“ is an example of how organized crime is becoming more enterprising, especially online,” he says.Stede Bonnet's career as the "Gentleman Pirate" may represent the worst midlife crisis on record. “Police carried out a series of raids in Belgium and Holland earlier this year, seizing computer-hacking equipment as well as large quantities of cocaine and heroin, guns and a suitcase full of cash. Fifteen people are currently awaiting trial in the two countries. Mr Wainwright says the alleged plot demonstrates how the internet is being used as a “freelance marketplace” in which drug trafficking groups recruit hackers to help them carry out cyber-attacks “to order”. There are numerous cases related to the collaboration between ordinary crime and hacking crews, I remember an episode occurred in 2013 when an investigation of a cyber-attack on the Belgian port of Antwerp allowed law enforcement to discover that drug traffickers recruited hackers to hack IT systems that controlled the movement and location of the containers. Piracy is a very widespread phenomenon in some areas of the world, the use of technology can definitely make the most complex activities of prevention and contrast. The shipping company, once discovered the cyber attacks, secured its servers and improved the operational security of its systems. For instance, we found numerous mistyped commands and observed that the threat actors constantly struggled to interact with the compromised servers.” continues the report. These threat actors, while given points for creativity, were clearly not highly skilled. We were ultimately able to recover every command the threat actors issued, which painted a very clear picture. This allowed us to write code to extract these commands from the full packet capture (FPC) data. As such, all the commands were sent over the internet in plain text. “One of the first mistakes made by the threat actors was failing to enable SSL on the web shell. In the specific case, the hackers made a number of OPSEC mistakes that exposed their identity to the investigators, for example, they failed to protect the traffic to the compromised server. Fast, clean and easy.” states the report. They’d board a vessel, locate by bar code specific sought-after crates containing valuables, steal the contents of that crate-and that crate only-and then depart the vessel without further incident. It became apparent to the shipping company that the pirates had specific knowledge of the contents of each of the shipping crates being moved. When crews eventually left their safe rooms hours later, it was to find that the pirates had headed straight for certain cargo containers. Specifically, they would board a shipping vessel, force the crew into one area and within a short amount of time they would depart. Rather than spending days holding boats and their crew hostage while they rummaged through the cargo, these pirates began to attack shipping vessels in an extremely targeted and timely fashion. “However, in recent months, the pirates had changed their tactics somewhat, and in a manner that the victim found extremely disconcerting. The case was also reported in the Verizon’s Data Breach Digest addendum report. By obtaining the location of the valuable cargo, it makes easier and faster hijacking the vessels. This is a considerable advantage for the traditional piracy, in the past criminals had patrol boats using scanners to locate the precious commodities. The criminal organisation breached the content management system (CMS) of the unnamed shipping company to determinate the exact position of containers having the most valuable cargo. Let’s discuss today of a singular case that demonstrates it, pirates have hacked into a shipping company to locate valuable cargo before hijacking vessels in targeted attacks. The technology is enlarging our surface of attack in a dramatic way, every company in every industry is potentially a target. Real pirates have hacked into a shipping company to locate valuable cargo before hijacking vessels in targeted attacks.
0 Comments
Leave a Reply. |