Research

Pirates & Hackers

Written by Reflare Research Team | Apr 13, 2016 12:44:00 PM

Shipping companies now claim that hackers are able to monitor the stock control, ship schedules, and routes of ships, allowing the pirates to track their targets, identify specific cargo, and execute physical attacks with new levels of speed and efficiency.

First Published 13th April 2016

Pirates as hackers.

4 min read  |  Reflare Research Team

Hackers and pirates remind us that all businesses must consider security as a major factor in infrastructure design.

Some of the most unlikely targets are the most financially beneficial for cyber attacks. A shipping company would not seem like a priority target for hackers, but it would be for pirates. Just like pirates in kid's stories, real pirates follow the trading routes of local shippers.

Normally, these pirates attack a ship and must spend time finding crates that contain the best cargo. All shipping companies deal with piracy, but one recently noticed some strange behaviour, the pirates no longer needed time to sift through different crates. Instead, they knew exactly what crate had the best cargo. They spent limited time on the ship, took the cargo and ran. They would only take content from a few target crates and leave the others alone.

This abnormal behaviour led to the shipping company's suspicion and subsequent investigation into the attacks. It was later found that the pirates had paid hackers to gain access to one of the company's web servers. The company did not use an industry-standard CMS system, but it had a custom system that tracked inventory and ship location via GPS. The hackers were able to upload a shell script and take over the server hosting the CMS.

However, the hackers made several mistakes. They used plain HTTP instead of encrypting traffic. They also connected directly from their home machines, so the company was able to block their IPs and hand the information over to investigators.

The attack brings to light the importance that all businesses, not just ones at high risk, should make security a priority when building infrastructure, especially infrastructure that has public-facing components. Pirates paid hackers likely less than $10,000 to gain access to critical components of their business, and the pirates were able to make millions off of the small investment.

This attack should remind businesses that any type of organization can be targeted by hackers. Every business has assets and value. This value can be financially rewarding for competitors and other third parties, which in turn makes it an asset for hackers.