to selected sea or NAVAREAs.
Sand Bags: Improvised ballistic protection used to harden bridge wings and accommodation entrances.
Scammed Bunker Fraud: Theft via fraudulent ship-to-ship bunker delivery, often using false vessel identity.
Security Drill: ISPS-mandated quarterly exercise.
Security Exercise: Annual multi-party exercise involving ship/port/agency.
Security level: ISPS Code level 1, 2, or 3 affecting ship security plan implementation.
Selective Boarding: Pirate tactic of targeting specific crew members for kidnap rather than entire vessel seizure.
Ship Security Alert System: SOLAS XI-2/6 covert alarm transmitting a piracy or terrorism alert to the flag state.
Ship Security Assessment: ISPS required risk assessment forming the basis of the SSP.
Ship Security Officer: SSO, designated under the ISPS Code, evidence often checked in PSC.
Ship Security Plan: SSP, approved by the flag State or RSO under the ISPS Code.
Ship to Ship Transfer: Cargo transfer between two vessels, used legitimately and also for sanctions evasion in the dark fleet.
Skiff: small line-handling boat.
Slow Steaming: Operating below design speed to save fuel and reduce emissions.
SOLAS Chapter XI-2: Maritime security regulations including ISPS.
SOMS: Strait of Malacca and Singapore, principal Asian chokepoint covered by the Malacca Strait Patrol.
SSAS: Ship Security Alert System mandated by SOLAS XI-2/6.
SSO: Ship Security Officer.
SSP: Salvage Service Plan submitted by salvor to authorities under OPA 90 and similar regimes.
Strait of Hormuz: Strait connecting the Persian Gulf to the Gulf of Oman.
Strait of Malacca and Singapore: 805 km long passage between Sumatra and the Malay Peninsula.
SUA Convention 1988: Convention for the Suppression of Unlawful Acts against the Safety of Maritime Navigation, in force March 1992.
SUA Protocol 2005: Protocol expanding SUA to cover terrorism, WMD transport and ship boarding regimes, in force July 2010.
Suspect Approach Reporting: UKMTO category for vessels approached but not attacked.

T

Tactical Citadel: Citadel configured to allow continued navigation and communication while crew shelter inside.
Throw Bag: Floating line used during recovery of crew or boarding teams.
Time Charter Piracy Clause: BIMCO 2009 clause apportioning piracy related risk under time charters.
Toll Group Cyber Attack: January and May 2020 ransomware incidents against Australian logistics operator.
Transit Plan: Voyage specific document addressing HRA entry, hardening, watches and reporting.
Trapped Crew: Mariners unable to disembark from sanctioned or abandoned vessels, often subject to ITF intervention.

U

UKMTO: United Kingdom Maritime Trade Operations, Royal Navy facility in Dubai liaising with merchant shipping.
UN Security Council Resolution 1816: 2008 resolution authorizing states cooperating with the Somalia TFG to enter Somali territorial waters in pursuit of pirates.
UN Security Council Resolution 1838: 2008 call on states with naval forces to deploy against piracy off Somalia.
UN Security Council Resolution 1846: 2008 extension of authorities for counter piracy operations off Somalia.
UN Security Council Resolution 1851: 2008 authorization for land based operations against Somali pirates.
UN Security Council Resolution 1897: 2009 renewal of counter piracy authorizations off Somalia.
UN Security Council Resolution 2316: 2016 renewal of counter piracy authorizations.
UN Security Council Resolution 2634: 2022 condemnation of piracy in the Gulf of Guinea.
UNCLOS 1982: United Nations Convention on the Law of the Sea providing the piracy definition in Article 101.
Underway Replenishment: Naval activity supporting sustained counter piracy patrols.
Use of Force Continuum: Graduated steps from hail/warning to disabling fire.

V

Vessel Hardening: Combination of BMP physical and procedural measures making boarding more difficult.
VHF Channel 16: International distress, urgency and calling frequency monitored by ships and shore stations.
VHF Intercept: Monitoring of pirate communications on Channel 16 and working channels.
Voluntary Reporting Area Gulf of Guinea: Area established by MDAT-GoG covering West African waters.
Voluntary Reporting Area Indian Ocean: Area established 1 January 2023 replacing the Indian Ocean HRA.
VRA: Voluntary Reporting Area where shipping is encouraged to report to UKMTO or MDAT-GoG.

W

WAR Risk Insurance: Cover for war and strikes perils excluded from hull policy.
War Risk Listed Area: JWC designation triggering additional premium and notification requirements.
Watchkeeping Doubling: BMP measure adding personnel to navigational and security watches.
Water Cannon: BMP recommended fixed or portable jet repelling boarders.