News

Pirates Identify Booty by Hacking Shipping Company

When people talk about “pirates” and “hacking” together, it usually refers to those who release versions of software with the digital rights management systems removed or disabled. In this case, it was different. Revealed as part of Verizon’s 2015 Data Breach Investigation Report, Verizon’s RISK security response team were called in to assist a global shipping company who had fallen victim to network intrusions that were in turn used to assist in high-seas piracy.

The incident first came to light when the shipping company noticed an odd pattern in the attacks of pirates on their vessels. Instead of the typical approach of ransoming the crew and cargo of a target ship, the pirates instead operated hit-and-run attacks, seizing specific high-value shipping containers and making off with it alone.

The response team discovered that the shipping company had used a “homegrown” Web-based content management system to manage the content of their cargo ships. Upon analysis, it turned out that a malicious shell script had been uploaded to the server via a vulnerability in the software. The script gave the pirates backdoor access to the server, allowing them to upload and download files, including the bills of lading for the ships, as well as compromising a number of user passwords.

Mistakes made by the hackers allowed the hack to be uncovered easy by the response team, the primary one the script’s use of plain HTTP instead of making use of the server’s support for SSL encryption. This exposed every transmission of data to and from the server by the pirates when using the script. When put together, the team were able to see every command issued by the hackers, including a large number of spelling mistakes made in their commands. So while these cyber-attacks were certainly effective while paired with the physical attacks on the ships, those perpetrating the attacks were seemingly amateur. The biggest flaw in their hacks, however, was a complete disregard for operational security, using no proxies or other intermediaries, instead connecting directly from their home network. As a result, all it took to end the attack was the banning of the pirate hacker’s IP address.

Cyber-crime may be a serious threat in the world today, however, events like this have proven that attacks that combine both cyber and physical elements can be the most effective. Thankfully in this incident, the hackers proved themselves to have a level of incompetence that allowed them to be thwarted, but companies should be sure, more than ever, to defend themselves, not just in the physical world, but the online too.

Alexander Neil

Disqus Comments Loading...

Recent Posts

Twitch Now Banning All Content Focusing On Intimate Body Parts

As by now, I'm sure you are aware Twitch has decided to go ahead and…

3 hours ago

Seconds Patch of “Operation Medic Bag” For Payday 3 Released

I doubt many of you have been keeping up with Payday 3 which is understandable…

4 hours ago

MSI Announces SPATIUM M580 FROZR With A Huge Cooler

Today MSI has announced a new Gen 5 SSD, the SPATIUM M580 FROZR which comes…

4 hours ago

LENRUE PC Speakers, USB/USB-C Powered Computer Speakers with Loud Stereo Sound

Stereo and Noiseless - Without any noise! After multiple debugging, suppress static. Become clearer and…

5 hours ago

HP M27f Ultraslim Monitor 27 Inch

PICTURE-PERFECT IMMERSION – Work or play on a monitor that redefines high definition with its…

5 hours ago

Govee LED Light Bars, Smart WiFi RGBIC TV Backlight

Syncs With Your Music: With an internal high-sensitivity mic, Govee Flow Plus LED light bars…

5 hours ago