Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Pirates Hack Shipping Company: From High Seas to High Tech


VerizonRISK (Research, Investigations, Solutions and Knowledge) Team released a report revealing the victimization of "a global shipping conglomerate" by the pirates who are high-tech. The unspecified company contacted cyber specialists of Verizon, after the adoption of a new strategy by the pirates.

As per a report of Verizon cybersecurity, the swashbuckling criminal's gang hacked computers of an unspecified shipping company, in trying to find the locations of ships and cargo, so that they could attack more efficiently.

Verizon was told by the unnamed shipping company that the pirates used to board their vessels regularly, having a barcode reader (as well as weapons), searching for particular crates, emptying each and every high value cargo, and disappeared with the booty within minutes after their attacks were launched.

Finally, this has made the shipping company to believe that pirates had some knowledge in advance about the actual locations of certain valuables along with the goods existing in the ship, which also made them sure about the hacking. Ubergizmo.com posted on March 2nd, 2016, stating that a malicious web shell might have been uploaded on the shipping company servers that allow the pirates to download company's data, such as shipping manifests.

The hackers uploaded a malicious web shell on server, which has been discovered by the investigators later on. The web shell was uploaded by the hackers using an upload script that was insecure, and after that directly call it because the directory was accessible via web and had execute permissions set on it, without the need of RFI (Remote File Inclusion) or LFI (Local File Inclusion).

Once shipping company was informed about the hack, compromised servers that are important but immediately not so critical for business operations are shut down. The company also blocked the IP address of the threat actors', and then changed all passwords that are compromised and rebuilt servers that are affected. Moving ahead, they started scanning their web applications regularly for vulnerability and applied more formal process of patch management.

Though the method of the pirates was busted as they were not so intelligent, but this might start a new stage in crime by merging piracy with cyber crime.

ยป SPAMfighter News - 3/9/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next