Pirates hack into shipping company’s servers to identify booty | Ars Technica

http://arstechnica.com/security/2016/03/pirates-hack-into-shipping-companys-servers-to-identify-booty/

Posted from WordPress for Android

2 Comments

  1. Tomi Engdahl says:

    The latest group using hacking for nefarious gains: pirates. Synopsys’ Robert Vamosi checks out how a shipping company’s insecure cargo software led to targeted attacks on the open sea.

    Pirates Breach Shipping Company’s Database
    https://blogs.synopsys.com/software-integrity/2016/03/10/pirates-breach-shipping-companys-database/

    At this year RSA Conference, the data breach investigators at Verizon released a Data Breach Digest identifying 18 representative cases from the more than 500 cybersecurity incidents the team has investigated in more than 40 countries. These cases will be used in the Verizon Data Breach Investigation Report 2016 yet to come. For the moment, they provide an in-depth look at specific data breach examples over the years.

    One example included sea-faring pirates who used a data breach to target their victims.

    “Rather than spending days holding boats and their crew hostage while they rummaged through the cargo, these pirates began to attack shipping vessels in an extremely targeted and timely fashion,” the RISK team wrote in the report. “Specifically, they would board a shipping vessel, force the crew into one area and within a short amount of time they would depart. When crews eventually left their safe rooms hours later, it was to find that the pirates had headed straight for certain cargo containers.”

    “It became apparent to the shipping company that the pirates had specific knowledge of the contents of each of the shipping crates being moved. They’d board a vessel, locate by bar code specific sought-after crates containing valuables, steal the contents of that crate—and that crate only—and then depart the vessel without further incident.”

    In this case the shipping company used a home-grown cargo management system (CMS) to track its inventories.

    The pirates, however, were not very skilled. The shell script they ran used straight HTTP rather than the encrypted HTTPS allowing the investigators to see what they were doing. “We were ultimately able to capture every command the threat actors issued, which painted a very clear picture,” the RISK team wrote. “These threat actors, while given points for creativity, were clearly not highly skilled. For instance, we found numerous mistyped commands and observed that (they) constantly struggled to interact with the compromised servers.”

    “The threat actors also showed a lack of concern for their own operational security by failing to use a proxy and connecting directly from their home system,” the RISK team noted.

    Reply
  2. Tomi Engdahl says:

    Researcher: Not Hard for a Hacker to Capsize a Ship at Sea
    https://threatpost.com/hacker-capsize-ship-sea/142077/

    Capsizing a ship with a cyberattack is a relatively low-skill enterprise, according to an analysis from Pen Test Partners.

    With so many previously outlined ways to infiltrate networks on-board shipping vessels (think satcom hacking, phishing, USB attacks, insecure crew Wi-Fi, etc.), the question becomes, what could an adversary do with that access?

    “If one was suitably motivated, perhaps by a nation-state or a crime syndicate, one could bring about the sinking of a ship,” said Pen Test Partners researcher Ken Munro, in a stark assessment of maritime cyber-danger this week.

    Reply

Leave a Reply to Tomi Engdahl Cancel reply

Your email address will not be published. Required fields are marked *

*

*