Uncovering the Linkages in Maritime Piracy Networks: Developmental Dynamics and

Visualization of Network Data

by

Dinorah Frutos, Thanarerk Thanakijsombat, Philip V. Fellman, Pard Teekasap

(Southern New Hampshire University – International Business Modeling Laboratory)

Abstract

Maritime piracy has been on the rise for many years. Although public data on piracy attacks
and piracy networks is limited, we have attempted to apply some new methodological tools to
determine as far as possible, the properties of these complex systems. In particular, by employing
extremal statistics and following the work of Clauset and Gleditsch on land-based terrorist
organizations, we attempt to characterize the relationship between the severity and frequency of
maritime piracy attacks. In addition, utilizing social network analysis, we have aimed at
accurately visualizing and representing key characteristics of maritime piracy as well as
discerning non-obvious or emergent patterns of behavior and organizational structure specific to
piracy networks as defined by their geographic location (i.e., West Africa, East Africa and The
Straits of Malacca and Lombok).

Introduction

With the emergence of new markets and an increasing integration in the world economy,

maritime shipping has become an increasingly important method of commercial transport. At

present more than 80% of world trade is conducted by sea. The Pacific Ocean and the adjacent

seas are historically active maritime trading grounds. The Pacific Ocean links the American and

Asian continents, and much of the world’s shipping passes through the seas of Southeast Asia,

East Asia, and South Asia (Salinas, 2002; Sakhuja, 2005). Oil tankers from the Middle East

travel through the Indian Ocean and enter the Straits of Malacca from the Andaman Sea, and

once past Singapore have the option of turning northward into the South China Sea and onward

to South Chinese ports, or continuing into the Straits of Makassar for access to the open seas of

the Pacific and the East Asian coast (Salinas, 2002).

1  

 
 Currently, the most pressing and direct threats to maritime security for ship owners are piracy

and sea robbery. Other crimes such as maritime terrorism and the use of "phantom ships" are far

less common, although still a significant issue. Criminal activity against vessels is typically

treated under the general term "piracy." The International Maritime Bureau’s Piracy Reporting

Center (IMB-PRC), a private organization that monitors piracy incidents all over the world,

defines "piracy" as “an act of boarding or attempting to board any ship with the intent to commit

theft or any other crime and with the intent or capability to use force in the furtherance of that

act” (Abhyankar, 2001) . This definition is useful for operational purposes, particularly in terms

of monitoring the incidence of attacks. For the purposes of this paper, the IMB-PRC definition

of piracy is employed, although more sophisticated screenings of the IMB-PRC data are

possible. Unfortunately much of the data necessary to structure a more sophisticated definition

or to trace a greater degree of residual connections are either fragmented, missing or scattered

across separately compartmented databases, often not just in different organizations and

companies but in different and not necessarily cooperating countries.

While IMB’s relatively wide definition allows it to produce a palusibly comprehensive

picture of maritime crime, one major problem is that the IMB definition of piracy is not

recognized by international law. For prosecution purposes it is important to consider the location

of the incident in order that the appropriate legal response can be made. According to

international maritime law, any illegal acts of violence and detention which are committed within

State’s territorial waters are not defined as piracy. This is a general problem with transferring

local or national issues of admiralty law to the international consideraton of terrorism and

terrorist activities. According to the IMB, nearly all illegal acts occur within territorial waters

and thus would not fall under the definition of piracy. Technically, if an attack occurs within the

2  

 
territorial jurisdiction of a state, the event is only classified as piracy if that nation’s penal code

criminalizes it as such.

Piracy and sea robbery may be committed in port while the vessel is berthed, at anchor, or

while it is underway. In this paper, we consider only attacks committed to vessels underway.

While underway, the vessel may be subjected to a short-term seizure lasting a few hours while

the pirates take cargo or belongings; a long-term seizure lasting several days while the cargo is

unloaded at ports selected by the pirate or transferred to another vessel; or a permanent seizure

wherein the vessel could be turned into a "phantom ship". Unfortunately, in the latter two types

of seizures, crews are most likely to be killed, or if they are lucky, set adrift at sea. (Abhyankar,

2001).

Figure 1. shows how the incidence of violent attacks since 2000. A clear increase is observed

for the year 2003. However, the subsequent years show a decline in violence and a resurgence of

violence in the year 2008.

Piracy  A)acks  on  Vessels  Underway  

120  
100  
80  
60  
40  
20  
0  
2000   2001   2002   2003   2004   2005   2006   2007   2008  

Violent  A3acks   Total  Number  of  A3acks  

3  

 
 The degree to which a vessel may be threatened depends on several key factors. The first

problem occurs when there is a high degree of congestion in maritime traffic, which necessarily

limits a vessel’s ability to maneuver to avoid a threatening vessel, or which may provide cover

for the perpetrators’ assaults. The proximity of the vessel to coastal settlements may also be a

factor, as the perpetrators may use the settlements as their base of operations and then disappear

into the local population subsequent to the attack. The lack of visible maritime law enforcement

patrols has also played an important role in the growth of maritime attacks. (Salinas, 2002)

Pirates’ favorite targets are private vessels transporting valuable goods and there are

approximately 50,000 large ships on the seas at all times. Maritime vessels are ‘soft’ targets,

because they are huge, slow moving and difficult to protect. Under current IMO law it is

forbidden for merchantmen to carry firearms for self-protection. Only Russian and Israeli ships

carry guns. Furthermore, efficiency developments in shipping logistics have tended towards the

use of skeleton crews, which then makes ships even more vulnerable to attack. Finally, the newer

Vessel Tracking Information System (VTIS) makes it easier for anyone to discover the precise

locations of a ship at any particular point in time. (Galletti, 2005)

Maritime Terrorism

Historically, the world’s oceans have not been a major locus of terrorist activity. Indeed,

according to the RAND Terrorism Database, strikes on maritime targets and assets have

constituted only two percent of all international incidents over the past 30 years. Part of the

reason for this relative paucity of attacks has to do with the fact that many terrorist organizations

4  

 
have neither been located near coastal regions nor possessed of the means to extend their

physical reach beyond purely local theaters of operations. Most importantly, operating at sea

requires terrorists to acquire and develop marine skills, gain access to appropriate assault and

transport vehicles, and to develop the ability to mount and sustain operations from a non-land–

based environment. Limited resources have traditionally prevented most terrorist groups from

exercising these options.

Moreover, very few maritime choke points are truly non-substitutable for ocean-bound

freight. Bypassing the Malacca Straits in Southeast Asia, for instance, would require only an

extra three days of steaming, and other than oil and certain perishable goods, most commodities

would not be unduly affected by short delays in delivery. While long-term or widespread

disruption to the global economy is unlikely, it is certainly possible that temporary, localized

fiscal damage could result from an act of terrorism. Finally, the objectives of the two actors

remain entirely distinct. The business of piracy is directly dependent on a thriving and active

global shipping industry and is aimed at profit. In contrast, terrorists, at least in the context of

contemporary jihadist networks, are assumed to be seeking the destruction of the global maritime

trade network as part of their self-defined economic war against the West (Chalk, 2008). At

present, the IMB reports do not include sufficient information for us to plot a nexus between

piracy and terrorism, although it would be desirable to acquire sufficient data to verify suspected

linkages one way or another.

5  

 
IMB Study Data

The IMB-PRC provides a number of services to the maritime industry. They also disseminate

worldwide reports of piracy and sea robbery attacks. Statistics for maritime crime are published

in weekly, quarterly, and annual reports. The reports provide information about the vessels (size,

flagship, attack location), date and time of attack, and a brief description of the attack, which

includes the number of attackers, weapons used, status of the crew and whether the attackers

stole property and belongings. The reports do not provide information about the origin of the

pirates. Despite the lack of specific information regarding the attackers, the data from these

reports can enable the identification of important trends, once the data has been appropriately

sifted and minor, irrelevant or repetitive data has been eliminated from the raw data set.

According to the IMO, it is estimated that piracy incidents are likely under-reported by a

factor of two. Moreover, it is likely that the statistics are subject to distortion as many smaller

attacks go unreported mainly because the increase in insurance premiums often outweighs the

value of the claim for smaller attacks. Reporting a piracy attack is often time-consuming and can

lead to a delay of several days which could cost up to $25,000 per day. Thus, in many cases, it is

cheaper not to report the incident. (Chalk, 2008) (Sakhuja, 2005)

The ransacking and robbery of vessels on the high seas or in territorial waters has the

potential to seriously disrupt maritime navigation (especially in instances where vessels run

amok because the crew is kidnapped, detained, or thrown overboard). The IMB describes these

assaults as medium-level armed robbery: violent thefts involving serious injury or murder by

well-organized gangs.

6  

 
 The tools of piratical violence have also become more advanced. Pirates now have access to

automatic weapons and advanced communication devices. They monitor radar and radio

transmissions to select their targets and use motorized boats to track them. While the weaponry

has become much more sophisticated, the tactics often remain crude. The aims of piracy have

also changed to a certain extent, entailing a more violent approach. Some pirate operations target

not only the ship’s cash and valuables, but also derive income from kidnapping and from

ransoming the ship itself (Shutzer, 2003).

Pirates usually attempt to board a steaming ship from the stern via fast boat. Large tankers

are easiest to board from the side where the presence of a low freeboard assists intruders. Sea

attacks almost always involve violence or the threat of violence because pirates need to subdue

the ship’s crew to carry out their mission. For this purpose, attacks against large cargo ships are

often undertaken by ten or more pirates. Such attacks also require a high level of capital

investment in arms, training, intelligence and fast boats. Pirates typically select the easiest

available target. In some cases though, the target selection begins onshore, where pirates take

advantage of low dock security and the corruption of port officials. Port workers often act as

informants for ship movements and cargo contents. An inside tip can take a lot of guesswork out

of an inherently dangerous piracy action.

In the present study, we collected the data from the IMO reports from 1998 to 2008. The

reports provide minimal information about the pirates. The description of the attack includes the

number of pirates, the weapons used, i.e. knives, guns, RPG and whether the pirates were

captured or not. Not every attack provides this information. For the most part, the description

indicates that the pirates fled and stole crew’s cash and belongings and/or ship’s stores and

equipment.

7  

 
Methodology

In attempting to provide a more meaningful and nuanced study of maritime piracy than that

available merely from collecting the raw IMB data, we followed the approach to land-based

terrorist organizations, particularly with respect to learning curves, frequency and level of

damaged developed at the Santa Fe Institute by Aaron Clauset (Clauset and Gleditsch 2007;

Clauset and Weigel, 2010) and . By looking at the frequency and severity of the attacks in each

of three distinct regions, we attempt to gain insight into local pirate groups’ organizational

growth and the effects of their total experience on their capacity to inflict damage to their target

populations (Clauset & Gleditsch, 2009).

High-quality empirical data on maritime piracy groups, such as decision making and

organizational structure are practically non-existent. However, the IMO reports discussed above

provide data on the frequency and the severity of the piracy attacks. A more systematic analysis

can shed new light on which facets of maritime piracy group behavior are predictable and which

are inherently contingent. Each “attempted attack” record includes its calendar date, the severity

of the attacks is described and by refining this data, we have created a scale for measuring the

intensity of the attacks (Table 1).

Description Index
No goods stolen/no injuries to crew 1
Stolen goods(any)/Knives-Guns-RPG 2
Stolen goods (any)/injured crew 3
Stolen goods (any)/Crew killed or missing 4
Hijacked/crew recovered(or crew hostage for ransom) 5
Hijacked/crew killed/missing and ship missing 6
Ship rammed with explosives 7
Table 1. Description of attack and associated intensity of attack Index
8  

 
 Since we do not have any information about specific maritime piracy organizations, we

analyze the frequency and severity of the attacks by region or country. For each location, we

quantify the changes in the frequency and severity of the attacks over a 10 year period using a

development curve. The locations we have selected based on the number of attacks are:

Indonesia, Malacca Straits, Somalia and Nigeria. The developmental curve maps the “behavior”

of the attacks in those locations from which we can infer the behavior of the pirate groups in the

particular location. They also provide a common quantitative scale that facilitates the direct

comparison of different locations at similar points in their life histories.

To construct this curve, we plot the behavioral variable, such as the time (in days) between

consecutive attacks or ∆ or the severity of an attack , as a function of the experience of the

piracy group in the selected location , indexed by the cumulative number of attempted attacks

on ships underway. Combining the developmental curves of the selected locations produces an

aggregate picture of the behavioral dynamics of each location, and allows us to extract the

typical developmental trajectory of a pirate group.

Results of the Study

The dynamics revelaed by this study suggest several interesting features of maritime piracy

and parallel many of the results discovered by Clauset et al., for land-based terrorist

organizations. With respect to the frequency and severity of attacks over time, these results are

independent of many commonly studied social and political factors, and suggest that there may

be “new” fundamental scientific laws (other than the social and cultural trends tyically studied in

this field) underlying the dynamics of both terrorist and piracy attacks. As recent studies on

9  

 
combat force structure, resilience and breakthrough levels suggest (Moffat and Passman, 2004),

emergent processes and fractal structure may play important roles in processes previously

thought to be governed by simple power laws.

If one can replace the data smoothing typically implied by linear and multiple regression

analysis with a more complete explanation of dynamical processes, and can supplement cultural

and political analysis with a more complete picture of process dynamics (including invariants),

then one may achieve a better understanding of both land-based terrorism and maritime based

piracy (and terrorism) than is currently available through single-mode analysis. In particular, a

richer set of analytical tools may be helpful in predicting terrorist or piracy behavior when

dealing with unknown, unidentified, or unidentifiable groups and may help to develop a new

approach for dealing with particularly difficult to categorize or difficult to define terrorist and

piracy events.

Visualization of Data

In the present study, we began by applying Social Network Analysis (SNA) to our data in

order to elucidate patterns of behavior among different maritime priacy groups. Network data in

its purest from consists of a square array of measurements which focus on the actors and their

relational properties (particularly network “nodes” and “edges”). The rows of the array are the

cases, or subjects, or observations. The columns of the array are the same set of cases, subjects,

or observations. Each cell of the array describes a relationship between the actors. By comparing

the rows of an array, we can see which actors are similar to the other actors with whom they are

connected by the first actors’ choice (as in a directed graph). By looking at the columns, we can

10  

 
see the relationship between actors on the basis of who is chosen by other actors. These are

useful ways to look at the data because they help to show which actors have similar positions in

the network. A major emphasis of network analysis is seeing how the whole pattern of individual

choices gives rise to more holistic, or emergent patterns. (Hanneman & Riddle, 2005)

Figure 1, shows the network diagram of Locations and Intensity of Attacks (based on the

Index on Table 1.) for the year 2003. The network diagram includes all the attacks that occurred

in the year and all the locations in which attacks took place.

Figure 1. Network Diagram representing Location and Intensity of Attack.

11  

 
 Figure 2. Network Diagram representing Location and the type of weapon used in the attack.

Figure 3. Network Diagram representing location and the number of pirates involved in the attacks.

12  

 
 Figure 2 amd Figure 3 represent the location and type of weapon used in the attack and the

location and number of pirates involved in the attack, respectively. As compared to the raw data

from the IMB, these network diagrams provide an improved visualization of the 2003 piracy

attacks since the size of the nodes gives as an indication of the intensity of the attack, or the

number of pirates involved in each attack for each location. However, with the current data we

cannot extract more information about the behavior of the pirate organizations using this

methodology.

Conclusion

It appears that the center of gravity of international piracy is continually shifting, but specific

pirate-plagued areas have remained more or less continuously active. According to the IMB,

South East Asian waters are the most intense hot-spots of piracy. The region retains its position

as the most active with regard to attacks on vessels and accounts for more than half of all

reported attacks. The Malacca Straits and the Singapore Straits continue to be among the most

popular locations for piracy. This is largely due to both geographical and operational factors, in

particular, the fact that the area around the straits attracts the heaviest maritime traffic

concentration (Sakhuja, 2005).

21st century maritime piracy is a relatively new phenomenon and is not easy to understand or

model. Difficulties in data collection further complicate the task of determining the relationship

between pirate organizations (especially the better organized groups) and international organized

crime or international terrorist groups. Combating maritime piracy is not easy. The problems of

national and international differences in maritime competence, location of territorial waters,

differing resources (human, military, economic, etc.) and priorities create a complex arena in

13  

 
which it is difficult for law enforcement agencies to locate and follow pirates. Meanwhile pirates

exploit maritime limits and borders in order to escape and hide, often leaving behind local coast

guards and military ships. (Galletti, 2005)

14  

 
References

Abhyankar, J. (2001). Piracy and ship robbery: A growing menace. In H. Ahmad, & A. Ogawa,
Combating Piracy (p. 11). Tokyo, Japan: The Okazaki Institute.

Chalk, P. (1999, January-February). Low intensity conflict in South East Asia: Piracy, drug
trafficking and political terrorism. (No. 305/306) , 4.

Chalk, P. (2008). The maritime dimension of international security:terrorism, piracy, and

challenges for the United States. The RAND Corporation Monograph Series .
http://www.rand.org.

Clauset, A., & Gleditsch, K. S. (2009, June 17). The developmental dynamics of terrorist
organizations. Retrieved from arXiv:0906.3287v1 [physics.soc-ph]:
http://arxiv.org/abs/0906.3287

Clauset, A., & Wiegel, F.W., (2010) “A generalized aggregation-disintegration model for the
frequency of severe terrorist attacks”, Journal of Conflict Resolution, 54(1), 179-197

Fellman, P. V., Clemens, J. P., Wright, R., Post, J. V., & Dadmun, M. (2006). Disrupting
terrorist networks - a dynamic fitness landscape approach. Inter Journal Complex Systems , 2060
(12).

Galletti, S. C. (2005). Old and new threats: Piracy and maritime terrorism.
http://www.eurocrime.it/, EuroCrime, Florence, Italy.

Hanneman, R. A., & Riddle, M. (2005). Introduction to social network methods. University of
California Riverside.

Moffat, J. and Passman, M. (2004) “Metamodels and Emergent Behaviour in Models of

Conflict”, Simulation Modelling Practice and Theory, Volume 12, Issues 7-8, November 2004,
579-590

Newman, M. (2003). The structure and function of complex networks. SIAM Review , 45 , 165-
256.

Olaya, C., & Cruz, J. P. (2008). A system dynamics model for studying the structure of network
marketing organizations. The 2008 International Conference of the System Dynamics Society.
Athens, Greece:
http://www.systemdynamics.org/conferences/2008/proceed/papers/OLAYA411.pdf.

15  

 
Sakhuja, V. (2005). Maritime terrorism and piracy: security challenges in South East Asia.
Society for the Study of Peace and Conflict. www.sspconline.org.

Salinas, C. C. (2002). Improving maritime security in the APEC region: A perspective from the
Federation of ASEAN Shipowners’ Associations (FASA). 3rd APEC Transportation Ministerial
Meeting. Lima, Peru.

Shutzer, J. (2003). Piracy in Indonesia. School of Advanced International Studies.

Storey, I. (2008). Securing Southeast Asia’s Sea lanes: a work in progress. Asia Policy , Number
6, 95-127.

16