Pirates have been found to be working in collaboration with hackers to target cargo onboard ships. A global shipping conglomerate targeted by pirates found that their attackers were boarding vessels equipped with weapons, as one would expect but also barcode readers. The pirates routinely searched specific crates, emptied the expensive cargo and promptly retreated with the goods, often in a matter of minutes.
The reputable (but unnamed) shipping company was understandably surprised at quickly the pirates were able to locate their intended cargo so quickly, in the past such operations were known to last several days. It was clear to the shipping crews that the pirates had specific knowledge of the vessels and their cargo.
It was established by analysts from Verizon Enterprise that the company was using an outdated, yet custom-built, content management system (CMS) to handle the bills of lading and shipping schedules. This system was found to have an insecure upload script, the vital folder had 'execute' permissions which allowed for remote commands to be sent and executed via URL parameters. The attackers were running a web shell, an executable code running on a server allows remote access to a variety of critical functions.
The hackers were easily uncovered courtesy of their failure to use a proxy or VPN in order to hide their real IP address, an elementary error in the cybersphere. The information allowed the shipping firm to block the hackers' IP address; remove the web shell; take down the server; then reset the requisite passwords and upgrade the CMS.
0 comments:
Post a Comment