Containerized cargo ships set sail from the Long Beach/Los Angeles port complex in Long Beach, CA, on Wednesday, October 6, 2021.
Jeff Gritchen | MediaNews Group | beautiful pictures
Armed with less than a computer, hackers increasingly set their sights on about some of the greatest things man can build.
Huge cargo ships and massive cargo planes – so essential in today’s global economy – can now be stopped by a new generation of crypto warriors.
David Emm, principal security researcher at cyber firm Kaspersky, told CNBC: “The reality is that aircraft or ships, like any digital system, are vulnerable to attack.
Often, however, it is easier to hack companies operating at ports and airports than it is to gain access to an actual plane or ship.
In December, German company Hellmann Worldwide Logistics said its operations had been affected by a phishing attack. Phishing attacks involve sending fake messages designed to trick people into transferring sensitive information or downloading malicious software.
The company, which provides contract air, sea, road, rail and logistics services, was forced to stop accepting new orders for several days. It’s unclear exactly how much revenue it lost.
Hellmann’s chief information officer, Sami Awad-Hartmann, told CNBC that the company immediately tried to “stop the spread” when it realized it had fallen victim to a cyberattack.
“You need to stop it to make sure it doesn’t go deeper [computing] infrastructure,” he said.
Hellmann, a global company, has disconnected its data centers around the world and shut down some of its systems to limit the spread.
“One of the drastic decisions we made then when we saw that we had some systems infected was that we disconnected from the Internet,” Awad-Hartmann said. “As soon as you take this step, you stop. You don’t work anymore.”
Awad-Hartmann says everything has to be done manually and business continuity plans are kicked in, adding that some parts of the business can handle this better than others. other department.
Awad-Hartmann said the hacker group had two main goals. The first one for Hellmann encryption and the second one for data filtering.
“Then they blackmail you,” he said. “Then the ransom begins.”
Hellmann is not encrypted because it moves quickly and is closed off the internet, Awad-Hartmann said.
“As soon as you’re encrypted, of course your reboot will take longer because you might need to decrypt,” he explains. “You might need to pay a ransom to get the master key and stuff like this.”
Hellmann is working with law enforcement to try to determine who is behind the cyberattack. There is some speculation but no definite answer, Awad-Hartmann said.
First Maersk announced that it was hit by NotPetya – a ransomware attack that prevents people from accessing their data unless they pay $300 in bitcoins – in late June of that year.
“In the last week of [second] we have been affected by a cyber attack that mainly affects Maersk Line, APM Terminals and Damco,” Maersk CEO Soren Skou said in a statement. statement in August 2020.
“Business volume was negatively impacted for a few weeks in July and as a result, our Q3 results will be affected,” he added. “We predict that the cyberattack will negatively impact the outcome between $200 million and $300 million.”
The ransomware attack took advantage of certain security holes in the Windows software platform that Microsoft updated after they were leaked.
“This cyber attack is a never-before-seen type of malware, and updates and patches that apply to both Windows systems and anti-virus software are not effective defenses in this regard.” this is the case,” Maersk said.
“In response to this new type of malware, AP Moller Maersk has introduced various and deeper protections and is continuing to review its systems for protection against attacks.”
In a follow-up article, Gavin Ashton, an IT security specialist at Maersk at the time, wrote that it was “inevitable” for you to be hacked.
“It’s inevitable that one day one will make it through,” Ashton continued. “And obviously, you should have a solid backup plan in the worst-case scenario. But that doesn’t mean you shouldn’t be trying to wage a dangerous war to prevent these attacks in the event of an attack. first. Just because you know the bad guys are coming, doesn’t mean you leave the front door open and make them a cup of tea when they come in. You just need to lock the door.”
Meanwhile, in February 2020, the Japan Post-owned freight forwarder Toll Group has forced to shut down certain IT systems after being hacked. Toll Group did not immediately respond to CNBC’s request for comment.
Sometimes hackers don’t necessarily seek ransom.
In 2013, crime System hacked at port of Antwerp to manipulate the movement of boxes so that they can hide and move their drug shipments.
Once the hackers got into the right system, they changed the locations and delivery times of the containers containing the drugs.
Smugglers then sent their own chauffeurs to pick up the shipping crates filled with drugs before the legal transporters could collect them.
The hackers used phishing and malware attacks – targeting port government employees and shipping companies – to gain access to the system.
The whole plan was uncovered by the police after the shipping lines discovered something was wrong.
Awad-Hartmann said hackers have realized how important global supply chains are and now they know what to expect when they are disrupted.
“It affects the entire world economy,” he said. “You see goods not flowing. You have gaps in supermarkets. Of course, I think hackers see this dependence on this supply chain. And of course a logistics company is their target.”
He added that logistics are being focused at the moment because Global supply chains are in the news.
“But I think it’s a common threat,” he said.
“And this isn’t going away. It’s going to add up. You’re constantly having to check. Are you still preparing? This is what keeps us pretty busy and costs us a lot of money.”