Twenty percent of the world’s seaborne oil normally transits the Strait of Hormuz every day. As of this morning, commercial traffic through the strait is at approximately five percent of normal volume and has been for weeks. The coverage has been excellent on the kinetic dimension: the missile strikes, the drone attacks, twenty-one confirmed attacks on merchant vessels, Iran’s declaration of closure, the US military campaign to force the strait open that began on March 19. What is receiving almost no serious treatment is the fourth layer of Iran’s closure strategy — the one that is arguably the hardest to reverse and the one that has direct enterprise security implications that your supply chain and logistics teams need to understand this week. Iran is not just closing Hormuz with mines and missiles. It is closing it with electronic warfare so comprehensive that GPS spoofing affected more than 1,650 vessels in a single day, with navigation systems showing supertankers sailing over dry land and cargo ships appearing to transit airports. One retired US Army colonel who served as a NATO Defence Investment Division official told RFE/RL what nobody in the mainstream coverage wants to say plainly: “I can think of no way to reopen and keep open Hormuz militarily and easily.” The electronic warfare layer is specifically why.

What’s Actually Happening

On February 28, Operation Epic Fury struck Iran’s military command and nuclear infrastructure. Within hours, Iran declared the Strait of Hormuz closed to vessels from the US, Israel, and their Western allies. Within forty-eight hours, the IRGC had attacked four commercial tankers in a targeting pattern that Windward Maritime AI’s analysis describes as “consistent with area denial effects, not precision affiliation targeting” — meaning they hit everything, regardless of flag, to maximise commercial withdrawal.

The four-layer closure architecture that RFE/RL’s analysis describes is the important context. The first layer is kinetic: over twenty-one confirmed strikes on commercial vessels since February 28, including the oil tanker Sonangol Namibe 800 kilometres from the strait itself, demonstrating Iran can reach vessels well beyond the chokepoint. The second layer is mines: US intelligence reports Iran has begun laying mines, with an estimated arsenal of approximately 6,000 ranging from contact mines to sophisticated acoustic and magnetic-triggered seabed devices. Clearing them is not a fast operation — it took 51 days to sweep 907 mines from Kuwait after the Gulf War with the advantage of Iraqi minefield maps. The third layer is financial: war-risk insurers withdrew coverage across much of the commercial market following the escalation. Without war-risk insurance, ships legally cannot operate in designated war zones. That withdrawal produced a structural market closure independent of any kinetic deterrent. Fewer than 100 commercial ships have crossed the Strait since March 1, per Bloomberg’s AIS analysis.

The fourth layer — the one with the direct enterprise security implications — is electronic warfare and GPS/AIS manipulation at industrial scale. Per Windward’s analysis published on March 2, GPS spoofing and AIS jamming affected more than 1,100 vessels in the region in a single 24-hour period on March 2, with spoofed positions clustering near Fujairah and the Gulf of Oman showing vessels’ navigation systems placing them at airports, a nuclear power plant, and on Iranian land. By March 7, GPS and AIS interference had affected more than 1,650 vessels in a single day. Bloomberg’s investigation documented seafarers navigating by radar because GPS was unreliable, and vessels going dark — switching off AIS transponders — during the transit, producing what Windward describes as “denial zones” where SAR imagery detects vessels that transmit no signal at all. The ships are physically present but invisible to anyone relying on AIS alone.

OCCRP’s analysis of the Windward data confirms that the GPS jamming is not targeted interference against individual vessels but broad-area jamming using ground-based transmitters that overpower legitimate GPS signals across entire maritime zones. Windward identified at least 21 new AIS jamming clusters across UAE, Qatari, Omani, and Iranian waters. In a 33-kilometre-wide waterway with two unidirectional sea lanes, navigation system reliability that puts your supertanker on dry land is not an inconvenience. It is a collision risk with no missile required.

The independent defence expert Michael Horowitz describes the structural asymmetry to Lloyd’s List: even an optimistic naval escort scenario would reduce traffic to ten percent of normal volume, with a backlog of over 600 stranded vessels taking months to clear. 40,000 seafarers are currently trapped on vessels on either side of the strait, per the International Maritime Employers’ Council. As of March 19, the US began a military campaign to force the strait open. As of March 23, Trump extended his deadline and commercial traffic remains at a standstill.

The GPS spoofing dimension intersects directly with my research on protecting submarine cable and satellite infrastructure through AI surveillance — GPS timing signals are not just for navigation. They are used in power grid synchronisation, financial transaction timestamping, telecommunications network coordination, and precision manufacturing. The electronic warfare environment now active across the Persian Gulf and extending through Oman, Qatar, and UAE waters is creating GPS signal degradation across geographic zones that extend well beyond the conflict zone itself.

The Cyber Layer Nobody Is Writing About

The mainstream coverage of Hormuz’s closure treats GPS spoofing as a tactical naval problem — something affecting ships’ navigation instruments. It is significantly more than that, and the enterprise security implications are specific.

GPS spoofing at the scale Windward documents — ground-based transmitters overpowering legitimate satellite signals across thousands of square kilometres — is fundamentally the same class of attack as the GPS spoofing campaigns that have been documented in the Baltic Sea, the Black Sea, and the eastern Mediterranean since 2018. Russia pioneered the operational use of broad-area GPS spoofing as a military tool with exactly the architecture now operating in the Gulf. Windward explicitly notes that “similar patterns have appeared in the Baltic, Black Sea, and Red Sea.” What Iran has deployed in the Strait of Hormuz is the same technique, at a larger scale, in a more consequential geography.

The AIS manipulation dimension — vessels going dark, vessels broadcasting false positions, vessels broadcasting national affiliations to gain selective transit permission — is a documented supply chain security problem that predates the current conflict but has now reached an operational scale that will affect global commodity flows for months. Bloomberg’s AIS analysis found approximately one in five vessels that did transit switched off transponders during transit. The vessels that broadcast Chinese-ownership or Muslim-nation-operated status to gain transit permission — the bulk carrier Iron Maiden, the LPG tanker Bogazici — represent an AIS identity manipulation that has direct parallels to the supply chain spoofing and identity manipulation that cybersecurity researchers have been documenting in digital supply chains for years. The Strait of Hormuz has become a live demonstration that physical supply chain actors are running identity deception operations indistinguishable in structure from supply chain attacks in software ecosystems.

The insurance market shock — the structural withdrawal of war-risk reinsurance capacity from London markets — is the under-discussed mechanism that makes reopening the strait so much more complicated than simply winning the military campaign. Per Windward’s March 8 analysis, the collapse in commercial traffic is driven not only by direct kinetic risk “but by a structural insurance shock.” When reinsurance capacity is withdrawn, P&I clubs cannot extend coverage. When P&I clubs cannot extend coverage, ships cannot legally operate in those waters regardless of military conditions. This mechanism is largely irreversible by military action — insurance markets reopen when underwriters assess the risk has structurally changed, which requires not just a military campaign but a sustained demonstrated absence of threat. Clearing mines that may or may not exist and whose maps are held by a party that may not cooperate takes months. The electronic warfare environment can be re-enabled from ground-based transmitters within hours of being suppressed.

The supply chain consequence for European and Asian enterprises is already measurable. Qatar’s Ras Laffan LNG terminal, per Al Jazeera’s reporting, sustained severe damage in Iranian strikes, with QatarEnergy’s CEO assessing repairs at three to five years and describing the destruction as setting the region back “10 to 20 years.” Ras Laffan provides roughly 17 percent of global LNG supply. European markets that depend on Qatari LNG for twelve to fourteen percent of their supply are experiencing the cascade of that disruption right now.

As I wrote in my analysis of how the world’s first full-scale cyber-kinetic war rewrote the rules after Operation Epic Fury, the integration of cyber, electronic warfare, kinetic, and information operations into a single campaign architecture means that responding to any one layer in isolation is insufficient. The Hormuz closure is not a naval problem with a GPS nuisance on the side. It is a multi-domain denial operation where each layer reinforces the others.

Why It Matters Beyond the Conflict Zone

The direct enterprise translation operates at three levels that most supply chain and risk teams have not fully priced in.

First, energy price exposure. Brent crude and LNG spot prices have risen sharply since February 28 and continue to reflect the structural supply constraint from the Hormuz closure. For any organisation with significant energy costs — manufacturing, data centres, logistics, chemicals — the current price environment is not a temporary spike. The mine clearance timeline alone, per the Gulf War precedent, is measured in months. Ras Laffan’s repair timeline is measured in years. The energy price component of your cost structure needs to be modelled against a scenario where Hormuz remains functionally closed through Q4 2026. That is not an extreme scenario. It is what the military and insurance experts are describing as a realistic base case.

Second, global shipping disruption. The Cape of Good Hope diversion — the route around Africa that shipping companies are now using instead of Suez and Hormuz — adds approximately two weeks to Asia-Europe transit times and twenty to thirty percent to shipping costs per voyage. For any organisation whose supply chain depends on just-in-time inventory of components manufactured in Asia, the current maritime disruption is already creating lead time extensions that will appear in Q2 financials. The organisations that are managing this best are the ones that modelled supply chain disruption scenarios before February 28 and pre-positioned inventory.

Third, and specific to security teams: the GPS spoofing environment in the Gulf represents a live proof of concept for broad-area GPS denial that extends into commercial territory well beyond the maritime domain. If your organisation operates any GPS-dependent timing, positioning, or navigation infrastructure — energy grid synchronisation, financial transaction timestamping, aviation ground operations, precision logistics — and your GPS receivers are in or near the affected geographic zone, you are operating in a degraded signal environment. That is not a hypothetical. It is what the Windward data and Bloomberg’s seafarer interviews document happening right now to over 1,650 vessels per day.

What Went Wrong

This one is straightforward and the RFE/RL analysis states it plainly: the Strait of Hormuz’s closure is hard to reverse not because Iran has deployed an overwhelming military capability but because it has deployed an asymmetric one. Mines are cheap. GPS jammers are cheap. Insurance market shock is costless to induce and expensive to reverse. The asymmetry is structural, and it was predictable — the 2023 Houthi Red Sea disruption demonstrated the same template at a smaller scale. Every maritime insurance market, every global shipping operator, and every government that decided not to invest in electronic warfare countermeasures, mine clearance capacity, or alternative routing before February 28 is now paying for that decision.

The Fix — Fixer’s Advice

For enterprise security, supply chain, and risk teams, the operational response has three components.

Supply chain exposure audit:

Map your tier-one and tier-two suppliers against the maritime disruption geography. Which of your components transit through Hormuz? Which of your suppliers source materials from Gulf producers? Which of your energy contracts are on Qatari LNG? For each identified dependency, assess the current lead time extension from Cape of Good Hope routing and the inventory buffer you hold. If your buffer is less than the current disruption-driven lead time extension, identify alternative sources, alternative routing, and inventory pre-positioning options now. The mine clearance timeline means this disruption is not a three-week event. Plan for a six-to-twelve month scenario.

GPS dependency assessment:

Review what operational functions in your organisation depend on GPS timing or positioning signals. Financial institutions: review your transaction timestamping infrastructure for GPS timing dependency and ensure fallback to local atomic clock or network time protocol sources if GPS signals are degraded. Energy operators: review your synchronisation architecture for GPS dependency and the resilience of fallback timing sources. Aviation ground operations in the Gulf: you are already operating with this problem. Ensure your instrument landing and ground navigation procedures have GPS-independent fallback protocols verified and current.

Energy cost hedging and BCP:

Integrate the Hormuz closure scenario into your business continuity planning explicitly. For energy-intensive operations, model a sustained high-energy-cost environment through end of 2026 at minimum. The LNG supply constraint from Ras Laffan damage is a multi-year issue that QatarEnergy’s own CEO has quantified. Your energy procurement contracts, hedging positions, and capital expenditure planning for energy efficiency should reflect the scenario that the military experts are actually describing, not the scenario that assumes the problem resolves in weeks.

Maritime visibility for logistics operators:

If you operate logistics, freight, or shipping functions in or through the Gulf region, integrate AIS dark zone and spoofing-affected area mapping into your vessel tracking. Windward’s analysis demonstrates that standard AIS tracking is unreliable in the current electronic warfare environment across the Gulf, Oman, and surrounding waters. SAR imagery corroborated tracking, RF detection, and Windward-class maritime AI platforms provide the ground truth that AIS alone cannot in jamming-affected environments. Logistics operators routing around the Cape need updated transit time models that reflect the current satellite imagery and RF detection data, not historical AIS-based averages.

Vendor and supplier communications:

Proactively contact tier-one suppliers who have inventory or production dependencies on Gulf-region inputs. Understand their current inventory levels, alternative sourcing options, and production constraint timelines. The organisations that are managing Q2 and Q3 supply constraints most effectively are the ones who mapped this in week one rather than week four. If you haven’t had those conversations yet, this week is the time.

Final Call-Out

Iran has not closed the Strait of Hormuz with a chain across the water. It has made it ungovernable through four interlocking layers of denial, and the electronic warfare layer — GPS spoofing at 1,650 vessels a day, AIS manipulation creating ghost fleets and dark vessels, the destruction of positioning reliability in a 33-kilometre chokepoint — is the layer that makes military force insufficient on its own to reopen it. The enterprise supply chain consequences are not coming. They are here, priced in oil markets and shipping rates and Q2 inventory shortfalls and LNG contracts that nobody hedged against Qatar’s Ras Laffan being offline for five years. Update your models. The strait that carries twenty percent of the world’s seaborne oil is not a temporary news story. It is a multi-year supply chain reality.